Linux Security Modules development
 help / color / mirror / Atom feed
* [PATCH 04/16] powerpc/xmon: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The change is purely cosmetic at this point in time, but it does highlight
the change done in lib/string.c for match_string().

Particularly for this change, if a regname is removed (replaced with NULL)
in the list, the match_string() helper will continue until the end of the
array and ignore the NULL.
This would technically allow for "reserved" regs, though here it's not the
case.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 arch/powerpc/xmon/xmon.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/powerpc/xmon/xmon.c b/arch/powerpc/xmon/xmon.c
index efca104ac0cb..b84a7fc1112b 100644
--- a/arch/powerpc/xmon/xmon.c
+++ b/arch/powerpc/xmon/xmon.c
@@ -3231,7 +3231,7 @@ scanhex(unsigned long *vp)
 			regname[i] = c;
 		}
 		regname[i] = 0;
-		i = __match_string(regnames, N_PTREGS, regname);
+		i = match_string(regnames, regname);
 		if (i < 0) {
 			printf("invalid register name '%%%s'\n", regname);
 			return 0;
-- 
2.17.1


^ permalink raw reply related

* [PATCH 03/16] lib,treewide: add new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

This change re-introduces `match_string()` as a macro that uses
ARRAY_SIZE() to compute the size of the array.
The macro is added in all the places that do
`match_string(_a, ARRAY_SIZE(_a), s)`, since the change is pretty
straightforward.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 drivers/clk/bcm/clk-bcm2835.c                    | 4 +---
 drivers/gpio/gpiolib-of.c                        | 2 +-
 drivers/gpu/drm/i915/intel_pipe_crc.c            | 2 +-
 drivers/mfd/omap-usb-host.c                      | 2 +-
 drivers/net/wireless/intel/iwlwifi/mvm/debugfs.c | 2 +-
 drivers/pci/pcie/aer.c                           | 2 +-
 drivers/usb/common/common.c                      | 4 ++--
 drivers/usb/typec/class.c                        | 8 +++-----
 drivers/usb/typec/tps6598x.c                     | 2 +-
 drivers/vfio/vfio.c                              | 4 +---
 include/linux/string.h                           | 9 +++++++++
 sound/firewire/oxfw/oxfw.c                       | 2 +-
 sound/soc/codecs/max98088.c                      | 2 +-
 sound/soc/codecs/max98095.c                      | 2 +-
 14 files changed, 25 insertions(+), 22 deletions(-)

diff --git a/drivers/clk/bcm/clk-bcm2835.c b/drivers/clk/bcm/clk-bcm2835.c
index a775f6a1f717..1ab388590ead 100644
--- a/drivers/clk/bcm/clk-bcm2835.c
+++ b/drivers/clk/bcm/clk-bcm2835.c
@@ -1390,9 +1390,7 @@ static struct clk_hw *bcm2835_register_clock(struct bcm2835_cprman *cprman,
 	for (i = 0; i < data->num_mux_parents; i++) {
 		parents[i] = data->parents[i];
 
-		ret = __match_string(cprman_parent_names,
-				     ARRAY_SIZE(cprman_parent_names),
-				     parents[i]);
+		ret = match_string(cprman_parent_names, parents[i]);
 		if (ret >= 0)
 			parents[i] = cprman->real_parent_names[ret];
 	}
diff --git a/drivers/gpio/gpiolib-of.c b/drivers/gpio/gpiolib-of.c
index 27d6f04ab58e..71e886869d78 100644
--- a/drivers/gpio/gpiolib-of.c
+++ b/drivers/gpio/gpiolib-of.c
@@ -279,7 +279,7 @@ static struct gpio_desc *of_find_regulator_gpio(struct device *dev, const char *
 	if (!con_id)
 		return ERR_PTR(-ENOENT);
 
-	i = __match_string(whitelist, ARRAY_SIZE(whitelist), con_id);
+	i = match_string(whitelist, con_id);
 	if (i < 0)
 		return ERR_PTR(-ENOENT);
 
diff --git a/drivers/gpu/drm/i915/intel_pipe_crc.c b/drivers/gpu/drm/i915/intel_pipe_crc.c
index 286fad1f0e08..6fc4f3d3d1f6 100644
--- a/drivers/gpu/drm/i915/intel_pipe_crc.c
+++ b/drivers/gpu/drm/i915/intel_pipe_crc.c
@@ -449,7 +449,7 @@ display_crc_ctl_parse_source(const char *buf, enum intel_pipe_crc_source *s)
 		return 0;
 	}
 
-	i = __match_string(pipe_crc_sources, ARRAY_SIZE(pipe_crc_sources), buf);
+	i = match_string(pipe_crc_sources, buf);
 	if (i < 0)
 		return i;
 
diff --git a/drivers/mfd/omap-usb-host.c b/drivers/mfd/omap-usb-host.c
index 9aaacb5bdb26..53dff34c0afc 100644
--- a/drivers/mfd/omap-usb-host.c
+++ b/drivers/mfd/omap-usb-host.c
@@ -509,7 +509,7 @@ static int usbhs_omap_get_dt_pdata(struct device *dev,
 			continue;
 
 		/* get 'enum usbhs_omap_port_mode' from port mode string */
-		ret = __match_string(port_modes, ARRAY_SIZE(port_modes), mode);
+		ret = match_string(port_modes, mode);
 		if (ret < 0) {
 			dev_warn(dev, "Invalid port%d-mode \"%s\" in device tree\n",
 					i, mode);
diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/debugfs.c b/drivers/net/wireless/intel/iwlwifi/mvm/debugfs.c
index 59ce3ff35553..778b4dfd8b75 100644
--- a/drivers/net/wireless/intel/iwlwifi/mvm/debugfs.c
+++ b/drivers/net/wireless/intel/iwlwifi/mvm/debugfs.c
@@ -667,7 +667,7 @@ iwl_dbgfs_bt_force_ant_write(struct iwl_mvm *mvm, char *buf,
 	};
 	int ret, bt_force_ant_mode;
 
-	ret = __match_string(modes_str, ARRAY_SIZE(modes_str), buf);
+	ret = match_string(modes_str, buf);
 	if (ret < 0)
 		return ret;
 
diff --git a/drivers/pci/pcie/aer.c b/drivers/pci/pcie/aer.c
index 41a0773a1cbc..2278caba109c 100644
--- a/drivers/pci/pcie/aer.c
+++ b/drivers/pci/pcie/aer.c
@@ -203,7 +203,7 @@ void pcie_ecrc_get_policy(char *str)
 {
 	int i;
 
-	i = __match_string(ecrc_policy_str, ARRAY_SIZE(ecrc_policy_str), str);
+	i = match_string(ecrc_policy_str, str);
 	if (i < 0)
 		return;
 
diff --git a/drivers/usb/common/common.c b/drivers/usb/common/common.c
index bca0c404c6ca..5a651d311d38 100644
--- a/drivers/usb/common/common.c
+++ b/drivers/usb/common/common.c
@@ -68,7 +68,7 @@ enum usb_device_speed usb_get_maximum_speed(struct device *dev)
 	if (ret < 0)
 		return USB_SPEED_UNKNOWN;
 
-	ret = __match_string(speed_names, ARRAY_SIZE(speed_names), maximum_speed);
+	ret = match_string(speed_names, maximum_speed);
 
 	return (ret < 0) ? USB_SPEED_UNKNOWN : ret;
 }
@@ -106,7 +106,7 @@ static enum usb_dr_mode usb_get_dr_mode_from_string(const char *str)
 {
 	int ret;
 
-	ret = __match_string(usb_dr_modes, ARRAY_SIZE(usb_dr_modes), str);
+	ret = match_string(usb_dr_modes, str);
 	return (ret < 0) ? USB_DR_MODE_UNKNOWN : ret;
 }
 
diff --git a/drivers/usb/typec/class.c b/drivers/usb/typec/class.c
index 4abc5a76ec51..38ac776cba8a 100644
--- a/drivers/usb/typec/class.c
+++ b/drivers/usb/typec/class.c
@@ -1409,8 +1409,7 @@ EXPORT_SYMBOL_GPL(typec_set_pwr_opmode);
  */
 int typec_find_port_power_role(const char *name)
 {
-	return __match_string(typec_port_power_roles,
-			      ARRAY_SIZE(typec_port_power_roles), name);
+	return match_string(typec_port_power_roles, name);
 }
 EXPORT_SYMBOL_GPL(typec_find_port_power_role);
 
@@ -1424,7 +1423,7 @@ EXPORT_SYMBOL_GPL(typec_find_port_power_role);
  */
 int typec_find_power_role(const char *name)
 {
-	return __match_string(typec_roles, ARRAY_SIZE(typec_roles), name);
+	return match_string(typec_roles, name);
 }
 EXPORT_SYMBOL_GPL(typec_find_power_role);
 
@@ -1438,8 +1437,7 @@ EXPORT_SYMBOL_GPL(typec_find_power_role);
  */
 int typec_find_port_data_role(const char *name)
 {
-	return __match_string(typec_port_data_roles,
-			      ARRAY_SIZE(typec_port_data_roles), name);
+	return match_string(typec_port_data_roles, name);
 }
 EXPORT_SYMBOL_GPL(typec_find_port_data_role);
 
diff --git a/drivers/usb/typec/tps6598x.c b/drivers/usb/typec/tps6598x.c
index 0389e4391faf..0c4e47868590 100644
--- a/drivers/usb/typec/tps6598x.c
+++ b/drivers/usb/typec/tps6598x.c
@@ -423,7 +423,7 @@ static int tps6598x_check_mode(struct tps6598x *tps)
 	if (ret)
 		return ret;
 
-	switch (__match_string(modes, ARRAY_SIZE(modes), mode)) {
+	switch (match_string(modes, mode)) {
 	case TPS_MODE_APP:
 		return 0;
 	case TPS_MODE_BOOT:
diff --git a/drivers/vfio/vfio.c b/drivers/vfio/vfio.c
index b31585ecf48f..fe8283d3781b 100644
--- a/drivers/vfio/vfio.c
+++ b/drivers/vfio/vfio.c
@@ -637,9 +637,7 @@ static bool vfio_dev_whitelisted(struct device *dev, struct device_driver *drv)
 			return true;
 	}
 
