Re: [PATCH v4 5/9] rust: security: add abstraction for secctx
From: Trevor Gross
Date: Mon Feb 05 2024 - 22:05:16 EST
On Fri, Feb 2, 2024 at 5:57 AM Alice Ryhl <aliceryhl@xxxxxxxxxx> wrote:
>
> Adds an abstraction for viewing the string representation of a security
> context.
Adds -> add
> This is needed by Rust Binder because it has feature where a process can
has feature -> has a feature
> view the string representation of the security context for incoming
> transactions. The process can use that to authenticate incoming
> transactions, and since the feature is provided by the kernel, the
> process can trust that the security context is legitimate.
>
> Reviewed-by: Benno Lossin <benno.lossin@xxxxxxxxx>
> Signed-off-by: Alice Ryhl <aliceryhl@xxxxxxxxxx>
> ---
> [...]
> diff --git a/rust/kernel/cred.rs b/rust/kernel/cred.rs
> index fabc50e48c9e..0640356a8c29 100644
> --- a/rust/kernel/cred.rs
> +++ b/rust/kernel/cred.rs
> @@ -48,6 +48,14 @@ pub unsafe fn from_ptr<'a>(ptr: *const bindings::cred) -> &'a Credential {
> unsafe { &*ptr.cast() }
> }
>
> + /// Get the id for this security context.
> + pub fn get_secid(&self) -> u32 {
Since this is used in multiple places, would a typedef be useful?
type SecurityId = u32;
> [...]
Reviewed-by: Trevor Gross <tmgross@xxxxxxxxx>