提交 ea10c1ed 编写于 作者: G Guo Zihua 提交者: Zheng Zengkai

KABI: KABI reservation for IMA namespace

hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4REJ3
CVE: NA

---------------------------

KABI reservation for IMA namespace

reference: https://gitee.com/openeuler/kernel/issues/I49KW1Signed-off-by: NGuo Zihua <guozihua@huawei.com>
Reviewed-by: NXiu Jianfeng <xiujianfeng@huawei.com>
Reviewed-by: Nweiyang wang <wangweiyang2@huawei.com>
Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
上级 8f406326
...@@ -968,6 +968,8 @@ struct file { ...@@ -968,6 +968,8 @@ struct file {
struct address_space *f_mapping; struct address_space *f_mapping;
errseq_t f_wb_err; errseq_t f_wb_err;
errseq_t f_sb_err; /* for syncfs */ errseq_t f_sb_err; /* for syncfs */
KABI_RESERVE(1)
} __randomize_layout } __randomize_layout
__attribute__((aligned(4))); /* lest something weird decides that 2 is OK */ __attribute__((aligned(4))); /* lest something weird decides that 2 is OK */
......
...@@ -10,6 +10,7 @@ ...@@ -10,6 +10,7 @@
#include <linux/key.h> #include <linux/key.h>
#include <linux/errno.h> #include <linux/errno.h>
#include <linux/kabi.h>
#ifdef CONFIG_KEYS #ifdef CONFIG_KEYS
...@@ -55,6 +56,7 @@ struct key_match_data { ...@@ -55,6 +56,7 @@ struct key_match_data {
unsigned lookup_type; /* Type of lookup for this search. */ unsigned lookup_type; /* Type of lookup for this search. */
#define KEYRING_SEARCH_LOOKUP_DIRECT 0x0000 /* Direct lookup by description. */ #define KEYRING_SEARCH_LOOKUP_DIRECT 0x0000 /* Direct lookup by description. */
#define KEYRING_SEARCH_LOOKUP_ITERATE 0x0001 /* Iterative search. */ #define KEYRING_SEARCH_LOOKUP_ITERATE 0x0001 /* Iterative search. */
KABI_RESERVE(1)
}; };
/* /*
......
...@@ -20,6 +20,7 @@ ...@@ -20,6 +20,7 @@
#include <linux/assoc_array.h> #include <linux/assoc_array.h>
#include <linux/refcount.h> #include <linux/refcount.h>
#include <linux/time64.h> #include <linux/time64.h>
#include <linux/kabi.h>
#ifdef __KERNEL__ #ifdef __KERNEL__
#include <linux/uidgid.h> #include <linux/uidgid.h>
...@@ -272,6 +273,7 @@ struct key { ...@@ -272,6 +273,7 @@ struct key {
* restriction. * restriction.
*/ */
struct key_restriction *restrict_link; struct key_restriction *restrict_link;
KABI_RESERVE(1)
}; };
extern struct key *key_alloc(struct key_type *type, extern struct key *key_alloc(struct key_type *type,
......
...@@ -4,6 +4,7 @@ ...@@ -4,6 +4,7 @@
#include <linux/spinlock.h> #include <linux/spinlock.h>
#include <linux/sched.h> #include <linux/sched.h>
#include <linux/kabi.h>
struct mnt_namespace; struct mnt_namespace;
struct uts_namespace; struct uts_namespace;
...@@ -38,6 +39,14 @@ struct nsproxy { ...@@ -38,6 +39,14 @@ struct nsproxy {
struct time_namespace *time_ns; struct time_namespace *time_ns;
struct time_namespace *time_ns_for_children; struct time_namespace *time_ns_for_children;
struct cgroup_namespace *cgroup_ns; struct cgroup_namespace *cgroup_ns;
KABI_RESERVE(1)
KABI_RESERVE(2)
KABI_RESERVE(3)
KABI_RESERVE(4)
KABI_RESERVE(5)
KABI_RESERVE(6)
KABI_RESERVE(7)
KABI_RESERVE(8)
}; };
extern struct nsproxy init_nsproxy; extern struct nsproxy init_nsproxy;
......
...@@ -16,7 +16,7 @@ struct inode; ...@@ -16,7 +16,7 @@ struct inode;
struct proc_ns_operations { struct proc_ns_operations {
const char *name; const char *name;
const char *real_ns_name; const char *real_ns_name;
int type; u64 type;
struct ns_common *(*get)(struct task_struct *task); struct ns_common *(*get)(struct task_struct *task);
void (*put)(struct ns_common *ns); void (*put)(struct ns_common *ns);
int (*install)(struct nsset *nsset, struct ns_common *ns); int (*install)(struct nsset *nsset, struct ns_common *ns);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册