-	return __match_string(vfio_driver_whitelist,
-			      ARRAY_SIZE(vfio_driver_whitelist),
-			      drv->name) >= 0;
+	return match_string(vfio_driver_whitelist, drv->name) >= 0;
 }
 
 /*
diff --git a/include/linux/string.h b/include/linux/string.h
index 531d04308ff9..07e9f89088df 100644
--- a/include/linux/string.h
+++ b/include/linux/string.h
@@ -194,6 +194,15 @@ static inline int strtobool(const char *s, bool *res)
 int __match_string(const char * const *array, size_t n, const char *string);
 int __sysfs_match_string(const char * const *array, size_t n, const char *s);
 
+/**
+ * match_string - matches given string in an array
+ * @_a: array of strings
+ * @_s: string to match with
+ *
+ * Helper for __match_string(). Calculates the size of @a automatically.
+ */
+#define match_string(_a, _s) __match_string(_a, ARRAY_SIZE(_a), _s)
+
 /**
  * sysfs_match_string - matches given string in an array
  * @_a: array of strings
diff --git a/sound/firewire/oxfw/oxfw.c b/sound/firewire/oxfw/oxfw.c
index 9ec5316f3bb5..433fc84c4f90 100644
--- a/sound/firewire/oxfw/oxfw.c
+++ b/sound/firewire/oxfw/oxfw.c
@@ -57,7 +57,7 @@ static bool detect_loud_models(struct fw_unit *unit)
 	if (err < 0)
 		return false;
 
-	return __match_string(models, ARRAY_SIZE(models), model) >= 0;
+	return match_string(models, model) >= 0;
 }
 
 static int name_card(struct snd_oxfw *oxfw)
diff --git a/sound/soc/codecs/max98088.c b/sound/soc/codecs/max98088.c
index 3ef743075bda..911ffe84c37e 100644
--- a/sound/soc/codecs/max98088.c
+++ b/sound/soc/codecs/max98088.c
@@ -1405,7 +1405,7 @@ static int max98088_get_channel(struct snd_soc_component *component, const char
 {
 	int ret;
 
-	ret = __match_string(eq_mode_name, ARRAY_SIZE(eq_mode_name), name);
+	ret = match_string(eq_mode_name, name);
 	if (ret < 0)
 		dev_err(component->dev, "Bad EQ channel name '%s'\n", name);
 	return ret;
diff --git a/sound/soc/codecs/max98095.c b/sound/soc/codecs/max98095.c
index cd69916d5dcb..d182d45d0c83 100644
--- a/sound/soc/codecs/max98095.c
+++ b/sound/soc/codecs/max98095.c
@@ -1636,7 +1636,7 @@ static int max98095_get_bq_channel(struct snd_soc_component *component,
 {
 	int ret;
 
-	ret = __match_string(bq_mode_name, ARRAY_SIZE(bq_mode_name), name);
+	ret = match_string(bq_mode_name, name);
 	if (ret < 0)
 		dev_err(component->dev, "Bad biquad channel name '%s'\n", name);
 	return ret;
-- 
2.17.1


^ permalink raw reply related

* [PATCH 05/16] ALSA: oxygen: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The change is purely cosmetic at this point in time, but it does highlight
the change done in lib/string.c for match_string().

Particularly for this change, a control mode can be removed/added at a
different index/enum-value, and the match_string() helper will continue
until the end of the array and ignore the NULL.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 sound/pci/oxygen/oxygen_mixer.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sound/pci/oxygen/oxygen_mixer.c b/sound/pci/oxygen/oxygen_mixer.c
index 13c2fb75fd71..961fd1cbc712 100644
--- a/sound/pci/oxygen/oxygen_mixer.c
+++ b/sound/pci/oxygen/oxygen_mixer.c
@@ -1086,7 +1086,7 @@ static int add_controls(struct oxygen *chip,
 		err = snd_ctl_add(chip->card, ctl);
 		if (err < 0)
 			return err;
-		j = __match_string(known_ctl_names, CONTROL_COUNT, ctl->id.name);
+		j = match_string(known_ctl_names, ctl->id.name);
 		if (j >= 0) {
 			chip->controls[j] = ctl;
 			ctl->private_free = oxygen_any_ctl_free;
-- 
2.17.1


^ permalink raw reply related

* [PATCH 06/16] x86/mtrr: use new match_string() helper + add gaps == minor fix
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

This change is a bit more than cosmetic.

It replaces 2 values in mtrr_strings with NULL. Previously, they were
defined as "?", which is not great because you could technically pass "?",
and you would get value 2.
It's not sure whether that was intended (likely it wasn't), but this fixes
that.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 arch/x86/kernel/cpu/mtrr/if.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/arch/x86/kernel/cpu/mtrr/if.c b/arch/x86/kernel/cpu/mtrr/if.c
index 4ec7a5f7b94c..e67820a044cc 100644
--- a/arch/x86/kernel/cpu/mtrr/if.c
+++ b/arch/x86/kernel/cpu/mtrr/if.c
@@ -20,8 +20,8 @@ static const char *const mtrr_strings[MTRR_NUM_TYPES] =
 {
 	"uncachable",		/* 0 */
 	"write-combining",	/* 1 */
-	"?",			/* 2 */
-	"?",			/* 3 */
+	NULL,			/* 2 */
+	NULL,			/* 3 */
 	"write-through",	/* 4 */
 	"write-protect",	/* 5 */
 	"write-back",		/* 6 */
@@ -29,7 +29,9 @@ static const char *const mtrr_strings[MTRR_NUM_TYPES] =
 
 const char *mtrr_attrib_to_str(int x)
 {
-	return (x <= 6) ? mtrr_strings[x] : "?";
+	if ((x >= ARRAY_SIZE(mtrr_strings)) || (mtrr_strings[x] == NULL))
+		return "?";
+	return mtrr_strings[x];
 }
 
 #ifdef CONFIG_PROC_FS
@@ -142,7 +144,7 @@ mtrr_write(struct file *file, const char __user *buf, size_t len, loff_t * ppos)
 		return -EINVAL;
 	ptr = skip_spaces(ptr + 5);
 
-	i = __match_string(mtrr_strings, MTRR_NUM_TYPES, ptr);
+	i = match_string(mtrr_strings, ptr);
 	if (i < 0)
 		return i;
 
-- 
2.17.1


^ permalink raw reply related

* [PATCH 08/16] cpufreq/intel_pstate: remove NULL entry + use match_string()
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The change is mostly cosmetic.

The `energy_perf_strings` array is static, so match_string() can be used
(which will implicitly do a ARRAY_SIZE(energy_perf_strings)).

The only small benefit here, is the reduction of the array size by 1
element.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 drivers/cpufreq/intel_pstate.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/cpufreq/intel_pstate.c b/drivers/cpufreq/intel_pstate.c
index 6ed1e705bc05..ab9a0b34b900 100644
--- a/drivers/cpufreq/intel_pstate.c
+++ b/drivers/cpufreq/intel_pstate.c
@@ -593,8 +593,7 @@ static const char * const energy_perf_strings[] = {
 	"performance",
 	"balance_performance",
 	"balance_power",
-	"power",
-	NULL
+	"power"
 };
 static const unsigned int epp_values[] = {
 	HWP_EPP_PERFORMANCE,
@@ -680,8 +679,8 @@ static ssize_t show_energy_performance_available_preferences(
 	int i = 0;
 	int ret = 0;
 
-	while (energy_perf_strings[i] != NULL)
-		ret += sprintf(&buf[ret], "%s ", energy_perf_strings[i++]);
+	for (; i < ARRAY_SIZE(energy_perf_strings); i++)
+		ret += sprintf(&buf[ret], "%s ", energy_perf_strings[i]);
 
 	ret += sprintf(&buf[ret], "\n");
 
@@ -701,7 +700,7 @@ static ssize_t store_energy_performance_preference(
 	if (ret != 1)
 		return -EINVAL;
 
-	ret = __match_string(energy_perf_strings, -1, str_preference);
+	ret = match_string(energy_perf_strings, str_preference);
 	if (ret < 0)
 		return ret;
 
-- 
2.17.1


^ permalink raw reply related

* [PATCH 09/16] mmc: sdhci-xenon: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The change is also cosmetic, but it also does a tighter coupling between
the enums & the string values. This way, the ARRAY_SIZE(phy_types) that is
implicitly done in the match_string() macro is also a bit safer.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 drivers/mmc/host/sdhci-xenon-phy.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/drivers/mmc/host/sdhci-xenon-phy.c b/drivers/mmc/host/sdhci-xenon-phy.c
index 59b7a6cac995..2a9206867fe1 100644
--- a/drivers/mmc/host/sdhci-xenon-phy.c
+++ b/drivers/mmc/host/sdhci-xenon-phy.c
@@ -135,17 +135,17 @@ struct xenon_emmc_phy_regs {
 	u32 logic_timing_val;
 };
 
-static const char * const phy_types[] = {
-	"emmc 5.0 phy",
-	"emmc 5.1 phy"
-};
-
 enum xenon_phy_type_enum {
 	EMMC_5_0_PHY,
 	EMMC_5_1_PHY,
 	NR_PHY_TYPES
 };
 
+static const char * const phy_types[NR_PHY_TYPES] = {
+	[EMMC_5_0_PHY] = "emmc 5.0 phy",
+	[EMMC_5_1_PHY] = "emmc 5.1 phy"
+};
+
 enum soc_pad_ctrl_type {
 	SOC_PAD_SD,
 	SOC_PAD_FIXED_1_8V,
@@ -821,7 +821,7 @@ static int xenon_add_phy(struct device_node *np, struct sdhci_host *host,
 	struct xenon_priv *priv = sdhci_pltfm_priv(pltfm_host);
 	int ret;
 
-	priv->phy_type = __match_string(phy_types, NR_PHY_TYPES, phy_name);
+	priv->phy_type = match_string(phy_types, phy_name);
 	if (priv->phy_type < 0) {
 		dev_err(mmc_dev(host->mmc),
 			"Unable to determine PHY name %s. Use default eMMC 5.1 PHY\n",
-- 
2.17.1


^ permalink raw reply related

* [PATCH 10/16] pinctrl: armada-37xx: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The change is mostly cosmetic.

