b3fb80bdc6
GKI (arm64) relevant 48 out of 271 changes, affecting 92 files +576/-2235b414ed3bbRevert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" [1 file, +2/-2]48a934fc47Revert "mm/page_alloc.c: don't show protection in zone's ->lowmem_reserve[] for empty zone" [1 file, +1/-2]88310caff6Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() [1 file, +2/-0]7841180342Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() [1 file, +3/-0]2d448dbd47userfaultfd: do not block on locking a large folio with raised refcount [1 file, +16/-1]f57e89c1cbblock: fix conversion of GPT partition name to 7-bit [1 file, +1/-1]9426f38372mm/page_alloc: fix uninitialized variable [1 file, +1/-0]79636d2981mm: abort vma_modify() on merge out of memory failure [1 file, +8/-4]605f53f13bmm: don't skip arch_sync_kernel_mappings() in error paths [2 files, +6/-4]9ed33c7bacmm: fix finish_fault() handling for large folios [1 file, +10/-5]576a2f4c43hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio [1 file, +4/-1]2e66d69941mm: memory-hotplug: check folio ref count first in do_migrate_range [1 file, +7/-13]3c63fb6ef7nvme-pci: use sgls for all user requests if possible [2 files, +13/-4]9dedafd86envme-ioctl: fix leaked requests on mapping error [1 file, +8/-4]084819b0d8net: gso: fix ownership in __udp_gso_segment [1 file, +6/-2]1688acf477perf/core: Fix pmus_lock vs. pmus_srcu ordering [1 file, +2/-2]a899adf706HID: hid-steam: Fix use-after-free when detaching device [1 file, +1/-1]8aa8a40c76ppp: Fix KMSAN uninit-value warning with bpf [1 file, +19/-9]b71cd95764ethtool: linkstate: migrate linkstate functions to support multi-PHY setups [1 file, +15/-8]9c1d09cdbcnet: ethtool: plumb PHY stats to PHY drivers [7 files, +167/-2]639c703529net: ethtool: netlink: Allow NULL nlattrs when getting a phy_device [9 files, +19/-18]30e8aee778vlan: enforce underlying device type [1 file, +2/-1]5d609f0d2fexfat: fix just enough dentries but allocate a new cluster to dir [1 file, +1/-1]c897b8ec46exfat: fix soft lockup in exfat_clear_bitmap [3 files, +16/-7]611015122dexfat: short-circuit zero-byte writes in exfat_file_write_iter [1 file, +1/-1]2b484789e9net-timestamp: support TCP GSO case for a few missing flags [1 file, +7/-4]b08e290324ublk: set_params: properly check if parameters can be applied [1 file, +5/-2]b5741e4b9esched/fair: Fix potential memory corruption in child_cfs_rq_on_list [1 file, +4/-2]39c2b2767exhci: Restrict USB4 tunnel detection for USB3 devices to Intel hosts [1 file, +8/-0]4ea3319f3eusb: hub: lack of clearing xHC resources [1 file, +33/-0]0cab185c73usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader [1 file, +4/-0]079a3e52f3usb: typec: ucsi: Fix NULL pointer access [1 file, +7/-6]840afbea3fusb: gadget: u_ether: Set is_suspend flag if remote wakeup fails [1 file, +2/-2]ced69d88ebusb: dwc3: Set SUSPENDENABLE soon after phy init [3 files, +45/-30]35db1f1829usb: dwc3: gadget: Prevent irq storm when TH re-executes [2 files, +13/-13]b387312527usb: typec: ucsi: increase timeout for PPM reset operations [1 file, +1/-1]4bf6c57a89usb: gadget: Set self-powered based on MaxPower and bmAttributes [1 file, +11/-5]dcd7ffdefbusb: gadget: Fix setting self-powered state on suspend [1 file, +2/-1]395011ee82usb: gadget: Check bmAttributes only if configuration is valid [1 file, +1/-1]012b98cdb5acpi: typec: ucsi: Introduce a ->poll_cci method [7 files, +25/-12]d7015bb3c5xhci: pci: Fix indentation in the PCI device ID definitions [1 file, +4/-4]ea39f99864usb: xhci: Enable the TRB overfetch quirk on VIA VL805 [3 files, +10/-5]4e8df56636char: misc: deallocate static minor in error path [1 file, +1/-1]b50e18791fdrivers: core: fix device leak in __fw_devlink_relax_cycles() [1 file, +1/-0]a684bad77emm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() [16 files, +46/-28]6ad9643aa5fs/netfs/read_pgpriv2: skip folio queues without `marks3` [1 file, +3/-2]5bc6e5b10ffs/netfs/read_collect: fix crash due to uninitialized `prev` variable [1 file, +11/-10]86b7ebddabuprobes: Fix race in uprobe_free_utask [1 file, +1/-1] Changes in 6.12.19 x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() rust: block: fix formatting in GenDisk doc drm/i915/dsi: convert to struct intel_display drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro gpio: vf610: use generic device_get_match_data() gpio: vf610: add locking to gpio direction functions cifs: Remove symlink member from cifs_open_info_data union smb311: failure to open files of length 1040 when mounting with SMB3.1.1 POSIX extensions btrfs: fix data overwriting bug during buffered write when block size < page size x86/microcode/AMD: Add some forgotten models to the SHA check loongarch: Use ASM_REACHABLE rust: workqueue: remove unneeded ``#[allow(clippy::new_ret_no_self)]` rust: sort global Rust flags rust: types: avoid repetition in `{As,From}Bytes` impls rust: enable `clippy::undocumented_unsafe_blocks` lint rust: enable `clippy::unnecessary_safety_comment` lint rust: enable `clippy::unnecessary_safety_doc` lint rust: enable `clippy::ignored_unit_patterns` lint rust: enable `rustdoc::unescaped_backticks` lint rust: init: remove unneeded `#[allow(clippy::disallowed_names)]` rust: sync: remove unneeded `#[allow(clippy::non_send_fields_in_send_ty)]` rust: introduce `.clippy.toml` rust: replace `clippy::dbg_macro` with `disallowed_macros` rust: provide proper code documentation titles rust: enable Clippy's `check-private-items` Documentation: rust: add coding guidelines on lints rust: start using the `#[expect(...)]` attribute Documentation: rust: discuss `#[expect(...)]` in the guidelines rust: error: make conversion functions public rust: error: optimize error type to use nonzero rust: alloc: add `Allocator` trait rust: alloc: separate `aligned_size` from `krealloc_aligned` rust: alloc: rename `KernelAllocator` to `Kmalloc` rust: alloc: implement `ReallocFunc` rust: alloc: make `allocator` module public rust: alloc: implement `Allocator` for `Kmalloc` rust: alloc: add module `allocator_test` rust: alloc: implement `Vmalloc` allocator rust: alloc: implement `KVmalloc` allocator rust: alloc: add __GFP_NOWARN to `Flags` rust: alloc: implement kernel `Box` rust: treewide: switch to our kernel `Box` type rust: alloc: remove extension of std's `Box` rust: alloc: add `Box` to prelude rust: alloc: introduce `ArrayLayout` rust: alloc: implement kernel `Vec` type rust: alloc: implement `IntoIterator` for `Vec` rust: alloc: implement `collect` for `IntoIter` rust: treewide: switch to the kernel `Vec` type rust: alloc: remove `VecExt` extension rust: alloc: add `Vec` to prelude rust: error: use `core::alloc::LayoutError` rust: error: check for config `test` in `Error::name` rust: alloc: implement `contains` for `Flags` rust: alloc: implement `Cmalloc` in module allocator_test rust: str: test: replace `alloc::format` rust: alloc: update module comment of alloc.rs kbuild: rust: remove the `alloc` crate and `GlobalAlloc` MAINTAINERS: add entry for the Rust `alloc` module drm/panic: avoid reimplementing Iterator::find drm/panic: remove unnecessary borrow in alignment_pattern drm/panic: prefer eliding lifetimes drm/panic: remove redundant field when assigning value drm/panic: correctly indent continuation of line in list item drm/panic: allow verbose boolean for clarity drm/panic: allow verbose version check rust: kbuild: expand rusttest target for macros rust: fix size_t in bindgen prototypes of C builtins rust: map `__kernel_size_t` and friends also to usize/isize rust: use custom FFI integer types rust: alloc: Fix `ArrayLayout` allocations Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" tracing: tprobe-events: Fix a memory leak when tprobe with $retval tracing: tprobe-events: Reject invalid tracepoint name stmmac: loongson: Pass correct arg to PCI function LoongArch: Convert unreachable() to BUG() LoongArch: Use polling play_dead() when resuming from hibernation LoongArch: Set max_pfn with the PFN of the last page LoongArch: KVM: Add interrupt checking for AVEC LoongArch: KVM: Reload guest CSR registers after sleep LoongArch: KVM: Fix GPA size issue about VM HID: appleir: Fix potential NULL dereference at raw event handle ksmbd: fix type confusion via race condition when using ipc_msg_send_request ksmbd: fix out-of-bounds in parse_sec_desc() ksmbd: fix use-after-free in smb2_lock ksmbd: fix bug on trap in smb2_lock gpio: rcar: Use raw_spinlock to protect register access gpio: aggregator: protect driver attr handlers against module unload ALSA: seq: Avoid module auto-load handling at event delivery ALSA: hda: intel: Add Dell ALC3271 to power_save denylist ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform ALSA: hda/realtek: update ALC222 depop optimize btrfs: fix a leaked chunk map issue in read_one_chunk() hwmon: (peci/dimmtemp) Do not provide fake thresholds data drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params drm/amdkfd: Fix NULL Pointer Dereference in KFD queue drm/amd/pm: always allow ih interrupt from fw drm/imagination: avoid deadlock on fence release drm/imagination: Hold drm_gem_gpuva lock for unmap drm/imagination: only init job done fences once drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M Revert "mm/page_alloc.c: don't show protection in zone's ->lowmem_reserve[] for empty zone" Revert "selftests/mm: remove local __NR_* definitions" platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e x86/boot: Sanitize boot params before parsing command line x86/cacheinfo: Validate CPUID leaf 0x2 EDX output x86/cpu: Validate CPUID leaf 0x2 EDX output x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63 drm/xe: Add staging tree for VM binds drm/xe/hmm: Style- and include fixes drm/xe/hmm: Don't dereference struct page pointers without notifier lock drm/xe/vm: Fix a misplaced #endif drm/xe/vm: Validate userptr during gpu vma prefetching mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr drm/xe: Fix GT "for each engine" workarounds drm/xe: Fix fault mode invalidation with unbind drm/xe/userptr: properly setup pfn_flags_mask drm/xe/userptr: Unmap userptrs in the mmu notifier Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() wifi: cfg80211: regulatory: improve invalid hints checking wifi: nl80211: reject cooked mode if it is set along with other flags selftests/damon/damos_quota_goal: handle minimum quota that cannot be further reduced selftests/damon/damos_quota: make real expectation of quota exceeds selftests/damon/damon_nr_regions: set ops update for merge results check to 100ms selftests/damon/damon_nr_regions: sort collected regiosn before checking with min/max boundaries rapidio: add check for rio_add_net() in rio_scan_alloc_net() rapidio: fix an API misues when rio_add_net() fails dma: kmsan: export kmsan_handle_dma() for modules s390/traps: Fix test_monitor_call() inline assembly NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback userfaultfd: do not block on locking a large folio with raised refcount block: fix conversion of GPT partition name to 7-bit mm/page_alloc: fix uninitialized variable mm: abort vma_modify() on merge out of memory failure mm: memory-failure: update ttu flag inside unmap_poisoned_folio mm: don't skip arch_sync_kernel_mappings() in error paths mm: fix finish_fault() handling for large folios hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio mm: memory-hotplug: check folio ref count first in do_migrate_range wifi: iwlwifi: mvm: clean up ROC on failure wifi: iwlwifi: mvm: don't