| Message ID | 20200323183130.17307-1-cgzones@googlemail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | tree-wide: replace last occurrences of security_context_t | expand |
> -----Original Message----- > From: selinux-owner@vger.kernel.org [mailto:selinux-owner@vger.kernel.org] > On Behalf Of Christian Göttsche > Sent: Monday, March 23, 2020 1:32 PM > To: selinux@vger.kernel.org > Subject: [PATCH] tree-wide: replace last occurrences of security_context_t > > Follow-up of: 9eb9c9327563014ad6a807814e7975424642d5b9 ("Get rid of > security_context_t and fix const declarations.") > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > --- > mcstrans/src/mcscolor.c | 8 +++--- > mcstrans/src/mcstrans.c | 12 ++++----- > mcstrans/src/mcstrans.h | 4 +-- > mcstrans/src/mcstransd.c | 6 ++--- > mcstrans/utils/transcon.c | 2 +- > mcstrans/utils/untranscon.c | 2 +- > policycoreutils/newrole/newrole.c | 40 ++++++++++++++--------------- > policycoreutils/run_init/run_init.c | 4 +-- > policycoreutils/secon/secon.c | 19 +++++++------- > sandbox/seunshare.c | 10 ++++---- > 10 files changed, 54 insertions(+), 53 deletions(-) > > diff --git a/mcstrans/src/mcscolor.c b/mcstrans/src/mcscolor.c index > 4ee0db50..a3838850 100644 > --- a/mcstrans/src/mcscolor.c > +++ b/mcstrans/src/mcscolor.c > @@ -44,7 +44,7 @@ static setab_t *clist[N_COLOR]; static setab_t > *cend[N_COLOR]; static semnemonic_t *mnemonics; > > -static security_context_t my_context; > +static char *my_context; > > void finish_context_colors(void) { > setab_t *cur, *next; > @@ -76,7 +76,7 @@ void finish_context_colors(void) { } > > static int check_dominance(const char *pattern, const char *raw) { > - security_context_t ctx; > + char *ctx; > context_t con; > struct av_decision avd; > int rc = -1; > @@ -109,7 +109,7 @@ static int check_dominance(const char *pattern, const > char *raw) { > if (!raw) > goto out; > > - rc = security_compute_av_raw(ctx, (security_context_t)raw, > context_class, context_contains_perm, &avd); > + rc = security_compute_av_raw(ctx, raw, context_class, > +context_contains_perm, &avd); > if (rc) > goto out; > > @@ -282,7 +282,7 @@ static int parse_components(context_t con, char > **components) { > > /* Look up colors. > */ > -int raw_color(const security_context_t raw, char **color_str) { > +int raw_color(const char *raw, char **color_str) { > #define CHARS_PER_COLOR 16 > context_t con; > uint32_t i, j, mask = 0; > diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c index > 96bdbdff..4a073ca4 100644 > --- a/mcstrans/src/mcstrans.c > +++ b/mcstrans/src/mcstrans.c > @@ -7,8 +7,8 @@ > > int init_translations(void); > void finish_context_translations(void); > - int trans_context(const security_context_t, security_context_t *); > - int untrans_context(const security_context_t, security_context_t *); > + int trans_context(const char *, char **); int untrans_context(const > + char *, char **); > > */ > > @@ -888,7 +888,7 @@ init_translations(void) { } > > char * > -extract_range(const security_context_t incon) { > +extract_range(const char *incon) { > context_t con = context_new(incon); > if (!con) { > syslog(LOG_ERR, "extract_range context_new(%s) failed: %s", > incon, strerror(errno)); @@ -911,7 +911,7 @@ extract_range(const > security_context_t incon) { } > > char * > -new_context_str(const security_context_t incon, const char *range) { > +new_context_str(const char *incon, const char *range) { > char *rcon = NULL; > context_t con = context_new(incon); > if (!con) { > @@ -1489,7 +1489,7 @@ err: > } > > int > -trans_context(const security_context_t incon, security_context_t *rcon) { > +trans_context(const char *incon, char **rcon) { > char *trans = NULL; > *rcon = NULL; > > @@ -1612,7 +1612,7 @@ trans_context(const