The `armada_37xx_pin_group` struct is defined as.
struct armada_37xx_pin_group {
        const char      *name;
        unsigned int    start_pin;
        unsigned int    npins;
        u32             reg_mask;
        u32             val[NB_FUNCS];
        unsigned int    extra_pin;
        unsigned int    extra_npins;
        const char      *funcs[NB_FUNCS];
        unsigned int    *pins;
};

The `funcs` field is a static array of strings, so using the
new `match_string()` helper (which does an implicit ARRAY_SIZE(gp->funcs))
should be fine.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/pinctrl/mvebu/pinctrl-armada-37xx.c b/drivers/pinctrl/mvebu/pinctrl-armada-37xx.c
index 07a5bcaa0067..68b0db5ef5e9 100644
--- a/drivers/pinctrl/mvebu/pinctrl-armada-37xx.c
+++ b/drivers/pinctrl/mvebu/pinctrl-armada-37xx.c
@@ -348,7 +348,7 @@ static int armada_37xx_pmx_set_by_name(struct pinctrl_dev *pctldev,
 	dev_dbg(info->dev, "enable function %s group %s\n",
 		name, grp->name);
 
-	func = __match_string(grp->funcs, NB_FUNCS, name);
+	func = match_string(grp->funcs, name);
 	if (func < 0)
 		return -ENOTSUPP;
 
@@ -938,7 +938,7 @@ static int armada_37xx_fill_func(struct armada_37xx_pinctrl *info)
 			struct armada_37xx_pin_group *gp = &info->groups[g];
 			int f;
 
-			f = __match_string(gp->funcs, NB_FUNCS, name);
+			f = match_string(gp->funcs, name);
 			if (f < 0)
 				continue;
 
-- 
2.17.1


^ permalink raw reply related

* [PATCH 11/16] mm/vmpressure.c: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

__match_string() is called on 2 static array of strings in this file. For
this reason, the conversion to the new match_string() macro/helper, was
done in this separate commit.

Using the new match_string() helper is mostly a cosmetic change (at this
point in time). The sizes of the arrays will be computed automatically,
which would only help if they ever get expanded.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 mm/vmpressure.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mm/vmpressure.c b/mm/vmpressure.c
index d43f33139568..b8149924f078 100644
--- a/mm/vmpressure.c
+++ b/mm/vmpressure.c
@@ -378,7 +378,7 @@ int vmpressure_register_event(struct mem_cgroup *memcg,
 
 	/* Find required level */
 	token = strsep(&spec, ",");
-	level = __match_string(vmpressure_str_levels, VMPRESSURE_NUM_LEVELS, token);
+	level = match_string(vmpressure_str_levels, token);
 	if (level < 0) {
 		ret = level;
 		goto out;
@@ -387,7 +387,7 @@ int vmpressure_register_event(struct mem_cgroup *memcg,
 	/* Find optional mode */
 	token = strsep(&spec, ",");
 	if (token) {
-		mode = __match_string(vmpressure_str_modes, VMPRESSURE_NUM_MODES, token);
+		mode = match_string(vmpressure_str_modes, token);
 		if (mode < 0) {
 			ret = mode;
 			goto out;
-- 
2.17.1


^ permalink raw reply related

* [PATCH 12/16] rdmacg: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The `rdmacg_resource_names` array is a static array of strings.
Using match_string() (which computes the array size via ARRAY_SIZE())
is possible.

The change is mostly cosmetic.
No functionality change.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 kernel/cgroup/rdma.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/cgroup/rdma.c b/kernel/cgroup/rdma.c
index 65d4df148603..71c3d305bd1f 100644
--- a/kernel/cgroup/rdma.c
+++ b/kernel/cgroup/rdma.c
@@ -367,7 +367,7 @@ static int parse_resource(char *c, int *intval)
 	if (!name || !value)
 		return -EINVAL;
 
-	i = __match_string(rdmacg_resource_names, RDMACG_RESOURCE_MAX, name);
+	i = match_string(rdmacg_resource_names, name);
 	if (i < 0)
 		return i;
 
-- 
2.17.1


^ permalink raw reply related

* [PATCH 13/16] drm/edid: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The `generic_edid_name` is a static array of strings.
Using match_string() (which computes the array size via ARRAY_SIZE())
is possible.

The change is mostly cosmetic.
No functionality change.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 drivers/gpu/drm/drm_edid_load.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/drm_edid_load.c b/drivers/gpu/drm/drm_edid_load.c
index 1450051972ea..66e1e325ff37 100644
--- a/drivers/gpu/drm/drm_edid_load.c
+++ b/drivers/gpu/drm/drm_edid_load.c
@@ -186,7 +186,7 @@ static void *edid_load(struct drm_connector *connector, const char *name,
 	int i, valid_extensions = 0;
 	bool print_bad_edid = !connector->bad_edid_counter || (drm_debug & DRM_UT_KMS);
 
-	builtin = __match_string(generic_edid_name, GENERIC_EDIDS, name);
+	builtin = match_string(generic_edid_name, name);
 	if (builtin >= 0) {
 		fwdata = generic_edid[builtin];
 		fwsize = sizeof(generic_edid[builtin]);
-- 
2.17.1


^ permalink raw reply related

* Re: [PATCH 01/16] lib: fix match_string() helper on -1 array size
From: Ardelean, Alexandru @ 2019-05-08 11:31 UTC (permalink / raw)
  To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-ide@vger.kernel.org, linux-usb@vger.kernel.org,
	linux-mmc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
	cgroups@vger.kernel.org, intel-gfx@lists.freedesktop.org,
	linux-pm@vger.kernel.org, linux-mm@kvack.org,
	linux-omap@vger.kernel.org, linux-gpio@vger.kernel.org,
	linux-security-module@vger.kernel.org, devel@driverdev.osuosl.org,
	linux-integrity@vger.kernel.org, linux-fbdev@vger.kernel.org,
	dri-devel@lists.freedesktop.org,
	linux-rpi-kernel@lists.infradead.org,
	linux-arm-kernel@lists.infradead.org, netdev@vger.kernel.org,
	alsa-devel@alsa-project.org, linux-rockchip@lists.infradead.org,
	linux-clk@vger.kernel.org, linux-pci@vger.kernel.org,
	linux-wireless@vger.kernel.org, linux-mtd@lists.infradead.org,
	linux-tegra@vger.kernel.org
  Cc: andriy.shevchenko@linux.intel.com, gregkh@linuxfoundation.org
In-Reply-To: <20190508112842.11654-2-alexandru.ardelean@analog.com>

On Wed, 2019-05-08 at 14:28 +0300, Alexandru Ardelean wrote:
> The documentation the `_match_string()` helper mentions that `n`
> should be:
>  * @n: number of strings in the array or -1 for NULL terminated arrays
> 
> The behavior of the function is different, in the sense that it exits on
> the first NULL element in the array, regardless of whether `n` is -1 or a
> positive number.
> 
> This patch changes the behavior, to exit the loop when a NULL element is
> found and n == -1. Essentially, this aligns the behavior with the
> doc-string.
> 
> There are currently many users of `match_string()`, and so, in order to
> go
> through them, the next patches in the series will focus on doing some
> cosmetic changes, which are aimed at grouping the users of
> `match_string()`.
> 

This is the duplicate & should be dropped.
Sorry for this.

> Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
> ---
>  lib/string.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/string.c b/lib/string.c
> index 3ab861c1a857..76edb7bf76cb 100644
> --- a/lib/string.c
> +++ b/lib/string.c
> @@ -648,8 +648,11 @@ int match_string(const char * const *array, size_t
> n, const char *string)
>  
>  	for (index = 0; index < n; index++) {
>  		item = array[index];
> -		if (!item)
> +		if (!item) {
> +			if (n != (size_t)-1)
> +				continue;
>  			break;
> +		}
>  		if (!strcmp(item, string))
>  			return index;
>  	}

^ permalink raw reply

* [PATCH 14/16] staging: gdm724x: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The `DRIVER_STRING` array is a static array of strings.
Using match_string() (which computes the array size via ARRAY_SIZE())
is possible.

The change is mostly cosmetic.
No functionality change.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 drivers/staging/gdm724x/gdm_tty.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/staging/gdm724x/gdm_tty.c b/drivers/staging/gdm724x/gdm_tty.c
index 6e147a324652..81dd6795599f 100644
--- a/drivers/staging/gdm724x/gdm_tty.c
+++ b/drivers/staging/gdm724x/gdm_tty.c
@@ -56,8 +56,7 @@ static int gdm_tty_install(struct tty_driver *driver, struct tty_struct *tty)
 	struct gdm *gdm = NULL;
 	int ret;
 
-	ret = __match_string(DRIVER_STRING, TTY_MAX_COUNT,
-			     tty->driver->driver_name);
+	ret = match_string(DRIVER_STRING, tty->driver->driver_name);
 	if (ret < 0)
 		return -ENODEV;
 
-- 
2.17.1


^ permalink raw reply related

* [PATCH 16/16] sched: debug: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The `sched_feat_names` array is a static array of strings.
Using match_string() (which computes the array size via ARRAY_SIZE())
is possible.

