aboutsummaryrefslogtreecommitdiffstats
path: root/rust
diff options
Diffstat (limited to 'rust')
-rw-r--r--rust/kernel/cred.rs5
-rw-r--r--rust/kernel/security.rs12
2 files changed, 13 insertions, 4 deletions
diff --git a/rust/kernel/cred.rs b/rust/kernel/cred.rs
index 81d67789b16f2..2599f01e8b285 100644
--- a/rust/kernel/cred.rs
+++ b/rust/kernel/cred.rs
@@ -47,6 +47,7 @@ impl Credential {
///
/// The caller must ensure that `ptr` is valid and remains valid for the lifetime of the
/// returned [`Credential`] reference.
+ #[inline]
pub unsafe fn from_ptr<'a>(ptr: *const bindings::cred) -> &'a Credential {
// SAFETY: The safety requirements guarantee the validity of the dereference, while the
// `Credential` type being transparent makes the cast ok.
@@ -54,6 +55,7 @@ impl Credential {
}
/// Get the id for this security context.
+ #[inline]
pub fn get_secid(&self) -> u32 {
let mut secid = 0;
// SAFETY: The invariants of this type ensures that the pointer is valid.
@@ -62,6 +64,7 @@ impl Credential {
}
/// Returns the effective UID of the given credential.
+ #[inline]
pub fn euid(&self) -> Kuid {
// SAFETY: By the type invariant, we know that `self.0` is valid. Furthermore, the `euid`
// field of a credential is never changed after initialization, so there is no potential
@@ -72,11 +75,13 @@ impl Credential {
// SAFETY: The type invariants guarantee that `Credential` is always ref-counted.
unsafe impl AlwaysRefCounted for Credential {
+ #[inline]
fn inc_ref(&self) {
// SAFETY: The existence of a shared reference means that the refcount is nonzero.
unsafe { bindings::get_cred(self.0.get()) };
}
+ #[inline]
unsafe fn dec_ref(obj: core::ptr::NonNull<Credential>) {
// SAFETY: The safety requirements guarantee that the refcount is nonzero. The cast is okay
// because `Credential` has the same representation as `struct cred`.
diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs
index 25d2b1ac38335..0c63e9e7e564b 100644
--- a/rust/kernel/security.rs
+++ b/rust/kernel/security.rs
@@ -16,13 +16,14 @@ use crate::{
/// # Invariants
///
/// The `ctx` field corresponds to a valid security context as returned by a successful call to
-/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`.
+/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`.
pub struct SecurityCtx {
ctx: bindings::lsm_context,
}
impl SecurityCtx {
/// Get the security context given its id.
+ #[inline]
pub fn from_secid(secid: u32) -> Result<Self> {
// SAFETY: `struct lsm_context` can be initialized to all zeros.
let mut ctx: bindings::lsm_context = unsafe { core::mem::zeroed() };
@@ -35,16 +36,19 @@ impl SecurityCtx {
}
/// Returns whether the security context is empty.
+ #[inline]
pub fn is_empty(&self) -> bool {
self.ctx.len == 0
}
/// Returns the length of this security context.
+ #[inline]
pub fn len(&self) -> usize {
self.ctx.len as usize
}
/// Returns the bytes for this security context.
+ #[inline]
pub fn as_bytes(&self) -> &[u8] {
let ptr = self.ctx.context;
if ptr.is_null() {
@@ -61,10 +65,10 @@ impl SecurityCtx {
}
impl Drop for SecurityCtx {
+ #[inline]
fn drop(&mut self) {
- // SAFETY: By the invariant of `Self`, this frees a context that came from a successful
- // call to `security_secid_to_secctx` and has not yet been destroyed by
- // `security_release_secctx`.
+ // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a
+ // successful call to `security_secid_to_secctx` and has not yet been released.
unsafe { bindings::security_release_secctx(&mut self.ctx) };
}
}