security_context_t incon, > security_context_t *rcon) { } > > int > -untrans_context(const security_context_t incon, security_context_t *rcon) { > +untrans_context(const char *incon, char **rcon) { > char *raw = NULL; > *rcon = NULL; > > diff --git a/mcstrans/src/mcstrans.h b/mcstrans/src/mcstrans.h index > a2f68c18..e5cda93b 100644 > --- a/mcstrans/src/mcstrans.h > +++ b/mcstrans/src/mcstrans.h > @@ -4,6 +4,6 @@ > > extern int init_translations(void); > extern void finish_context_translations(void); > -extern int trans_context(const security_context_t, security_context_t *); - > extern int untrans_context(const security_context_t, security_context_t *); > +extern int trans_context(const char *, char **); extern int > +untrans_context(const char *, char **); > > diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c index > 85899493..07c052fd 100644 > --- a/mcstrans/src/mcstransd.c > +++ b/mcstrans/src/mcstransd.c > @@ -45,12 +45,12 @@ > > extern int init_translations(void); > extern void finish_context_translations(void); > -extern int trans_context(const security_context_t, security_context_t *); - > extern int untrans_context(const security_context_t, security_context_t *); > +extern int trans_context(const char *, char **); extern int > +untrans_context(const char *, char **); > > extern int init_colors(void); > extern void finish_context_colors(void); -extern int raw_color(const > security_context_t, char **); > +extern int raw_color(const char *, char **); > > #define SETRANSD_PATHNAME "/sbin/mcstransd" > > diff --git a/mcstrans/utils/transcon.c b/mcstrans/utils/transcon.c index > f4ded53e..4bf1bd56 100644 > --- a/mcstrans/utils/transcon.c > +++ b/mcstrans/utils/transcon.c > @@ -14,7 +14,7 @@ static __attribute__((__noreturn__)) void usage(const char > *progname) } > > int main(int argc, char **argv) { > - security_context_t scon; > + char *scon; > if ( argc != 2 ) usage(argv[0]); > if (init_translations()==0) { > if(trans_context(argv[1],&scon) == 0) { diff --git > a/mcstrans/utils/untranscon.c b/mcstrans/utils/untranscon.c index > 85cea294..81668746 100644 > --- a/mcstrans/utils/untranscon.c > +++ b/mcstrans/utils/untranscon.c > @@ -13,7 +13,7 @@ static __attribute__((__noreturn__)) void usage(const char > *progname) > exit(1); > } > int main(int argc, char **argv) { > - security_context_t scon; > + char *scon; > if ( argc != 2 ) usage(argv[0]); > if (init_translations()==0) { > if(untrans_context(argv[1],&scon) == 0) { diff --git > a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c > index e70051b1..36e2ba9c 100644 > --- a/policycoreutils/newrole/newrole.c > +++ b/policycoreutils/newrole/newrole.c > @@ -643,8 +643,8 @@ static int transition_to_caller_uid() #ifdef > AUDIT_LOG_PRIV > /* Send audit message */ > static > -int send_audit_message(int success, security_context_t old_context, > - security_context_t new_context, const char *ttyn) > +int send_audit_message(int success, const char *old_context, > + const char *new_context, const char *ttyn) > { > char *msg = NULL; > int rc; > @@ -677,9 +677,9 @@ int send_audit_message(int success, security_context_t > old_context, #else static inline > int send_audit_message(int success __attribute__ ((unused)), > - security_context_t old_context > + const char *old_context > __attribute__ ((unused)), > - security_context_t new_context > + const char *new_context > __attribute__ ((unused)), const char *ttyn > __attribute__ ((unused))) > { > @@ -695,14 +695,14 @@ static inline > * This function will not fail if it can not relabel the tty when selinux is > * in permissive mode. > */ > -static int relabel_tty(const char *ttyn, security_context_t new_context, > - security_context_t * tty_context, > - security_context_t * new_tty_context) > +static