The change is mostly cosmetic.
No functionality change.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 kernel/sched/debug.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/sched/debug.c b/kernel/sched/debug.c
index b0efc5fe641e..6d5f370bdfde 100644
--- a/kernel/sched/debug.c
+++ b/kernel/sched/debug.c
@@ -111,7 +111,7 @@ static int sched_feat_set(char *cmp)
 		cmp += 3;
 	}
 
-	i = __match_string(sched_feat_names, __SCHED_FEAT_NR, cmp);
+	i = match_string(sched_feat_names, cmp);
 	if (i < 0)
 		return i;
 
-- 
2.17.1


^ permalink raw reply related

* [PATCH 15/16] video: fbdev: pxafb: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The `lcd_types` array is a static array of strings.
Using match_string() (which computes the array size via ARRAY_SIZE())
is possible.

This reduces the array by 1 element, since the NULL (at the end of the
array) is no longer needed.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 drivers/video/fbdev/pxafb.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/video/fbdev/pxafb.c b/drivers/video/fbdev/pxafb.c
index 0025781e6e1e..e657a04f5b1d 100644
--- a/drivers/video/fbdev/pxafb.c
+++ b/drivers/video/fbdev/pxafb.c
@@ -2114,7 +2114,7 @@ static void pxafb_check_options(struct device *dev, struct pxafb_mach_info *inf)
 #if defined(CONFIG_OF)
 static const char * const lcd_types[] = {
 	"unknown", "mono-stn", "mono-dstn", "color-stn", "color-dstn",
-	"color-tft", "smart-panel", NULL
+	"color-tft", "smart-panel"
 };
 
 static int of_get_pxafb_display(struct device *dev, struct device_node *disp,
@@ -2129,7 +2129,7 @@ static int of_get_pxafb_display(struct device *dev, struct device_node *disp,
 	if (ret)
 		s = "color-tft";
 
-	i = __match_string(lcd_types, -1, s);
+	i = match_string(lcd_types, s);
 	if (i < 0) {
 		dev_err(dev, "lcd-type %s is unknown\n", s);
 		return i;
-- 
2.17.1


^ permalink raw reply related

* [PATCH 07/16] device connection: use new match_string() helper/macro
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The `device_connection` struct is defined as:
struct device_connection {
        struct fwnode_handle    *fwnode;
        const char              *endpoint[2];
        const char              *id;
        struct list_head        list;
};

The `endpoint` member is a static array of strings (on the struct), so
using the match_string() (which does an ARRAY_SIZE((con->endpoint)) should
be fine.

The recent change to match_string() (to ignore NULL entries up to the size
of the array) shouldn't affect this.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 drivers/base/devcon.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/base/devcon.c b/drivers/base/devcon.c
index 7bc1c619b721..4a2338665585 100644
--- a/drivers/base/devcon.c
+++ b/drivers/base/devcon.c
@@ -70,7 +70,7 @@ void *device_connection_find_match(struct device *dev, const char *con_id,
 	mutex_lock(&devcon_lock);
 
 	list_for_each_entry(con, &devcon_list, list) {
-		ep = __match_string(con->endpoint, 2, devname);
+		ep = match_string(con->endpoint, devname);
 		if (ep < 0)
 			continue;
 
-- 
2.17.1


^ permalink raw reply related

* [PATCH 01/16] lib: fix match_string() helper on -1 array size
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean
In-Reply-To: <20190508112842.11654-1-alexandru.ardelean@analog.com>

The documentation the `_match_string()` helper mentions that `n`
should be:
 * @n: number of strings in the array or -1 for NULL terminated arrays

The behavior of the function is different, in the sense that it exits on
the first NULL element in the array, regardless of whether `n` is -1 or a
positive number.

This patch changes the behavior, to exit the loop when a NULL element is
found and n == -1. Essentially, this aligns the behavior with the
doc-string.

There are currently many users of `match_string()`, and so, in order to go
through them, the next patches in the series will focus on doing some
cosmetic changes, which are aimed at grouping the users of
`match_string()`.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
---
 lib/string.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/string.c b/lib/string.c
index 3ab861c1a857..76edb7bf76cb 100644
--- a/lib/string.c
+++ b/lib/string.c
@@ -648,8 +648,11 @@ int match_string(const char * const *array, size_t n, const char *string)
 
 	for (index = 0; index < n; index++) {
 		item = array[index];
-		if (!item)
+		if (!item) {
+			if (n != (size_t)-1)
+				continue;
 			break;
+		}
 		if (!strcmp(item, string))
 			return index;
 	}
-- 
2.17.1


^ permalink raw reply related

* [PATCH 00/16] treewide: fix match_string() helper when array size
From: Alexandru Ardelean @ 2019-05-08 11:28 UTC (permalink / raw)
  To: linuxppc-dev, linux-kernel, linux-ide, linux-clk,
	linux-rpi-kernel, linux-arm-kernel, linux-rockchip, linux-pm,
	linux-gpio, dri-devel, intel-gfx, linux-omap, linux-mmc,
	linux-wireless, netdev, linux-pci, linux-tegra, devel, linux-usb,
	kvm, linux-fbdev, linux-mtd, cgroups, linux-mm,
	linux-security-module, linux-integrity, alsa-devel
  Cc: gregkh, andriy.shevchenko, Alexandru Ardelean

The intent of this patch series is to make a case for fixing the
match_string() string helper.

The doc-string of the `__sysfs_match_string()` helper mentions that `n`
(the size of the given array) should be:
 * @n: number of strings in the array or -1 for NULL terminated arrays

However, this is not the case.
The helper stops on the first NULL in the array, regardless of whether -1
is provided or not.

There are some advantages to allowing this behavior (NULL elements within
in the array). One example, is to allow reserved registers as NULL in an
array.
One example in the series is patch:
   x86/mtrr: use new match_string() helper + add gaps == minor fix
which uses a "?" string for values that are reserved/don't care.

Since the change is a bit big, the change was coupled with renaming
match_string() -> __match_string().
The new match_string() helper (resulted here) does an ARRAY_SIZE() over the
array, which is useful when the array is static. 

Also, this way of doing things is a way to go through all the users of this
helpers and check that nothing goes wrong, and notify them about the change
to match_string().
It's a way of grouping changes in a manage-able way.

The first patch is important, the others can be dropped.

Signed-off-by: Alexandru Ardelean <alexandru.ardelean@analog.com>

Alexandru Ardelean (16):
  lib: fix match_string() helper when array size is positive
  treewide: rename match_string() -> __match_string()
  lib,treewide: add new match_string() helper/macro
  powerpc/xmon: use new match_string() helper/macro
  ALSA: oxygen: use new match_string() helper/macro
  x86/mtrr: use new match_string() helper + add gaps == minor fix
  device connection: use new match_string() helper/macro
  cpufreq/intel_pstate: remove NULL entry + use match_string()
  mmc: sdhci-xenon: use new match_string() helper/macro
  pinctrl: armada-37xx: use new match_string() helper/macro
  mm/vmpressure.c: use new match_string() helper/macro
  rdmacg: use new match_string() helper/macro
  drm/edid: use new match_string() helper/macro
  staging: gdm724x: use new match_string() helper/macro
  video: fbdev: pxafb: use new match_string() helper/macro
  sched: debug: use new match_string() helper/macro

 arch/powerpc/xmon/xmon.c                         |  2 +-
 arch/x86/kernel/cpu/mtrr/if.c                    | 10 ++++++----
 drivers/ata/pata_hpt366.c                        |  2 +-
 drivers/ata/pata_hpt37x.c                        |  2 +-
 drivers/base/devcon.c                            |  2 +-
 drivers/base/property.c                          |  2 +-
 drivers/clk/bcm/clk-bcm2835.c                    |  4 +---
 drivers/clk/clk.c                                |  4 ++--
 drivers/clk/rockchip/clk.c                       |  4 ++--
 drivers/cpufreq/intel_pstate.c                   |  9 ++++-----
 drivers/gpio/gpiolib-of.c                        |  2 +-
 drivers/gpu/drm/drm_edid_load.c                  |  2 +-
 drivers/gpu/drm/drm_panel_orientation_quirks.c   |  2 +-
 drivers/gpu/drm/i915/intel_pipe_crc.c            |  2 +-
 drivers/ide/hpt366.c                             |  2 +-
 drivers/mfd/omap-usb-host.c                      |  2 +-
 drivers/mmc/host/sdhci-xenon-phy.c               | 12 ++++++------
 drivers/net/wireless/intel/iwlwifi/mvm/debugfs.c |  2 +-
 drivers/pci/pcie/aer.c                           |  2 +-
 drivers/phy/tegra/xusb.c                         |  2 +-
 drivers/pinctrl/mvebu/pinctrl-armada-37xx.c      |  4 ++--
 drivers/pinctrl/pinmux.c                         |  2 +-
 drivers/power/supply/ab8500_btemp.c              |  2 +-
 drivers/power/supply/ab8500_charger.c            |  2 +-
 drivers/power/supply/ab8500_fg.c                 |  2 +-
 drivers/power/supply/abx500_chargalg.c           |  2 +-
 drivers/power/supply/charger-manager.c           |  4 ++--
 drivers/staging/gdm724x/gdm_tty.c                |  3 +--
 drivers/usb/common/common.c                      |  4 ++--
 drivers/usb/typec/class.c                        |  8 +++-----
 drivers/usb/typec/tps6598x.c                     |  2 +-
 drivers/vfio/vfio.c                              |  4 +---
 drivers/video/fbdev/pxafb.c                      |  4 ++--
 fs/ubifs/auth.c                                  |  4 ++--
 include/linux/string.h                           | 11 ++++++++++-
 kernel/cgroup/rdma.c                             |  2 +-
 kernel/sched/debug.c                             |  2 +-
 kernel/trace/trace.c                             |  2 +-
 lib/string.c                                     | 13 ++++++++-----
 mm/mempolicy.c                                   |  2 +-
 mm/vmpressure.c                                  |  4 ++--
 security/apparmor/lsm.c                          |  4 ++--
 security/integrity/ima/ima_main.c                |  2 +-
 sound/firewire/oxfw/oxfw.c                       |  2 +-
 sound/pci/oxygen/oxygen_mixer.c                  |  2 +-
 sound/soc/codecs/max98088.c                      |  2 +-
 sound/soc/codecs/max98095.c                      |  2 +-
 sound/soc/soc-dapm.c                             |  2 +-
 48 files changed, 88 insertions(+), 82 deletions(-)

-- 
2.17.1


^ permalink raw reply

* Re: [GIT PULL] SELinux patches for v5.2
From: pr-tracker-bot @ 2019-05-08  2:40 UTC (permalink / raw)
  To: Paul Moore; +Cc: Linus Torvalds, selinux, linux-security-module, linux-kernel
In-Reply-To: <CAHC9VhSkOmRGvOje3HycoauPL+ZW9g9zZ3dqiPDmQTPUPnhCPg@mail.gmail.com>

The pull request you sent on Tue, 7 May 2019 13:23:03 -0400:

> git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git tags/selinux-pr-20190507

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/f72dae20891d7bcc43e9263ab206960b6ae5209f

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.wiki.kernel.org/userdoc/prtracker

^ permalink raw reply

* Re: [PATCH] tomoyo: Don't emit WARNING: string while fuzzing testing.
From: Tetsuo Handa @ 2019-05-07 20:54 UTC (permalink / raw)
  To: James Morris; +Cc: Dmitry Vyukov, linux-security-module
In-Reply-To: <CACT4Y+ZGMHbJjNfA_jO_KDVxaa6eVVkhxdyr-EkH3Umy8v_p_w@mail.gmail.com>

Here is updated description.

