From: keescook@chromium.org (Kees Cook)
To: linux-security-module@vger.kernel.org
Subject: [PATCH 06/17] doc: security: minor cleanups to build kernel-doc
Date: Sat, 13 May 2017 04:51:42 -0700 [thread overview]
Message-ID: <1494676313-144890-7-git-send-email-keescook@chromium.org> (raw)
In-Reply-To: <1494676313-144890-1-git-send-email-keescook@chromium.org>
These fixes were needed to parse lsm_hooks.h kernel-doc. More work is
needed, but this is the first step.
Cc: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
include/linux/lsm_hooks.h | 25 ++++++++++++-------------
1 file changed, 12 insertions(+), 13 deletions(-)
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 080f34e66017..a1eeaf603d2f 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -29,6 +29,8 @@
#include <linux/rculist.h>
/**
+ * union security_list_options - Linux Security Module hook function list
+ *
* Security hooks for program execution operations.
*
* @bprm_set_creds:
@@ -193,8 +195,8 @@
* @value will be set to the allocated attribute value.
* @len will be set to the length of the value.
* Returns 0 if @name and @value have been successfully set,
- * -EOPNOTSUPP if no security attribute is needed, or
- * -ENOMEM on memory allocation failure.
+ * -EOPNOTSUPP if no security attribute is needed, or
+ * -ENOMEM on memory allocation failure.
* @inode_create:
* Check permission to create a regular file.
* @dir contains inode structure of the parent of the new file.
@@ -510,8 +512,7 @@
* process @tsk. Note that this hook is sometimes called from interrupt.
* Note that the fown_struct, @fown, is never outside the context of a
* struct file, so the file structure (and associated security information)
- * can always be obtained:
- * container_of(fown, struct file, f_owner)
+ * can always be obtained: container_of(fown, struct file, f_owner)
* @tsk contains the structure of task receiving signal.
* @fown contains the file owner information.
* @sig is the signal that will be sent. When 0, kernel sends SIGIO.
@@ -521,7 +522,7 @@
* to receive an open file descriptor via socket IPC.
* @file contains the file structure being received.
* Return 0 if permission is granted.
- * @file_open
+ * @file_open:
* Save open-time permission checking state for later use upon
* file_permission, and recheck access if anything has changed
* since inode_permission.
@@ -1143,7 +1144,7 @@
* @sma contains the semaphore structure. May be NULL.
* @cmd contains the operation to be performed.
* Return 0 if permission is granted.
- * @sem_semop
+ * @sem_semop:
* Check permissions before performing operations on members of the
* semaphore set @sma. If the @alter flag is nonzero, the semaphore set
* may be modified.
@@ -1153,20 +1154,20 @@
* @alter contains the flag indicating whether changes are to be made.
* Return 0 if permission is granted.
*
- * @binder_set_context_mgr
+ * @binder_set_context_mgr:
* Check whether @mgr is allowed to be the binder context manager.
* @mgr contains the task_struct for the task being registered.
* Return 0 if permission is granted.
- * @binder_transaction
+ * @binder_transaction:
* Check whether @from is allowed to invoke a binder transaction call
* to @to.
* @from contains the task_struct for the sending task.
* @to contains the task_struct for the receiving task.
- * @binder_transfer_binder
+ * @binder_transfer_binder:
* Check whether @from is allowed to transfer a binder reference to @to.
* @from contains the task_struct for the sending task.
* @to contains the task_struct for the receiving task.
- * @binder_transfer_file
+ * @binder_transfer_file:
* Check whether @from is allowed to transfer @file to @to.
* @from contains the task_struct for the sending task.
* @file contains the struct file being transferred.
@@ -1214,7 +1215,7 @@
* @cred contains the credentials to use.
* @ns contains the user namespace we want the capability in
* @cap contains the capability <include/linux/capability.h>.
- * @audit: Whether to write an audit message or not
+ * @audit contains whether to write an audit message or not
* Return 0 if the capability is granted for @tsk.
* @syslog:
* Check permission before accessing the kernel message ring or changing
@@ -1336,9 +1337,7 @@
* @inode we wish to get the security context of.
* @ctx is a pointer in which to place the allocated security context.
* @ctxlen points to the place to put the length of @ctx.
- * This is the main security structure.
*/
-
union security_list_options {
int (*binder_set_context_mgr)(struct task_struct *mgr);
int (*binder_transaction)(struct task_struct *from,
--
2.7.4
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-05-13 11:51 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-13 11:51 [PATCH 00/17] convert/reorganize Documentation/security/ Kees Cook
2017-05-13 11:51 ` [PATCH 01/17] doc: ReSTify seccomp_filter.txt Kees Cook
2017-05-13 11:51 ` [PATCH 02/17] doc: ReSTify no_new_privs.txt Kees Cook
2017-05-13 11:51 ` [PATCH 03/17] doc: ReSTify IMA-templates.txt Kees Cook
2017-05-13 11:51 ` [PATCH 04/17] doc: ReSTify credentials.txt Kees Cook
2017-05-13 11:51 ` [PATCH 05/17] doc: ReSTify self-protection.txt Kees Cook
2017-05-13 11:51 ` Kees Cook [this message]
2017-05-14 23:17 ` [PATCH 06/17] doc: security: minor cleanups to build kernel-doc James Morris
2017-05-15 17:21 ` Jonathan Corbet
2017-05-15 0:00 ` Casey Schaufler
2017-05-15 14:42 ` Kees Cook
2017-05-13 11:51 ` [PATCH 07/17] doc: ReSTify and split LSM.txt Kees Cook
2017-05-13 11:51 ` [PATCH 08/17] doc: ReSTify SELinux.txt Kees Cook
2017-05-17 20:08 ` Paul Moore
2017-05-13 11:51 ` [PATCH 09/17] doc: ReSTify apparmor.txt Kees Cook
2017-05-13 19:47 ` John Johansen
2017-05-13 11:51 ` [PATCH 10/17] doc: ReSTify tomoyo.txt Kees Cook
2017-05-14 6:51 ` Tetsuo Handa
2017-05-13 11:51 ` [PATCH 11/17] doc: ReSTify Yama.txt Kees Cook
2017-05-13 11:51 ` [PATCH 12/17] doc: ReSTify LoadPin.txt Kees Cook
2017-05-13 11:51 ` [PATCH 13/17] doc: ReSTify Smack.txt Kees Cook
2017-05-15 14:13 ` Casey Schaufler
2017-05-13 11:51 ` [PATCH 14/17] doc: ReSTify keys.txt Kees Cook
2017-05-13 11:51 ` [PATCH 15/17] doc: ReSTify keys-ecryptfs.txt Kees Cook
2017-05-13 11:51 ` [PATCH 16/17] doc: ReSTify keys-request-key.txt Kees Cook
2017-05-13 11:51 ` [PATCH 17/17] doc: ReSTify keys-trusted-encrypted.txt Kees Cook
2017-05-15 17:26 ` [PATCH 00/17] convert/reorganize Documentation/security/ Jonathan Corbet
2017-05-15 17:33 ` Kees Cook
2017-05-18 16:49 ` Jonathan Corbet
2017-05-18 17:01 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1494676313-144890-7-git-send-email-keescook@chromium.org \
--to=keescook@chromium.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).