From ea10c1ed6ff84678053dc67f6649b9cf44aad087 Mon Sep 17 00:00:00 2001
From: Guo Zihua <guozihua@huawei.com>
Date: Sat, 29 Jan 2022 00:22:57 +0800
Subject: [PATCH] KABI: KABI reservation for IMA namespace

hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4REJ3
CVE: NA

---------------------------

KABI reservation for IMA namespace

reference: https://gitee.com/openeuler/kernel/issues/I49KW1

Signed-off-by: Guo Zihua <guozihua@huawei.com>
Reviewed-by: Xiu Jianfeng <xiujianfeng@huawei.com>
Reviewed-by: weiyang wang <wangweiyang2@huawei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai@huawei.com>
---
 include/linux/fs.h       | 2 ++
 include/linux/key-type.h | 2 ++
 include/linux/key.h      | 2 ++
 include/linux/nsproxy.h  | 9 +++++++++
 include/linux/proc_ns.h  | 2 +-
 5 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/include/linux/fs.h b/include/linux/fs.h
index b7f96c3c52ac..db632747781a 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -968,6 +968,8 @@ struct file {
 	struct address_space	*f_mapping;
 	errseq_t		f_wb_err;
 	errseq_t		f_sb_err; /* for syncfs */
+
+	KABI_RESERVE(1)
 } __randomize_layout
   __attribute__((aligned(4)));	/* lest something weird decides that 2 is OK */
 
diff --git a/include/linux/key-type.h b/include/linux/key-type.h
index 2ab2d6d6aeab..9a595cc831ea 100644
--- a/include/linux/key-type.h
+++ b/include/linux/key-type.h
@@ -10,6 +10,7 @@
 
 #include <linux/key.h>
 #include <linux/errno.h>
+#include <linux/kabi.h>
 
 #ifdef CONFIG_KEYS
 
@@ -55,6 +56,7 @@ struct key_match_data {
 	unsigned	lookup_type;	/* Type of lookup for this search. */
 #define KEYRING_SEARCH_LOOKUP_DIRECT	0x0000	/* Direct lookup by description. */
 #define KEYRING_SEARCH_LOOKUP_ITERATE	0x0001	/* Iterative search. */
+	KABI_RESERVE(1)
 };
 
 /*
diff --git a/include/linux/key.h b/include/linux/key.h
index eed3ce139a32..6657ca910034 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -20,6 +20,7 @@
 #include <linux/assoc_array.h>
 #include <linux/refcount.h>
 #include <linux/time64.h>
+#include <linux/kabi.h>
 
 #ifdef __KERNEL__
 #include <linux/uidgid.h>
@@ -272,6 +273,7 @@ struct key {
 	 * restriction.
 	 */
 	struct key_restriction *restrict_link;
+	KABI_RESERVE(1)
 };
 
 extern struct key *key_alloc(struct key_type *type,
diff --git a/include/linux/nsproxy.h b/include/linux/nsproxy.h
index cdb171efc7cb..be2d42c27780 100644
--- a/include/linux/nsproxy.h
+++ b/include/linux/nsproxy.h
@@ -4,6 +4,7 @@
 
 #include <linux/spinlock.h>
 #include <linux/sched.h>
+#include <linux/kabi.h>
 
 struct mnt_namespace;
 struct uts_namespace;
@@ -38,6 +39,14 @@ struct nsproxy {
 	struct time_namespace *time_ns;
 	struct time_namespace *time_ns_for_children;
 	struct cgroup_namespace *cgroup_ns;
+	KABI_RESERVE(1)
+	KABI_RESERVE(2)
+	KABI_RESERVE(3)
+	KABI_RESERVE(4)
+	KABI_RESERVE(5)
+	KABI_RESERVE(6)
+	KABI_RESERVE(7)
+	KABI_RESERVE(8)
 };
 extern struct nsproxy init_nsproxy;
 
diff --git a/include/linux/proc_ns.h b/include/linux/proc_ns.h
index 75807ecef880..81e99aa97cd7 100644
--- a/include/linux/proc_ns.h
+++ b/include/linux/proc_ns.h
@@ -16,7 +16,7 @@ struct inode;
 struct proc_ns_operations {
 	const char *name;
 	const char *real_ns_name;
-	int type;
+	u64 type;
 	struct ns_common *(*get)(struct task_struct *task);
 	void (*put)(struct ns_common *ns);
 	int (*install)(struct nsset *nsset, struct ns_common *ns);
-- 
GitLab