Commit cff0e6c3ec3e6230 ("tomoyo: Add a kernel config option for fuzzing
testing.") enabled the learning mode, but syzkaller is detecting any
"WARNING:" string as a crash. Thus, disable TOMOYO's quota warning if
built for fuzzing testing.

On 2019/05/08 1:49, Dmitry Vyukov wrote:
> From: James Morris <jmorris@namei.org>
> Date: Tue, May 7, 2019 at 6:45 PM
> To: Tetsuo Handa
> Cc: <linux-security-module@vger.kernel.org>, Dmitry Vyukov
> 
>> On Tue, 7 May 2019, Tetsuo Handa wrote:
>>
>>> Commit cff0e6c3ec3e6230 ("tomoyo: Add a kernel config option for fuzzing
>>> testing.") enabled the learning mode, and syzbot started crashing by
>>> encountering this warning message. Disable this warning if built for
>>> fuzzing testing; otherwise syzbot can't start fuzzing testing.
>>
>> syzbot crashed? Sounds like a bug in syzbot which should be fixed rather
>> than this approach.
> 
> syzbot did not crash, it detected this as kernel crash.
> 
>>> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
>>> Cc: Dmitry Vyukov <dvyukov@google.com>
>>> ---
>>>  security/tomoyo/util.c | 2 ++
>>>  1 file changed, 2 insertions(+)
>>>
>>> diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
>>> index 0517cbd..52752e1 100644
>>> --- a/security/tomoyo/util.c
>>> +++ b/security/tomoyo/util.c
>>> @@ -1076,8 +1076,10 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r)
>>>               domain->flags[TOMOYO_DIF_QUOTA_WARNED] = true;
>>>               /* r->granted = false; */
>>>               tomoyo_write_log(r, "%s", tomoyo_dif[TOMOYO_DIF_QUOTA_WARNED]);
>>> +#ifndef CONFIG_SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING
>>>               pr_warn("WARNING: Domain '%s' has too many ACLs to hold. Stopped learning mode.\n",
>>>                       domain->domainname->name);
>>> +#endif
>>>       }
>>>       return false;
>>>  }
>>>
>>
>> --
>> James Morris
>> <jmorris@namei.org>
>>
> 


^ permalink raw reply

* Re: [PATCH 2/2] apparmor: Switch to GFP_KERNEL where possible
From: John Johansen @ 2019-05-07 19:57 UTC (permalink / raw)
  To: Sebastian Andrzej Siewior, linux-security-module
  Cc: James Morris, Serge E. Hallyn, tglx
In-Reply-To: <20190405133458.4809-2-bigeasy@linutronix.de>

On 4/5/19 6:34 AM, Sebastian Andrzej Siewior wrote:
> After removing preempt_disable() from get_buffers() it is possible to
> replace a few GFP_ATOMIC allocations with GFP_KERNEL.
> 
> Replace GFP_ATOMIC allocations with GFP_KERNEL where the context looks
> to bee preepmtible.
> 
> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>

I am pulling this one is as well


> ---
>  security/apparmor/domain.c | 20 ++++++++++----------
>  security/apparmor/file.c   |  2 +-
>  security/apparmor/mount.c  |  2 +-
>  3 files changed, 12 insertions(+), 12 deletions(-)
> 
> diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
> index 1f4a6e420b6d3..b8114d9988bac 100644
> --- a/security/apparmor/domain.c
> +++ b/security/apparmor/domain.c
> @@ -524,7 +524,7 @@ struct aa_label *x_table_lookup(struct aa_profile *profile, u32 xindex,
>  				label = &new_profile->label;
>  			continue;
>  		}
> -		label = aa_label_parse(&profile->label, *name, GFP_ATOMIC,
> +		label = aa_label_parse(&profile->label, *name, GFP_KERNEL,
>  				       true, false);
>  		if (IS_ERR(label))
>  			label = NULL;
> @@ -604,7 +604,7 @@ static struct aa_label *x_to_label(struct aa_profile *profile,
>  		/* base the stack on post domain transition */
>  		struct aa_label *base = new;
>  
> -		new = aa_label_parse(base, stack, GFP_ATOMIC, true, false);
> +		new = aa_label_parse(base, stack, GFP_KERNEL, true, false);
>  		if (IS_ERR(new))
>  			new = NULL;
>  		aa_put_label(base);
> @@ -712,7 +712,7 @@ static struct aa_label *profile_transition(struct aa_profile *profile,
>  		if (DEBUG_ON) {
>  			dbg_printk("apparmor: scrubbing environment variables"
>  				   " for %s profile=", name);
> -			aa_label_printk(new, GFP_ATOMIC);
> +			aa_label_printk(new, GFP_KERNEL);
>  			dbg_printk("\n");
>  		}
>  		*secure_exec = true;
> @@ -788,7 +788,7 @@ static int profile_onexec(struct aa_profile *profile, struct aa_label *onexec,
>  		if (DEBUG_ON) {
>  			dbg_printk("apparmor: scrubbing environment "
>  				   "variables for %s label=", xname);
> -			aa_label_printk(onexec, GFP_ATOMIC);
> +			aa_label_printk(onexec, GFP_KERNEL);
>  			dbg_printk("\n");
>  		}
>  		*secure_exec = true;
> @@ -822,7 +822,7 @@ static struct aa_label *handle_onexec(struct aa_label *label,
>  					       bprm, buffer, cond, unsafe));
>  		if (error)
>  			return ERR_PTR(error);
> -		new = fn_label_build_in_ns(label, profile, GFP_ATOMIC,
> +		new = fn_label_build_in_ns(label, profile, GFP_KERNEL,
>  				aa_get_newest_label(onexec),
>  				profile_transition(profile, bprm, buffer,
>  						   cond, unsafe));
> @@ -834,9 +834,9 @@ static struct aa_label *handle_onexec(struct aa_label *label,
>  					       buffer, cond, unsafe));
>  		if (error)
>  			return ERR_PTR(error);
> -		new = fn_label_build_in_ns(label, profile, GFP_ATOMIC,
> +		new = fn_label_build_in_ns(label, profile, GFP_KERNEL,
>  				aa_label_merge(&profile->label, onexec,
> -					       GFP_ATOMIC),
> +					       GFP_KERNEL),
>  				profile_transition(profile, bprm, buffer,
>  						   cond, unsafe));
>  	}
> @@ -902,7 +902,7 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm)
>  		new = handle_onexec(label, ctx->onexec, ctx->token,
>  				    bprm, buffer, &cond, &unsafe);
>  	else
> -		new = fn_label_build(label, profile, GFP_ATOMIC,
> +		new = fn_label_build(label, profile, GFP_KERNEL,
>  				profile_transition(profile, bprm, buffer,
>  						   &cond, &unsafe));
>  
> @@ -946,7 +946,7 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm)
>  		if (DEBUG_ON) {
>  			dbg_printk("scrubbing environment variables for %s "
>  				   "label=", bprm->filename);
> -			aa_label_printk(new, GFP_ATOMIC);
> +			aa_label_printk(new, GFP_KERNEL);
>  			dbg_printk("\n");
>  		}
>  		bprm->secureexec = 1;
> @@ -957,7 +957,7 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm)
>  		if (DEBUG_ON) {
>  			dbg_printk("apparmor: clearing unsafe personality "
>  				   "bits. %s label=", bprm->filename);
> -			aa_label_printk(new, GFP_ATOMIC);
> +			aa_label_printk(new, GFP_KERNEL);
>  			dbg_printk("\n");
>  		}
>  		bprm->per_clear |= PER_CLEAR_ON_SETID;
> diff --git a/security/apparmor/file.c b/security/apparmor/file.c
> index e422a3f59e80c..3eb2c5369711c 100644
> --- a/security/apparmor/file.c
> +++ b/security/apparmor/file.c
> @@ -80,7 +80,7 @@ static void file_audit_cb(struct audit_buffer *ab, void *va)
>  	if (aad(sa)->peer) {
>  		audit_log_format(ab, " target=");
>  		aa_label_xaudit(ab, labels_ns(aad(sa)->label), aad(sa)->peer,
> -				FLAG_VIEW_SUBNS, GFP_ATOMIC);
> +				FLAG_VIEW_SUBNS, GFP_KERNEL);
>  	} else if (aad(sa)->fs.target) {
>  		audit_log_format(ab, " target=");
>  		audit_log_untrustedstring(ab, aad(sa)->fs.target);
> diff --git a/security/apparmor/mount.c b/security/apparmor/mount.c
> index 8a6cf1c14e82a..d73bc3ceaf9f5 100644
> --- a/security/apparmor/mount.c
> +++ b/security/apparmor/mount.c
> @@ -679,7 +679,7 @@ int aa_pivotroot(struct aa_label *label, const struct path *old_path,
>  
>  	old_buffer = aa_get_buffer();
>  	new_buffer = aa_get_buffer();
> -	target = fn_label_build(label, profile, GFP_ATOMIC,
> +	target = fn_label_build(label, profile, GFP_KERNEL,
>  			build_pivotroot(profile, new_path, new_buffer,
>  					old_path, old_buffer));
>  	if (!target) {
> 


