Re: [PATCH 11/28] evm: Complete description of evm_inode_setattr()

From: Stefan Berger
Date: Mon Mar 06 2023 - 12:05:53 EST




On 3/3/23 13:18, Roberto Sassu wrote:
From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>

Add the description for missing parameters of evm_inode_setattr() to
avoid the warning arising with W=n compile option.

Fixes: 817b54aa45db ("evm: add evm_inode_setattr to prevent updating an invalid security.evm")
Fixes: c1632a0f1120 ("fs: port ->setattr() to pass mnt_idmap")
Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx>

Among the previous patches I think there were 2 fixes like this one you could possibly also split off.

Reviewed-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
---
security/integrity/evm/evm_main.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index 1155a58ae87..8b5c472f78b 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -798,7 +798,9 @@ static int evm_attr_change(struct mnt_idmap *idmap,
/**
* evm_inode_setattr - prevent updating an invalid EVM extended attribute
+ * @idmap: idmap of the mount
* @dentry: pointer to the affected dentry
+ * @attr: iattr structure containing the new file attributes
*
* Permit update of file attributes when files have a valid EVM signature,
* except in the case of them having an immutable portable signature.