[apparmor] [PATCH 4/6] parser: Clean up the use of MS_REC in mount.h
Tyler Hicks
tyhicks at canonical.com
Fri Dec 12 00:49:53 UTC 2014
This patch restricts MS_REC to only be used while defining the MS_RBIND,
MS_RUNBINDABLE, MS_RPRIVATE, MS_RSLAVE, and MS_RSHARED macros.
The MS_R* macros are simply an OR of the corresponding non-recursive
macro and MS_REC:
#define MS_RBIND (MS_BIND | MS_REC)
Previously, a shortcut was taken when needing to specify the
non-recursive and recursive macros:
(MS_BIND | MS_UNBINDABLE | MS_PRIVATE | MS_SLAVE | MS_SHARED | MS_REC)
By using MS_REC above, it is not immediately clear that
MS_R{BIND,UNBINDABLE,PRIVATE,SLAVE,SHARED} are also included.
By restricting the use of MS_REC, this patch improves readability by
forcing the use of the MS_R{BIND,UNBINDABLE,PRIVATE,SLAVE,SHARED} macros
instead of relying on the MS_REC shortcut.
Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
---
parser/mount.h | 31 +++++++++++++++++++------------
1 file changed, 19 insertions(+), 12 deletions(-)
diff --git a/parser/mount.h b/parser/mount.h
index fd49ed2..b435260 100644
--- a/parser/mount.h
+++ b/parser/mount.h
@@ -64,19 +64,23 @@
#define MS_NOUSER (1 << 31)
#define MS_USER 0
-#define MS_ALL_FLAGS (MS_RDONLY | MS_NOSUID | MS_NODEV | MS_NOEXEC | \
- MS_SYNC | MS_REMOUNT | MS_MAND | MS_DIRSYNC | \
- MS_NOATIME | MS_NODIRATIME | MS_BIND | MS_MOVE | \
- MS_REC | MS_VERBOSE | MS_ACL | MS_UNBINDABLE | \
- MS_PRIVATE | MS_SLAVE | MS_SHARED | MS_RELATIME | \
- MS_IVERSION | MS_STRICTATIME | MS_USER)
-
+/* Only use MS_REC when defining these macros. Please use the macros from here
+ * on and don't make assumptions about the presence of MS_REC. */
#define MS_RBIND (MS_BIND | MS_REC)
#define MS_RUNBINDABLE (MS_UNBINDABLE | MS_REC)
#define MS_RPRIVATE (MS_PRIVATE | MS_REC)
#define MS_RSLAVE (MS_SLAVE | MS_REC)
#define MS_RSHARED (MS_SHARED | MS_REC)
+#define MS_ALL_FLAGS (MS_RDONLY | MS_NOSUID | MS_NODEV | MS_NOEXEC | \
+ MS_SYNC | MS_REMOUNT | MS_MAND | MS_DIRSYNC | \
+ MS_NOATIME | MS_NODIRATIME | MS_BIND | MS_RBIND | \
+ MS_MOVE | MS_VERBOSE | MS_ACL | \
+ MS_UNBINDABLE | MS_RUNBINDABLE | \
+ MS_PRIVATE | MS_RPRIVATE | \
+ MS_SLAVE | MS_RSLAVE | MS_SHARED | MS_RSHARED | \
+ MS_RELATIME | MS_IVERSION | MS_STRICTATIME | MS_USER)
+
/* set of flags we don't use but define (but not with the kernel values)
* for MNT_FLAGS
*/
@@ -89,13 +93,16 @@
MS_BORN | MS_NOATIME | MS_NODIRATIME | MS_RELATIME| \
MS_KERNMOUNT | MS_STRICTATIME)
-#define MS_BIND_FLAGS (MS_BIND | MS_REC)
-#define MS_MAKE_FLAGS ((MS_UNBINDABLE | MS_PRIVATE | MS_SLAVE | MS_SHARED | \
- MS_REC) | (MS_ALL_FLAGS & ~(MNT_FLAGS)))
+#define MS_BIND_FLAGS (MS_BIND | MS_RBIND)
+#define MS_MAKE_FLAGS ((MS_UNBINDABLE | MS_RUNBINDABLE | \
+ MS_PRIVATE | MS_RPRIVATE | \
+ MS_SLAVE | MS_RSLAVE | MS_SHARED | MS_RSHARED) | \
+ (MS_ALL_FLAGS & ~(MNT_FLAGS)))
#define MS_MOVE_FLAGS (MS_MOVE)
-#define MS_CMDS (MS_MOVE | MS_REMOUNT | MS_BIND | MS_PRIVATE | MS_SLAVE | \
- MS_SHARED | MS_UNBINDABLE | MS_REC)
+#define MS_CMDS (MS_MOVE | MS_REMOUNT | MS_BIND | MS_RBIND | \
+ MS_UNBINDABLE | MS_RUNBINDABLE | MS_PRIVATE | MS_RPRIVATE | \
+ MS_SLAVE | MS_RSLAVE | MS_SHARED | MS_RSHARED)
#define MS_REMOUNT_FLAGS (MS_ALL_FLAGS & ~(MS_CMDS & ~MS_REMOUNT))
#define MNT_SRC_OPT 1
--
2.1.0
More information about the AppArmor
mailing list