^ permalink raw reply

* Re: [PATCH v4] apparmor: Use a memory pool instead per-CPU caches
From: John Johansen @ 2019-05-07 19:57 UTC (permalink / raw)
  To: Sebastian Andrzej Siewior, Tetsuo Handa
  Cc: linux-security-module, James Morris, Serge E. Hallyn, tglx
In-Reply-To: <20190503141221.qvqdfbfmmmzc7gfr@linutronix.de>

On 5/3/19 7:12 AM, Sebastian Andrzej Siewior wrote:
> The get_buffers() macro may provide one or two buffers to the caller.
> Those buffers are pre-allocated on init for each CPU. By default it
> allocates
> 	2* 2 * MAX_PATH * POSSIBLE_CPU
> 
> which equals 64KiB on a system with 4 CPUs or 1MiB with 64 CPUs and so
> on.
> 
> Replace the per-CPU buffers with a common memory pool which is shared
> across all CPUs. The pool grows on demand and never shrinks. The pool
> starts with two (UP) or four (SMP) elements. By using this pool it is
> possible to request a buffer and keeping preemption enabled which avoids
> the hack in profile_transition().
> 
> It has been pointed out by Tetsuo Handa that GFP_KERNEL allocations for
> small amount of memory do not fail. In order not to have an endless
> retry, __GFP_RETRY_MAYFAIL is passed (so the memory allocation is not
> repeated until success) and retried once hoping that in the meantime a
> buffer has been returned to the pool. Since now NULL is possible all
> allocation paths check the buffer pointer and return -ENOMEM on failure.
> 
> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>

I am going to pull this into my tree and let it sit in linux-next
for a cycle so we can get better testing on this before it is pushed
out