try to talk to a dead firmware wifi: iwlwifi: limit printed string from FW file wifi: iwlwifi: Free pages allocated when failing to build A-MSDU wifi: iwlwifi: Fix A-MSDU TSO preparation HID: google: fix unused variable warning under !CONFIG_ACPI HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() coredump: Only sort VMAs when core_sort_vma sysctl is set nvme-pci: add support for sgl metadata nvme-pci: use sgls for all user requests if possible nvme-ioctl: fix leaked requests on mapping error wifi: mac80211: Support parsing EPCS ML element wifi: mac80211: fix MLE non-inheritance parsing wifi: mac80211: fix vendor-specific inheritance drm/fbdev-helper: Move color-mode lookup into 4CC format helper drm/fbdev: Add memory-agnostic fbdev client drm: Add client-agnostic setup helper drm/fbdev-ttm: Support struct drm_driver.fbdev_probe drm/nouveau: Run DRM default client setup drm/nouveau: select FW caching bluetooth: btusb: Initialize .owner field of force_poll_sync_fops nvme-tcp: add basic support for the C2HTermReq PDU nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch ALSA: hda/realtek: Remove (revert) duplicate Ally X config net: gso: fix ownership in __udp_gso_segment caif_virtio: fix wrong pointer check in cfv_probe() perf/core: Fix pmus_lock vs. pmus_srcu ordering hwmon: (pmbus) Initialise page count in pmbus_identify() hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table hwmon: (ad7314) Validate leading zero bits and return error tracing: probe-events: Remove unused MAX_ARG_BUF_LEN macro drm/imagination: Fix timestamps in firmware traces ALSA: usx2y: validate nrpacks module parameter on probe llc: do not use skb_get() before dev_queue_xmit() hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() drm/sched: Fix preprocessor guard be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error drm/i915/color: Extract intel_color_modeset() drm/i915: Plumb 'dsb' all way to the plane hooks drm/xe: Remove double pageflip HID: hid-steam: Fix use-after-free when detaching device net: ipa: Fix v4.7 resource group names net: ipa: Fix QSB data for v4.7 net: ipa: Enable checksum for IPA_ENDPOINT_AP_MODEM_{RX,TX} for v4.7 ppp: Fix KMSAN uninit-value warning with bpf ethtool: linkstate: migrate linkstate functions to support multi-PHY setups net: ethtool: plumb PHY stats to PHY drivers net: ethtool: netlink: Allow NULL nlattrs when getting a phy_device vlan: enforce underlying device type x86/sgx: Fix size overflows in sgx_encl_create() exfat: fix just enough dentries but allocate a new cluster to dir exfat: fix soft lockup in exfat_clear_bitmap exfat: short-circuit zero-byte writes in exfat_file_write_iter net-timestamp: support TCP GSO case for a few missing flags ublk: set_params: properly check if parameters can be applied sched/fair: Fix potential memory corruption in child_cfs_rq_on_list nvme-tcp: fix signedness bug in nvme_tcp_init_connection() net: dsa: mt7530: Fix traffic flooding for MMIO devices mctp i3c: handle NULL header address net: ipv6: fix dst ref loop in ila lwtunnel net: ipv6: fix missing dst ref drop in ila lwtunnel gpio: rcar: Fix missing of_node_put() call Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" usb: renesas_usbhs: Call clk_put() xhci: Restrict USB4 tunnel detection for USB3 devices to Intel hosts usb: renesas_usbhs: Use devm_usb_get_phy() usb: hub: lack of clearing xHC resources usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader usb: typec: ucsi: Fix NULL pointer access usb: renesas_usbhs: Flush the notify_hotplug_work usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails usb: atm: cxacru: fix a flaw in existing endpoint checks usb: dwc3: Set SUSPENDENABLE soon after phy init usb: dwc3: gadget: Prevent irq storm when TH re-executes usb: typec: ucsi: increase timeout for PPM reset operations usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality usb: gadget: Set self-powered based on MaxPower and bmAttributes usb: gadget: Fix setting self-powered state on suspend usb: gadget: Check bmAttributes only if configuration is valid kbuild: userprogs: use correct lld when linking through clang acpi: typec: ucsi: Introduce a ->poll_cci method rust: finish using custom FFI integer types rust: map `long` to `isize` and `char` to `u8` xhci: pci: Fix indentation in the PCI device ID definitions usb: xhci: Enable the TRB overfetch quirk on VIA VL805 KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow KVM: SVM: Save host DR masks on CPUs with DebugSwap KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value KVM: SVM: Suppress DEBUGCTL.BTF on AMD KVM: x86: Snapshot the host's DEBUGCTL in common x86 KVM: SVM: Manually context switch DEBUGCTL if LBR virtualization is disabled KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM cdx: Fix possible UAF error in driver_override_show() mei: me: add panther lake P DID mei: vsc: Use "wakeuphostint" when getting the host wakeup GPIO intel_th: pci: Add Arrow Lake support intel_th: pci: Add Panther Lake-H support intel_th: pci: Add Panther Lake-P/U support char: misc: deallocate static minor in error path drivers: core: fix device leak in __fw_devlink_relax_cycles() slimbus: messaging: Free transaction ID in delayed interrupt scenario bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock eeprom: digsy_mtc: Make GPIO lookup table match the device drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl iio: filter: admv8818: Force initialization of SDO iio: light: apds9306: fix max_scale_nano values iio: dac: ad3552r: clear reset status flag iio: adc: ad7192: fix channel select iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes fs/netfs/read_pgpriv2: skip folio queues without `marks3` fs/netfs/read_collect: fix crash due to uninitialized `prev` variable kbuild: hdrcheck: fix cross build with clang ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage nvme-tcp: Fix a C2HTermReq error message docs: rust: remove spurious item in `expect` list Revert "KVM: e500: always restore irqs" Revert "KVM: PPC: e500: Use __kvm_faultin_pfn() to handle page faults" Revert "KVM: PPC: e500: Mark "struct page" pfn accessed before dropping mmu_lock" Revert "KVM: PPC: e500: Mark "struct page" dirty in kvmppc_e500_shadow_map()" KVM: e500: always restore irqs uprobes: Fix race in uprobe_free_utask selftests/bpf: Clean up open-coded gettid syscall invocations x86/mm: Don't disable PCID when INVLPG has been fixed by microcode wifi: iwlwifi: pcie: Fix TSO preparation Linux 6.12.19 Change-Id: Ia0c2b2c6a95b53a66e21505ed6ba756c6b0a2388 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
117 lines
4.1 KiB
Rust
117 lines
4.1 KiB
Rust
// SPDX-License-Identifier: GPL-2.0
|
|
|
|
// Copyright (C) 2024 Google LLC.
|
|
|
|
//! Linux Security Modules (LSM).
|
|
//!
|
|
//! C header: [`include/linux/security.h`](srctree/include/linux/security.h).
|
|
|
|
use crate::{
|
|
bindings,
|
|
cred::Credential,
|
|
error::{to_result, Result},
|
|
fs::File,
|
|
};
|
|
|
|
/// Calls the security modules to determine if the given task can become the manager of a binder
|
|
/// context.
|
|
#[inline]
|
|
pub fn binder_set_context_mgr(mgr: &Credential) -> Result {
|
|
// SAFETY: `mrg.0` is valid because the shared reference guarantees a nonzero refcount.
|
|
to_result(unsafe { bindings::security_binder_set_context_mgr(mgr.as_ptr()) })
|
|
}
|
|
|
|
/// Calls the security modules to determine if binder transactions are allowed from task `from` to
|
|
/// task `to`.
|
|
#[inline]
|
|
pub fn binder_transaction(from: &Credential, to: &Credential) -> Result {
|
|
// SAFETY: `from` and `to` are valid because the shared references guarantee nonzero refcounts.
