tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

landlock: Fix formatting in tsync.c

Fix comment formatting in tsync.c to fit in 80 columns.

Cc: Günther Noack <gnoack@google.com>
Reviewed-by: Günther Noack <gnoack3000@gmail.com>
Link: https://lore.kernel.org/r/20260304193134.250495-4-mic@digikod.net
Signed-off-by: Mickaël Salaün <mic@digikod.net>

Mickaël Salaün aba1de96 fa20aeb9

+58 -49
+58 -49
security/landlock/tsync.c
··· 85 85 /* 86 86 * Switch out old_cred with new_cred, if possible. 87 87 * 88 - * In the common case, where all threads initially point to the same 89 - * struct cred, this optimization avoids creating separate redundant 90 - * credentials objects for each, which would all have the same contents. 88 + * In the common case, where all threads initially point to the 89 + * same struct cred, this optimization avoids creating separate 90 + * redundant credentials objects for each, which would all have 91 + * the same contents. 91 92 * 92 - * Note: We are intentionally dropping the const qualifier here, because 93 - * it is required by commit_creds() and abort_creds(). 93 + * Note: We are intentionally dropping the const qualifier 94 + * here, because it is required by commit_creds() and 95 + * abort_creds(). 94 96 */ 95 97 cred = (struct cred *)get_cred(ctx->new_cred); 96 98 } else { ··· 103 101 atomic_set(&ctx->preparation_error, -ENOMEM); 104 102 105 103 /* 106 - * Even on error, we need to adhere to the protocol and coordinate 107 - * with concurrently running invocations. 104 + * Even on error, we need to adhere to the protocol and 105 + * coordinate with concurrently running invocations. 108 106 */ 109 107 if (atomic_dec_return(&ctx->num_preparing) == 0) 110 108 complete_all(&ctx->all_prepared); ··· 137 135 } 138 136 139 137 /* 140 - * Make sure that all sibling tasks fulfill the no_new_privs prerequisite. 141 - * (This is in line with Seccomp's SECCOMP_FILTER_FLAG_TSYNC logic in 142 - * kernel/seccomp.c) 138 + * Make sure that all sibling tasks fulfill the no_new_privs 139 + * prerequisite. (This is in line with Seccomp's 140 + * SECCOMP_FILTER_FLAG_TSYNC logic in kernel/seccomp.c) 143 141 */ 144 142 if (ctx->set_no_new_privs) 145 143 task_set_no_new_privs(current); ··· 223 221 ctx = s->works[s->size - 1]; 224 222 225 223 /* 226 - * For consistency, remove the task from ctx so that it does not look like 227 - * we handed it a task_work. 224 + * For consistency, remove the task from ctx so that it does not look 225 + * like we handed it a task_work. 228 226 */ 229 227 put_task_struct(ctx->task); 230 228 *ctx = (typeof(*ctx)){}; 231 229 232 230 /* 233 - * Cancel the tsync_works_provide() change to recycle the reserved memory 234 - * for the next thread, if any. This also ensures that cancel_tsync_works() 235 - * and tsync_works_release() do not see any NULL task pointers. 231 + * Cancel the tsync_works_provide() change to recycle the reserved 232 + * memory for the next thread, if any. This also ensures that 233 + * cancel_tsync_works() and tsync_works_release() do not see any NULL 234 + * task pointers. 236 235 */ 237 236 s->size--; 238 237 } ··· 391 388 continue; 392 389 393 390 /* 394 - * We found a sibling thread that is not doing its task_work yet, and 395 - * which might spawn new threads before our task work runs, so we need 396 - * at least one more round in the outer loop. 391 + * We found a sibling thread that is not doing its task_work 392 + * yet, and which might spawn new threads before our task work 393 + * runs, so we need at least one more round in the outer loop. 397 394 */ 398 395 found_more_threads = true; 399 396 400 397 ctx = tsync_works_provide(works, thread); 401 398 if (!ctx) { 402 399 /* 403 - * We ran out of preallocated contexts -- we need to try again with 404 - * this thread at a later time! 400 + * We ran out of preallocated contexts -- we need to 401 + * try again with this thread at a later time! 405 402 * found_more_threads is already true at this point. 406 403 */ 407 404 break; ··· 416 413 err = task_work_add(thread, &ctx->work, TWA_SIGNAL); 417 414 if (unlikely(err)) { 418 415 /* 419 - * task_work_add() only fails if the task is about to exit. We 420 - * checked that earlier, but it can happen as a race. Resume 421 - * without setting an error, as the task is probably gone in the 422 - * next loop iteration. 416 + * task_work_add() only fails if the task is about to 417 + * exit. We checked that earlier, but it can happen as 418 + * a race. Resume without setting an error, as the 419 + * task is probably gone in the next loop iteration. 