> ---
> v3…v4:
>    - let aa_put_buffer() accept a NULL pointer, noticed by Tetsuo Handa
> 
> v2…v3:
>    - remove an unused flags variable.
> 
> v1…v2:
>    - Use max_t instead min_t for a minimal buffer.
>    - Pre-allocate 2 buffers on UP and 4 buffers on SMP systems.
>    - Use __GFP_RETRY_MAYFAIL | __GFP_NOWARN on memory allocation. The
>      allocation may fail under pressure and we will retry once.
>    - Add an error path to each caller of aa_get_buffer() if the memory
>      allocation fails.
> 
>  security/apparmor/domain.c       |  24 +++----
>  security/apparmor/file.c         |  24 +++++--
>  security/apparmor/include/path.h |  49 +-------------
>  security/apparmor/lsm.c          | 107 +++++++++++++++++++++++--------
>  security/apparmor/mount.c        |  65 +++++++++++++++----
>  5 files changed, 161 insertions(+), 108 deletions(-)
> 
> diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
> index ca2dccf5b445e..cae0e619ff4fe 100644
> --- a/security/apparmor/domain.c
> +++ b/security/apparmor/domain.c
> @@ -689,20 +689,9 @@ static struct aa_label *profile_transition(struct aa_profile *profile,
>  	} else if (COMPLAIN_MODE(profile)) {
>  		/* no exec permission - learning mode */
>  		struct aa_profile *new_profile = NULL;
> -		char *n = kstrdup(name, GFP_ATOMIC);
>  
> -		if (n) {
> -			/* name is ptr into buffer */
> -			long pos = name - buffer;
> -			/* break per cpu buffer hold */
> -			put_buffers(buffer);
> -			new_profile = aa_new_null_profile(profile, false, n,
> -							  GFP_KERNEL);
> -			get_buffers(buffer);
> -			name = buffer + pos;
> -			strcpy((char *)name, n);
> -			kfree(n);
> -		}
> +		new_profile = aa_new_null_profile(profile, false, name,
> +						  GFP_KERNEL);
>  		if (!new_profile) {
>  			error = -ENOMEM;
>  			info = "could not create null profile";
> @@ -907,7 +896,12 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm)
>  		ctx->nnp = aa_get_label(label);
>  
>  	/* buffer freed below, name is pointer into buffer */
> -	get_buffers(buffer);
> +	buffer = aa_get_buffer();
> +	if (!buffer) {
> +		error = -ENOMEM;
> +		goto done;
> +	}
> +
>  	/* Test for onexec first as onexec override other x transitions. */
>  	if (ctx->onexec)
>  		new = handle_onexec(label, ctx->onexec, ctx->token,
> @@ -979,7 +973,7 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm)
>  
>  done:
>  	aa_put_label(label);
> -	put_buffers(buffer);
> +	aa_put_buffer(buffer);
>  
>  	return error;
>  
> diff --git a/security/apparmor/file.c b/security/apparmor/file.c
> index d0afed9ebd0ed..7b424e73a8c74 100644
> --- a/security/apparmor/file.c
> +++ b/security/apparmor/file.c
> @@ -336,12 +336,14 @@ int aa_path_perm(const char *op, struct aa_label *label,
>  
>  	flags |= PATH_DELEGATE_DELETED | (S_ISDIR(cond->mode) ? PATH_IS_DIR :
>  								0);
> -	get_buffers(buffer);
> +	buffer = aa_get_buffer();
> +	if (!buffer)
> +		return -ENOMEM;
>  	error = fn_for_each_confined(label, profile,
>  			profile_path_perm(op, profile, path, buffer, request,
>  					  cond, flags, &perms));
>  
> -	put_buffers(buffer);
> +	aa_put_buffer(buffer);
>  
>  	return error;
>  }
> @@ -479,12 +481,18 @@ int aa_path_link(struct aa_label *label, struct dentry *old_dentry,
>  	int error;
>  
>  	/* buffer freed below, lname is pointer in buffer */
> -	get_buffers(buffer, buffer2);
> +	buffer = aa_get_buffer();
> +	buffer2 = aa_get_buffer();
> +	error = -ENOMEM;
> +	if (!buffer || !buffer2)
> +		goto out;
> +
>  	error = fn_for_each_confined(label, profile,
>  			profile_path_link(profile, &link, buffer, &target,
>  					  buffer2, &cond));
> -	put_buffers(buffer, buffer2);
> -
> +out:
> +	aa_put_buffer(buffer);
> +	aa_put_buffer(buffer2);
>  	return error;
>  }
>  
> @@ -528,7 +536,9 @@ static int __file_path_perm(const char *op, struct aa_label *label,
>  		return 0;
>  
>  	flags = PATH_DELEGATE_DELETED | (S_ISDIR(cond.mode) ? PATH_IS_DIR : 0);
> -	get_buffers(buffer);
> +	buffer = aa_get_buffer();
> +	if (!buffer)
> +		return -ENOMEM;
>  
>  	/* check every profile in task label not in current cache */
>  	error = fn_for_each_not_in_set(flabel, label, profile,
> @@ -557,7 +567,7 @@ static int __file_path_perm(const char *op, struct aa_label *label,
>  	if (!error)
>  		update_file_ctx(file_ctx(file), label, request);
>  
> -	put_buffers(buffer);
> +	aa_put_buffer(buffer);
>  
>  	return error;
>  }
> diff --git a/security/apparmor/include/path.h b/security/apparmor/include/path.h
> index b6380c5f00972..b0b2ab85e42d8 100644
> --- a/security/apparmor/include/path.h
> +++ b/security/apparmor/include/path.h
> @@ -15,7 +15,6 @@
>  #ifndef __AA_PATH_H
>  #define __AA_PATH_H
>  
> -
>  enum path_flags {
>  	PATH_IS_DIR = 0x1,		/* path is a directory */
>  	PATH_CONNECT_PATH = 0x4,	/* connect disconnected paths to / */
> @@ -30,51 +29,7 @@ int aa_path_name(const struct path *path, int flags, char *buffer,
>  		 const char **name, const char **info,
>  		 const char *disconnected);
>  
> -#define MAX_PATH_BUFFERS 2
> -
> -/* Per cpu buffers used during mediation */
> -/* preallocated buffers to use during path lookups */
> -struct aa_buffers {
> -	char *buf[MAX_PATH_BUFFERS];
> -};
> -
> -#include <linux/percpu.h>
> -#include <linux/preempt.h>
> -
> -DECLARE_PER_CPU(struct aa_buffers, aa_buffers);
> -
> -#define ASSIGN(FN, A, X, N) ((X) = FN(A, N))
> -#define EVAL1(FN, A, X) ASSIGN(FN, A, X, 0) /*X = FN(0)*/
> -#define EVAL2(FN, A, X, Y...)	\
> -	do { ASSIGN(FN, A, X, 1);  EVAL1(FN, A, Y); } while (0)
> -#define EVAL(FN, A, X...) CONCATENATE(EVAL, COUNT_ARGS(X))(FN, A, X)
> -
> -#define for_each_cpu_buffer(I) for ((I) = 0; (I) < MAX_PATH_BUFFERS; (I)++)
> -
> -#ifdef CONFIG_DEBUG_PREEMPT
> -#define AA_BUG_PREEMPT_ENABLED(X) AA_BUG(preempt_count() <= 0, X)
> -#else
> -#define AA_BUG_PREEMPT_ENABLED(X) /* nop */
> -#endif
> -
> -#define __get_buffer(C, N) ({						\
> -	AA_BUG_PREEMPT_ENABLED("__get_buffer without preempt disabled");  \
> -	(C)->buf[(N)]; })
> -
> -#define __get_buffers(C, X...)    EVAL(__get_buffer, C, X)
> -
> -#define __put_buffers(X, Y...) ((void)&(X))
> -
> -#define get_buffers(X...)						\
> -do {									\
> -	struct aa_buffers *__cpu_var = get_cpu_ptr(&aa_buffers);	\
> -	__get_buffers(__cpu_var, X);					\
> -} while (0)
> -
> -#define put_buffers(X, Y...)		\
> -do {					\
> -	__put_buffers(X, Y);		\
> -	put_cpu_ptr(&aa_buffers);	\
> -} while (0)
> +char *aa_get_buffer(void);
> +void aa_put_buffer(char *buf);
>  
>  #endif /* __AA_PATH_H */
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index 87500bde5a92d..c5915a6853738 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -47,8 +47,13 @@
>  /* Flag indicating whether initialization completed */
>  int apparmor_initialized;
>  
> -DEFINE_PER_CPU(struct aa_buffers, aa_buffers);
> +union aa_buffer {
> +	struct list_head list;
> +	char buffer[1];
> +};
>  
> +static LIST_HEAD(aa_global_buffers);
> +static DEFINE_SPINLOCK(aa_buffers_lock);
>  
>  /*
>   * LSM hook functions
> @@ -1406,6 +1411,7 @@ static int param_set_aauint(const char *val, const struct kernel_param *kp)
>  		return -EPERM;
>  
>  	error = param_set_uint(val, kp);
> +	aa_g_path_max = max_t(uint32_t, aa_g_path_max, sizeof(union aa_buffer));
>  	pr_info("AppArmor: buffer size set to %d bytes\n", aa_g_path_max);
>  
>  	return error;
> @@ -1518,6 +1524,48 @@ static int param_set_mode(const char *val, const struct kernel_param *kp)
>  	return 0;
>  }
>  
> +char *aa_get_buffer(void)
> +{
> +	union aa_buffer *aa_buf;
> +	bool try_again = true;
> +
> +retry:
> +	spin_lock(&aa_buffers_lock);
> +	if (!list_empty(&aa_global_buffers)) {
> +		aa_buf = list_first_entry(&aa_global_buffers, union aa_buffer,
> +					  list);
> +		list_del(&aa_buf->list);
> +		spin_unlock(&aa_buffers_lock);
> +		return &aa_buf->buffer[0];
> +	}
> +	spin_unlock(&aa_buffers_lock);
> +
> +	aa_buf = kmalloc(aa_g_path_max, GFP_KERNEL | __GFP_RETRY_MAYFAIL |
> +			 __GFP_NOWARN);
> +	if (!aa_buf) {
> +		if (try_again) {
> +			try_again = false;
> +			goto retry;
> +		}
> +		pr_warn_once("AppArmor: Failed to allocate a memory buffer.\n");
> +		return NULL;
> +	}
> +	return &aa_buf->buffer[0];
> +}
> +
> +void aa_put_buffer(char *buf)
> +{
> +	union aa_buffer *aa_buf;
> +
> +	if (!buf)
> +		return;
> +	aa_buf = container_of(buf, union aa_buffer, buffer[0]);
> +
> +	spin_lock(&aa_buffers_lock);
> +	list_add(&aa_buf->list, &aa_global_buffers);
> +	spin_unlock(&aa_buffers_lock);
> +}
> +
>  /*
>   * AppArmor init functions
>   */
> @@ -1538,38 +1586,48 @@ static int __init set_init_ctx(void)
>  
>  static void destroy_buffers(void)
>  {
> -	u32 i, j;
> +	union aa_buffer *aa_buf;
>  
> -	for_each_possible_cpu(i) {
> -		for_each_cpu_buffer(j) {
> -			kfree(per_cpu(aa_buffers, i).buf[j]);
> -			per_cpu(aa_buffers, i).buf[j] = NULL;
> -		}
> +	spin_lock(&aa_buffers_lock);
> +	while (!list_empty(&aa_global_buffers)) {
> +		aa_buf = list_first_entry(&aa_global_buffers, union aa_buffer,
> +					 list);
> +		list_del(&aa_buf->list);
> +		spin_unlock(&aa_buffers_lock);
> +		kfree(aa_buf);
> +		spin_lock(&aa_buffers_lock);
>  	}
> +	spin_unlock(&aa_buffers_lock);
>  }
>  
>  static int __init alloc_buffers(void)
>  {
> -	u32 i, j;
> +	union aa_buffer *aa_buf;
> +	int i, num;
>  
> -	for_each_possible_cpu(i) {
> -		for_each_cpu_buffer(j) {
> -			char *buffer;
> +	/*
> +	 * A function may require two buffers at once. Usually the buffers are
> +	 * used for a short period of time and are shared. On UP kernel buffers
> +	 * two should be enough, with more CPUs it is possible that more
> +	 * buffers will be used simultaneously. The preallocated pool may grow.
> +	 * This preallocation has also the side-effect that AppArmor will be
> +	 * disabled early at boot if aa_g_path_max is extremly high.
> +	 */
> +	if (num_online_cpus() > 1)
> +		num = 4;
> +	else
> +		num = 2;
>  
> -			if (cpu_to_node(i) > num_online_nodes())
> -				/* fallback to kmalloc for offline nodes */
> -				buffer = kmalloc(aa_g_path_max, GFP_KERNEL);
> -			else
> -				buffer = kmalloc_node(aa_g_path_max, GFP_KERNEL,
> -						      cpu_to_node(i));
> -			if (!buffer) {
> -				destroy_buffers();
> -				return -ENOMEM;
> -			}
> -			per_cpu(aa_buffers, i).buf[j] = buffer;
> +	for (i = 0; i < num; i++) {
> +
> +		aa_buf = kmalloc(aa_g_path_max, GFP_KERNEL |
> +				 __GFP_RETRY_MAYFAIL | __GFP_NOWARN);
> +		if (!aa_buf) {
> +			destroy_buffers();
> +			return -ENOMEM;
>  		}
> +		aa_put_buffer(&aa_buf->buffer[0]);
>  	}
> -
>  	return 0;
>  }
>  
> @@ -1734,7 +1792,7 @@ static int __init apparmor_init(void)
>  	error = alloc_buffers();
>  	if (error) {
>  		AA_ERROR("Unable to allocate work buffers\n");
> -		goto buffers_out;
> +		goto alloc_out;
>  	}
>  
>  	error = set_init_ctx();
> @@ -1759,7 +1817,6 @@ static int __init apparmor_init(void)
>  
>  buffers_out:
>  	destroy_buffers();
> -
>  alloc_out:
>  	aa_destroy_aafs();
>  	aa_teardown_dfa_engine();
> diff --git a/security/apparmor/mount.c b/security/apparmor/mount.c
> index 8c3787399356b..267a26fba14e1 100644
> --- a/security/apparmor/mount.c
> +++ b/security/apparmor/mount.c
> @@ -412,11 +412,13 @@ int aa_remount(struct aa_label *label, const struct path *path,
>  
>  	binary = path->dentry->d_sb->s_type->fs_flags & FS_BINARY_MOUNTDATA;
>  
> -	get_buffers(buffer);
> +	buffer = aa_get_buffer();
> +	if (!buffer)
> +		return -ENOMEM;
>  	error = fn_for_each_confined(label, profile,
>  			match_mnt(profile, path, buffer, NULL, NULL, NULL,
>  				  flags, data, binary));
> -	put_buffers(buffer);
> +	aa_put_buffer(buffer);
>  
>  	return error;
>  }
> @@ -441,11 +443,18 @@ int aa_bind_mount(struct aa_label *label, const struct path *path,
>  	if (error)
>  		return error;
>  
> -	get_buffers(buffer, old_buffer);
> +	buffer = aa_get_buffer();
> +	old_buffer = aa_get_buffer();
> +	error = -ENOMEM;
> +	if (!buffer || old_buffer)
> +		goto out;
> +
>  	error = fn_for_each_confined(label, profile,
>  			match_mnt(profile, path, buffer, &old_path, old_buffer,
>  				  NULL, flags, NULL, false));
> -	put_buffers(buffer, old_buffer);
> +out:
> +	aa_put_buffer(buffer);
> +	aa_put_buffer(old_buffer);
>  	path_put(&old_path);
>  
>  	return error;
> @@ -465,11 +474,13 @@ int aa_mount_change_type(struct aa_label *label, const struct path *path,
>  	flags &= (MS_REC | MS_SILENT | MS_SHARED | MS_PRIVATE | MS_SLAVE |
>  		  MS_UNBINDABLE);
>  
> -	get_buffers(buffer);
> +	buffer = aa_get_buffer();
> +	if (!buffer)
> +		return -ENOMEM;
>  	error = fn_for_each_confined(label, profile,
>  			match_mnt(profile, path, buffer, NULL, NULL, NULL,
>  				  flags, NULL, false));
> -	put_buffers(buffer);
> +	aa_put_buffer(buffer);
>  
>  	return error;
>  }
> @@ -492,11 +503,17 @@ int aa_move_mount(struct aa_label *label, const struct path *path,
>  	if (error)
>  		return error;
>  
> -	get_buffers(buffer, old_buffer);
> +	buffer = aa_get_buffer();
> +	old_buffer = aa_get_buffer();
> +	error = -ENOMEM;
> +	if (!buffer || !old_buffer)
> +		goto out;
>  	error = fn_for_each_confined(label, profile,
>  			match_mnt(profile, path, buffer, &old_path, old_buffer,
>  				  NULL, MS_MOVE, NULL, false));
> -	put_buffers(buffer, old_buffer);
> +out:
> +	aa_put_buffer(buffer);
> +	aa_put_buffer(old_buffer);
>  	path_put(&old_path);
>  
>  	return error;
> @@ -537,17 +554,29 @@ int aa_new_mount(struct aa_label *label, const char *dev_name,
>  		}
>  	}
>  
> -	get_buffers(buffer, dev_buffer);
> +	buffer = aa_get_buffer();
> +	if (!buffer) {
> +		error = -ENOMEM;
> +		goto out;
> +	}
>  	if (dev_path) {
>  		error = fn_for_each_confined(label, profile,
>  			match_mnt(profile, path, buffer, dev_path, dev_buffer,
>  				  type, flags, data, binary));
>  	} else {
> +		dev_buffer = aa_get_buffer();
> +		if (!dev_buffer) {
> +			error = -ENOMEM;
> +			goto out;
> +		}
>  		error = fn_for_each_confined(label, profile,
>  			match_mnt_path_str(profile, path, buffer, dev_name,
>  					   type, flags, data, binary, NULL));
>  	}
> -	put_buffers(buffer, dev_buffer);
> +
> +out:
> +	aa_put_buffer(buffer);
> +	aa_put_buffer(dev_buffer);
>  	if (dev_path)
>  		path_put(dev_path);
>  
> @@ -595,10 +624,13 @@ int aa_umount(struct aa_label *label, struct vfsmount *mnt, int flags)
>  	AA_BUG(!label);
>  	AA_BUG(!mnt);
>  
> -	get_buffers(buffer);
> +	buffer = aa_get_buffer();
> +	if (!buffer)
> +		return -ENOMEM;
> +
>  	error = fn_for_each_confined(label, profile,
>  			profile_umount(profile, &path, buffer));
> -	put_buffers(buffer);
> +	aa_put_buffer(buffer);
>  
>  	return error;
>  }
> @@ -671,7 +703,11 @@ int aa_pivotroot(struct aa_label *label, const struct path *old_path,
>  	AA_BUG(!old_path);
>  	AA_BUG(!new_path);
>  
> -	get_buffers(old_buffer, new_buffer);
> +	old_buffer = aa_get_buffer();
> +	new_buffer = aa_get_buffer();
> +	error = -ENOMEM;
> +	if (!old_buffer || !new_buffer)
> +		goto out;
>  	target = fn_label_build(label, profile, GFP_ATOMIC,
>  			build_pivotroot(profile, new_path, new_buffer,
>  					old_path, old_buffer));
> @@ -690,7 +726,8 @@ int aa_pivotroot(struct aa_label *label, const struct path *old_path,
>  		/* already audited error */
>  		error = PTR_ERR(target);
>  out:
> -	put_buffers(old_buffer, new_buffer);
> +	aa_put_buffer(old_buffer);
> +	aa_put_buffer(new_buffer);
>  
>  	return error;
>  
> 