|
|
to_result(unsafe { bindings::security_binder_transaction(from.as_ptr(), to.as_ptr()) })
|
|
}
|
|
|
|
/// Calls the security modules to determine if task `from` is allowed to send binder objects
|
|
/// (owned by itself or other processes) to task `to` through a binder transaction.
|
|
#[inline]
|
|
pub fn binder_transfer_binder(from: &Credential, to: &Credential) -> Result {
|
|
// SAFETY: `from` and `to` are valid because the shared references guarantee nonzero refcounts.
|
|
to_result(unsafe { bindings::security_binder_transfer_binder(from.as_ptr(), to.as_ptr()) })
|
|
}
|
|
|
|
/// Calls the security modules to determine if task `from` is allowed to send the given file to
|
|
/// task `to` (which would get its own file descriptor) through a binder transaction.
|
|
#[inline]
|
|
pub fn binder_transfer_file(from: &Credential, to: &Credential, file: &File) -> Result {
|
|
// SAFETY: `from`, `to` and `file` are valid because the shared references guarantee nonzero
|
|
// refcounts.
|
|
to_result(unsafe {
|
|
bindings::security_binder_transfer_file(from.as_ptr(), to.as_ptr(), file.as_ptr())
|
|
})
|
|
}
|
|
|
|
/// A security context string.
|
|
///
|
|
/// # Invariants
|
|
///
|
|
/// The `secdata` and `seclen` fields correspond to a valid security context as returned by a
|
|
/// successful call to `security_secid_to_secctx`, that has not yet been destroyed by calling
|
|
/// `security_release_secctx`.
|
|
pub struct SecurityCtx {
|
|
secdata: *mut crate::ffi::c_char,
|
|
seclen: usize,
|
|
}
|
|
|
|
impl SecurityCtx {
|
|
/// Get the security context given its id.
|
|
#[inline]
|
|
pub fn from_secid(secid: u32) -> Result<Self> {
|
|
let mut secdata = core::ptr::null_mut();
|
|
let mut seclen = 0u32;
|
|
// SAFETY: Just a C FFI call. The pointers are valid for writes.
|
|
to_result(unsafe { bindings::security_secid_to_secctx(secid, &mut secdata, &mut seclen) })?;
|
|
|
|
// INVARIANT: If the above call did not fail, then we have a valid security context.
|
|
Ok(Self {
|
|
secdata,
|
|
seclen: seclen as usize,
|
|
})
|
|
}
|
|
|
|
/// Returns whether the security context is empty.
|
|
#[inline]
|
|
pub fn is_empty(&self) -> bool {
|
|
self.seclen == 0
|
|
}
|
|
|
|
/// Returns the length of this security context.
|
|
#[inline]
|
|
pub fn len(&self) -> usize {
|
|
self.seclen
|
|
}
|
|
|
|
/// Returns the bytes for this security context.
|
|
#[inline]
|
|
pub fn as_bytes(&self) -> &[u8] {
|
|
let ptr = self.secdata;
|
|
if ptr.is_null() {
|
|
debug_assert_eq!(self.seclen, 0);
|
|
// We can't pass a null pointer to `slice::from_raw_parts` even if the length is zero.
|
|
return &[];
|
|
}
|
|
|
|
// SAFETY: The call to `security_secid_to_secctx` guarantees that the pointer is valid for
|
|
// `seclen` bytes. Furthermore, if the length is zero, then we have ensured that the
|
|
// pointer is not null.
|
|
unsafe { core::slice::from_raw_parts(ptr.cast(), self.seclen) }
|
|
}
|
|
}
|
|
|
|
impl Drop for SecurityCtx {
|
|
#[inline]
|
|
fn drop(&mut self) {
|
|
// SAFETY: By the invariant of `Self`, this frees a pointer that came from a successful
|
|
// call to `security_secid_to_secctx` and has not yet been destroyed by
|
|
// `security_release_secctx`.
|
|
unsafe { bindings::security_release_secctx(self.secdata, self.seclen as u32) };
|
|
}
|
|
}
|