423 420 */ 424 421 tsync_works_trim(works); 425 422 ··· 510 507 * After this barrier is reached, it's safe to read 511 508 * shared_ctx.preparation_error. 512 509 * 513 - * 4) reads shared_ctx.preparation_error and then either does commit_creds() 514 - * or abort_creds(). 510 + * 4) reads shared_ctx.preparation_error and then either does 511 + * commit_creds() or abort_creds(). 515 512 * 516 513 * 5) signals that it's done altogether (barrier synchronization 517 514 * "all_finished") 518 515 * 519 - * Unlike seccomp, which modifies sibling tasks directly, we do not need to 520 - * acquire the cred_guard_mutex and sighand->siglock: 516 + * Unlike seccomp, which modifies sibling tasks directly, we do not 517 + * need to acquire the cred_guard_mutex and sighand->siglock: 521 518 * 522 - * - As in our case, all threads are themselves exchanging their own struct 523 - * cred through the credentials API, no locks are needed for that. 519 + * - As in our case, all threads are themselves exchanging their own 520 + * struct cred through the credentials API, no locks are needed for 521 + * that. 524 522 * - Our for_each_thread() loops are protected by RCU. 525 - * - We do not acquire a lock to keep the list of sibling threads stable 526 - * between our for_each_thread loops. If the list of available sibling 527 - * threads changes between these for_each_thread loops, we make up for 528 - * that by continuing to look for threads until they are all discovered 529 - * and have entered their task_work, where they are unable to spawn new 530 - * threads. 523 + * - We do not acquire a lock to keep the list of sibling threads 524 + * stable between our for_each_thread loops. If the list of 525 + * available sibling threads changes between these for_each_thread 526 + * loops, we make up for that by continuing to look for threads until 527 + * they are all discovered and have entered their task_work, where 528 + * they are unable to spawn new threads. 531 529 */ 532 530 do { 533 531 /* In RCU read-lock, count the threads we need. */ ··· 545 541 } 546 542 547 543 /* 548 - * The "all_prepared" barrier is used locally to the loop body, this use 549 - * of for_each_thread(). We can reset it on each loop iteration because 550 - * all previous loop iterations are done with it already. 544 + * The "all_prepared" barrier is used locally to the loop body, 545 + * this use of for_each_thread(). We can reset it on each loop 546 + * iteration because all previous loop iterations are done with 547 + * it already. 551 548 * 552 - * num_preparing is initialized to 1 so that the counter can not go to 0 553 - * and mark the completion as done before all task works are registered. 554 - * We decrement it at the end of the loop body. 549 + * num_preparing is initialized to 1 so that the counter can 550 + * not go to 0 and mark the completion as done before all task 551 + * works are registered. We decrement it at the end of the 552 + * loop body. 555 553 */ 556 554 atomic_set(&shared_ctx.num_preparing, 1); 557 555 reinit_completion(&shared_ctx.all_prepared); 558 556 559 557 /* 560 - * In RCU read-lock, schedule task work on newly discovered sibling 561 - * tasks. 558 + * In RCU read-lock, schedule task work on newly discovered 559 + * sibling tasks. 562 560 */ 563 561 found_more_threads = schedule_task_work(&works, &shared_ctx); 564 562 565 563 /* 566 - * Decrement num_preparing for current, to undo that we initialized it 567 - * to 1 a few lines above. 564 + * Decrement num_preparing for current, to undo that we 565 + * initialized it to 1 a few lines above. 568 566 */ 569 567 if (atomic_dec_return(&shared_ctx.num_preparing) > 0) { 570 568 if (wait_for_completion_interruptible( 571 569 &shared_ctx.all_prepared)) { 572 - /* In case of interruption, we need to retry the system call. */ 570 + /* 571 + * In case of interruption, we need to retry 572 + * the system call. 573 + */ 573 574 atomic_set(&shared_ctx.preparation_error, 574 575 -ERESTARTNOINTR); 575 576 ··· 607 598 complete_all(&shared_ctx.ready_to_commit); 608 599 609 600 /* 610 - * Decrement num_unfinished for current, to undo that we initialized it to 1 611 - * at the beginning. 601 + * Decrement num_unfinished for current, to undo that we initialized it 602 + * to 1 at the beginning. 612 603 */ 613 604 if (atomic_dec_return(&shared_ctx.num_unfinished) > 0) 614 605 wait_for_completion(&shared_ctx.all_finished);