^ permalink raw reply

* Re: [PATCH] apparmor: Force type-casting of current->real_cred
From: John Johansen @ 2019-05-07 19:53 UTC (permalink / raw)
  To: Bharath Vedartham, jmorris, serge; +Cc: linux-security-module, linux-kernel
In-Reply-To: <20190423165300.GA18837@bharath12345-Inspiron-5559>

On 4/23/19 9:53 AM, Bharath Vedartham wrote:
> This patch fixes the sparse warning:
> warning: cast removes address space '<asn:4>' of expression.
> 
> Signed-off-by: Bharath Vedartham <linux.bhar@gmail.com>


Acked-by: John Johansen <john.johansen@canonical.com>

I will pull this into my tree

> ---
>  security/apparmor/lsm.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index 87500bd..36478c4 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -1529,7 +1529,7 @@ static int param_set_mode(const char *val, const struct kernel_param *kp)
>   */
>  static int __init set_init_ctx(void)
>  {
> -	struct cred *cred = (struct cred *)current->real_cred;
> +	struct cred *cred = (__force struct cred *)current->real_cred;
>  
>  	set_cred_label(cred, aa_get_label(ns_unconfined(root_ns)));
>  
> 

Acked-by: John Johansen <john.johansen@canonical.com>


^ permalink raw reply

* [GIT PULL] SELinux patches for v5.2
From: Paul Moore @ 2019-05-07 17:23 UTC (permalink / raw)
  To: Linus Torvalds; +Cc: selinux, linux-security-module, linux-kernel

Hi Linus,

We've got a few SELinux patches for the v5.2 merge window, the
highlights are below:

- Add LSM hooks, and the SELinux implementation, for proper labeling
of kernfs.  While we are only including the SELinux implementation
here, the rest of the LSM folks have given the hooks a thumbs-up.

- Update the SELinux mdp (Make Dummy Policy) script to actually work
on a modern system.

- Disallow userspace to change the LSM credentials via /proc/self/attr
when the task's credentials are already overridden.  The change was
made in procfs because all the LSM folks agreed this was the Right
Thing To Do and duplicating it across each LSM was going to be
annoying.

As a FYI, you will likely run into a minor merge problem with
scripts/selinux/mdp.c due to patches sent up during the v5.1-rcX
cycle, but it is pretty trivial to resolve (just make sure the
kconfig.h include is included).  If you have any questions about the
merge, you know where to find us.

Please pull this for v5.2,
-Paul

--
The following changes since commit 9e98c678c2d6ae3a17cb2de55d17f69dddaa231b:

 Linux 5.1-rc1 (2019-03-17 14:22:26 -0700)

are available in the Git repository at:

 git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git
   tags/selinux-pr-20190507

for you to fetch changes up to 35a196bef449b5824033865b963ed9a43fb8c730:

 proc: prevent changes to overridden credentials (2019-04-29 09:51:21 -0400)

----------------------------------------------------------------
selinux/stable-5.2 PR 20190507

----------------------------------------------------------------
Arnd Bergmann (1):
     selinux: avoid uninitialized variable warning

Ondrej Mosnacek (10):
     kernfs: clean up struct kernfs_iattrs
     kernfs: do not alloc iattrs in kernfs_xattr_get
     selinux: try security xattr after genfs for kernfs filesystems
     kernfs: use simple_xattrs for security attributes
     LSM: add new hook for kernfs node initialization
     selinux: implement the kernfs_init_security hook
     kernfs: initialize security of newly created nodes
     LSM: lsm_hooks.h - fix missing colon in docstring
     selinux: remove useless assignments
     kernfs: fix xattr name handling in LSM helpers

Paul Moore (2):
     MAINTAINERS: update SELinux file patterns
     proc: prevent changes to overridden credentials

Paulo Alcantara (1):
     selinux: use kernel linux/socket.h for genheaders and mdp

Stephen Smalley (2):
     scripts/selinux: modernize mdp
     scripts/selinux: fix build

Tetsuo Handa (1):
     selinux: Check address length before reading address family

YueHaibing (1):
     selinux: Make selinux_kernfs_init_security static

MAINTAINERS                             |   2 +-
fs/kernfs/dir.c                         |  24 ++--
fs/kernfs/inode.c                       | 162 +++++++++--------------
fs/kernfs/kernfs-internal.h             |   8 +-
fs/kernfs/symlink.c                     |   4 +-
fs/proc/base.c                          |   5 +
include/linux/kernfs.h                  |  13 ++
include/linux/lsm_hooks.h               |  13 ++
include/linux/security.h                |   9 ++
scripts/selinux/genheaders/genheaders.c |   1 -
scripts/selinux/install_policy.sh       |  92 +++++++------
scripts/selinux/mdp/Makefile            |   2 +-
scripts/selinux/mdp/mdp.c               | 166 ++++++++++++++++++++----
security/security.c                     |   6 +
security/selinux/hooks.c                | 229 +++++++++++++++++++++----------
security/selinux/include/classmap.h     |   1 +
security/selinux/include/security.h     |   1 +
security/selinux/netlabel.c             |  14 +-
security/selinux/ss/services.c          |   7 +-
19 files changed, 488 insertions(+), 271 deletions(-)

-- 
paul moore
www.paul-moore.com

^ permalink raw reply

* Re: [GIT PULL] Security subsystem: general updates for v5.2
From: pr-tracker-bot @ 2019-05-07 17:20 UTC (permalink / raw)
  To: James Morris; +Cc: Linus Torvalds, linux-kernel, linux-security-module
In-Reply-To: <alpine.LRH.2.21.1905071333580.5714@namei.org>

The pull request you sent on Tue, 7 May 2019 13:35:39 +1000 (AEST):

> git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/78ee8b1b9b2fa1b51c51c42f3cffa0e12ad5f0ab

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.wiki.kernel.org/userdoc/prtracker

^ permalink raw reply

* Re: [PATCH] tomoyo: Don't emit WARNING: string while fuzzing testing.
From: Dmitry Vyukov @ 2019-05-07 16:49 UTC (permalink / raw)
  To: James Morris; +Cc: Tetsuo Handa, linux-security-module
In-Reply-To: <alpine.LRH.2.21.1905080244530.13589@namei.org>

From: James Morris <jmorris@namei.org>
Date: Tue, May 7, 2019 at 6:45 PM
To: Tetsuo Handa
Cc: <linux-security-module@vger.kernel.org>, Dmitry Vyukov

> On Tue, 7 May 2019, Tetsuo Handa wrote:
>
> > Commit cff0e6c3ec3e6230 ("tomoyo: Add a kernel config option for fuzzing
> > testing.") enabled the learning mode, and syzbot started crashing by
> > encountering this warning message. Disable this warning if built for
> > fuzzing testing; otherwise syzbot can't start fuzzing testing.
>
> syzbot crashed? Sounds like a bug in syzbot which should be fixed rather
> than this approach.

syzbot did not crash, it detected this as kernel crash.

> > Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> > Cc: Dmitry Vyukov <dvyukov@google.com>
> > ---
> >  security/tomoyo/util.c | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
> > index 0517cbd..52752e1 100644
> > --- a/security/tomoyo/util.c
> > +++ b/security/tomoyo/util.c
> > @@ -1076,8 +1076,10 @@ bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r)
> >               domain->flags[TOMOYO_DIF_QUOTA_WARNED] = true;
> >               /* r->granted = false; */
> >               tomoyo_write_log(r, "%s", tomoyo_dif[TOMOYO_DIF_QUOTA_WARNED]);
> > +#ifndef CONFIG_SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING
> >               pr_warn("WARNING: Domain '%s' has too many ACLs to hold. Stopped learning mode.\n",
> >                       domain->domainname->name);
> > +#endif
> >       }
> >       return false;
> >  }
> >
>
> --
> James Morris
> <jmorris@namei.org>
>

^ permalink raw reply


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox