[apparmor] [PATCH 4/6] parser: Clean up the use of MS_REC in mount.h
John Johansen
john.johansen at canonical.com
Fri Dec 12 11:21:36 UTC 2014
On 12/11/2014 04:49 PM, Tyler Hicks wrote:
> This patch restricts MS_REC to only be used while defining the MS_RBIND,
> MS_RUNBINDABLE, MS_RPRIVATE, MS_RSLAVE, and MS_RSHARED macros.
>
> The MS_R* macros are simply an OR of the corresponding non-recursive
> macro and MS_REC:
>
> #define MS_RBIND (MS_BIND | MS_REC)
>
> Previously, a shortcut was taken when needing to specify the
> non-recursive and recursive macros:
>
> (MS_BIND | MS_UNBINDABLE | MS_PRIVATE | MS_SLAVE | MS_SHARED | MS_REC)
>
> By using MS_REC above, it is not immediately clear that
> MS_R{BIND,UNBINDABLE,PRIVATE,SLAVE,SHARED} are also included.
>
> By restricting the use of MS_REC, this patch improves readability by
> forcing the use of the MS_R{BIND,UNBINDABLE,PRIVATE,SLAVE,SHARED} macros
> instead of relying on the MS_REC shortcut.
>
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
Acked-by: John Johansen <john.johansen at canonical.com>
> ---
> parser/mount.h | 31 +++++++++++++++++++------------
> 1 file changed, 19 insertions(+), 12 deletions(-)
>
> diff --git a/parser/mount.h b/parser/mount.h
> index fd49ed2..b435260 100644
> --- a/parser/mount.h
> +++ b/parser/mount.h
> @@ -64,19 +64,23 @@
> #define MS_NOUSER (1 << 31)
> #define MS_USER 0
>
> -#define MS_ALL_FLAGS (MS_RDONLY | MS_NOSUID | MS_NODEV | MS_NOEXEC | \
> - MS_SYNC | MS_REMOUNT | MS_MAND | MS_DIRSYNC | \
> - MS_NOATIME | MS_NODIRATIME | MS_BIND | MS_MOVE | \
> - MS_REC | MS_VERBOSE | MS_ACL | MS_UNBINDABLE | \
> - MS_PRIVATE | MS_SLAVE | MS_SHARED | MS_RELATIME | \
> - MS_IVERSION | MS_STRICTATIME | MS_USER)
> -
> +/* Only use MS_REC when defining these macros. Please use the macros from here
> + * on and don't make assumptions about the presence of MS_REC. */
> #define MS_RBIND (MS_BIND | MS_REC)
> #define MS_RUNBINDABLE (MS_UNBINDABLE | MS_REC)
> #define MS_RPRIVATE (MS_PRIVATE | MS_REC)
> #define MS_RSLAVE (MS_SLAVE | MS_REC)
> #define MS_RSHARED (MS_SHARED | MS_REC)
>
> +#define MS_ALL_FLAGS (MS_RDONLY | MS_NOSUID | MS_NODEV | MS_NOEXEC | \
> + MS_SYNC | MS_REMOUNT | MS_MAND | MS_DIRSYNC | \
> + MS_NOATIME | MS_NODIRATIME | MS_BIND | MS_RBIND | \
> + MS_MOVE | MS_VERBOSE | MS_ACL | \
> + MS_UNBINDABLE | MS_RUNBINDABLE | \
> + MS_PRIVATE | MS_RPRIVATE | \
> + MS_SLAVE | MS_RSLAVE | MS_SHARED | MS_RSHARED | \
> + MS_RELATIME | MS_IVERSION | MS_STRICTATIME | MS_USER)
> +
> /* set of flags we don't use but define (but not with the kernel values)
> * for MNT_FLAGS
> */
> @@ -89,13 +93,16 @@
> MS_BORN | MS_NOATIME | MS_NODIRATIME | MS_RELATIME| \
> MS_KERNMOUNT | MS_STRICTATIME)
>
> -#define MS_BIND_FLAGS (MS_BIND | MS_REC)
> -#define MS_MAKE_FLAGS ((MS_UNBINDABLE | MS_PRIVATE | MS_SLAVE | MS_SHARED | \
> - MS_REC) | (MS_ALL_FLAGS & ~(MNT_FLAGS)))
> +#define MS_BIND_FLAGS (MS_BIND | MS_RBIND)
> +#define MS_MAKE_FLAGS ((MS_UNBINDABLE | MS_RUNBINDABLE | \
> + MS_PRIVATE | MS_RPRIVATE | \
> + MS_SLAVE | MS_RSLAVE | MS_SHARED | MS_RSHARED) | \
> + (MS_ALL_FLAGS & ~(MNT_FLAGS)))
> #define MS_MOVE_FLAGS (MS_MOVE)
>
> -#define MS_CMDS (MS_MOVE | MS_REMOUNT | MS_BIND | MS_PRIVATE | MS_SLAVE | \
> - MS_SHARED | MS_UNBINDABLE | MS_REC)
> +#define MS_CMDS (MS_MOVE | MS_REMOUNT | MS_BIND | MS_RBIND | \
> + MS_UNBINDABLE | MS_RUNBINDABLE | MS_PRIVATE | MS_RPRIVATE | \
> + MS_SLAVE | MS_RSLAVE | MS_SHARED | MS_RSHARED)
> #define MS_REMOUNT_FLAGS (MS_ALL_FLAGS & ~(MS_CMDS & ~MS_REMOUNT))
>
> #define MNT_SRC_OPT 1
>
More information about the AppArmor
mailing list