int relabel_tty(const char *ttyn, const char *new_context, > + char **tty_context, > + char **new_tty_context) > { > int fd, rc; > int enforcing = security_getenforce(); > - security_context_t tty_con = NULL; > - security_context_t new_tty_con = NULL; > + char *tty_con = NULL; > + char *new_tty_con = NULL; > > if (!ttyn) > return 0; > @@ -775,11 +775,11 @@ static int relabel_tty(const char *ttyn, > security_context_t new_context, > * Returns zero on success, non-zero otherwise > */ > static int restore_tty_label(int fd, const char *ttyn, > - security_context_t tty_context, > - security_context_t new_tty_context) > + const char *tty_context, > + const char *new_tty_context) > { > int rc = 0; > - security_context_t chk_tty_context = NULL; > + char *chk_tty_context = NULL; > > if (!ttyn) > goto skip_relabel; > @@ -816,8 +816,8 @@ static int restore_tty_label(int fd, const char *ttyn, > * Returns zero on success, non-zero otherwise. > */ > static int parse_command_line_arguments(int argc, char **argv, char *ttyn, > - security_context_t old_context, > - security_context_t * new_context, > + const char *old_context, > + char **new_context, > int *preserve_environment) > { > int flag_index; /* flag index in argv[] */ > @@ -827,8 +827,8 @@ static int parse_command_line_arguments(int argc, char > **argv, char *ttyn, > char *type_ptr = NULL; /* stores malloc'd data from get_default_type */ > char *level_s = NULL; /* level spec'd by user in argv[] */ > char *range_ptr = NULL; > - security_context_t new_con = NULL; > - security_context_t tty_con = NULL; > + char *new_con = NULL; > + char *tty_con = NULL; > context_t context = NULL; /* manipulatable form of new_context */ > const struct option long_options[] = { > {"role", 1, 0, 'r'}, > @@ -1021,10 +1021,10 @@ static int set_signal_handles(void) > > int main(int argc, char *argv[]) > { > - security_context_t new_context = NULL; /* target security context > */ > - security_context_t old_context = NULL; /* original securiy context > */ > - security_context_t tty_context = NULL; /* current context of tty > */ > - security_context_t new_tty_context = NULL; /* new context of tty */ > + char *new_context = NULL; /* target security context */ > + char *old_context = NULL; /* original securiy context */ > + char *tty_context = NULL; /* current context of tty */ > + char *new_tty_context = NULL; /* new context of tty */ > > struct passwd pw; /* struct derived from passwd file line */ > char *ttyn = NULL; /* tty path */ > diff --git a/policycoreutils/run_init/run_init.c b/policycoreutils/run_init/run_init.c > index a007ce49..1c5eb68e 100644 > --- a/policycoreutils/run_init/run_init.c > +++ b/policycoreutils/run_init/run_init.c > @@ -303,7 +303,7 @@ int authenticate_user(void) > * out: The CONTEXT associated with the context. > * return: 0 on success, -1 on failure. > */ > -int get_init_context(security_context_t * context) > +int get_init_context(char **context) > { > > FILE *fp; > @@ -354,7 +354,7 @@ int main(int argc, char *argv[]) > > extern char *optarg; /* used by getopt() for arg strings */ > extern int opterr; /* controls getopt() error messages */ > - security_context_t new_context; /* context for the init script > context */ > + char *new_context; /* context for the init script context */ > > #ifdef USE_NLS > setlocale(LC_ALL, ""); > diff --git a/policycoreutils/secon/secon.c b/policycoreutils/secon/secon.c index > 477057a6..d257a9a1 100644 > --- a/policycoreutils/secon/secon.c > +++ b/policycoreutils/secon/secon.c > @@ -341,7 +341,7 @@ static void cmd_line(int argc, char *argv[]) > errx(EXIT_FAILURE, "SELinux is not enabled"); } > > -static int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val) > +static int my_getXcon_raw(pid_t pid, char **con, const char *val) > { > char buf[4096]; > FILE *fp = NULL; > @@ -371,23 +371,23 @@ static int my_getXcon_raw(pid_t pid, > security_context_t * con, const char *val) > return (0); > } > > -static int my_getpidexeccon_raw(pid_t pid, security_context_t * con) > +static int my_getpidexeccon_raw(pid_t pid, char **con) > { > return (my_getXcon_raw(pid, con, "exec")); } -static int > my_getpidfscreatecon_raw(pid_t pid, security_context_t * con) > +static int my_getpidfscreatecon_raw(pid_t pid, char **con) > { > return (my_getXcon_raw(pid, con, "fscreate")); } -static int > my_getpidkeycreatecon_raw(pid_t pid, security_context_t * con) > +static int my_getpidkeycreatecon_raw(pid_t pid, char **con) > { > return (my_getXcon_raw(pid, con, "keycreate")); } > > -static security_context_t get_scon(void) > +static char *get_scon(void) > { > static char dummy_NIL[1] = ""; > - security_context_t con = NULL, con_tmp; > + char *con = NULL, *con_tmp; > int ret = -1; > > switch (opts->from_type) { > @@ -620,9 +620,10 @@ static void disp__con_val(const char *name, const char > *val, > done = TRUE; > } > > -static void disp_con(security_context_t scon_raw) > +static void disp_con(const char *scon_raw) > { > - security_context_t scon_trans, scon; > + char *scon_trans; > + const char *scon; > context_t con = NULL; > char *color_str = NULL; > struct context_color_t color = { .valid = 0 }; @@ -748,7 +749,7 @@ static > void disp_con(security_context_t scon_raw) > > int main(int argc, char *argv[]) > { > - security_context_t scon_raw = NULL; > + char *scon_raw = NULL; > > cmd_line(argc, argv); > > diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c index > 9707a456..d626e98d 100644 > --- a/sandbox/seunshare.c > +++ b/sandbox/seunshare.c > @@ -431,13 +431,13 @@ static int cleanup_tmpdir(const char *tmpdir, const char > *src, > * to clean it up. > */ > static char *create_tmpdir(const char *src, struct stat *src_st, > - struct stat *out_st, struct passwd *pwd, security_context_t execcon) > + struct stat *out_st, struct passwd *pwd, const char *execcon) > { > char *tmpdir = NULL; > char *cmdbuf = NULL; > int fd_t = -1, fd_s = -1; > struct stat tmp_st; > - security_context_t con = NULL; > + char *con = NULL; > > /* get selinux context */ > if (execcon) { > @@ -549,10 +549,10 @@ good: > #define PROC_BASE "/proc" > > static int > -killall (security_context_t execcon) > +killall (const char *execcon) > { > DIR *dir; > - security_context_t scon; > + char *scon; > struct dirent *de; > pid_t *pid_table, pid, self; > int i; > @@ -615,7 +615,7 @@ killall (security_context_t execcon) > > int main(int argc, char **argv) { > int status = -1; > - security_context_t execcon = NULL; > + const char *execcon = NULL; > > int clflag; /* holds codes for command line flags */ > int kill_all = 0; > -- > 2.26.0.rc2 Nice, I also see you also made updates to correct const * issues with the Existing API like, for example, like send_audit_message(). Acked-by: William Roberts <william.c.roberts@intel.com>
On Mon, Mar 23, 2020 at 3:00 PM Roberts, William C <william.c.roberts@intel.com> wrote: > > > > > -----Original Message----- > > From: selinux-owner@vger.kernel.org [mailto:selinux-owner@vger.kernel.org] > > On Behalf Of Christian Göttsche > > Sent: Monday, March 23, 2020 1:32 PM > > To: selinux@vger.kernel.org > > Subject: [PATCH] tree-wide: replace last occurrences of security_context_t > > > > Follow-up of: 9eb9c9327563014ad6a807814e7975424642d5b9 ("Get rid of > > security_context_t and fix const declarations.") > > > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > > --- > > mcstrans/src/mcscolor.c | 8 +++--- > > mcstrans/src/mcstrans.c | 12 ++++----- > > mcstrans/src/mcstrans.h | 4 +-- > > mcstrans/src/mcstransd.c | 6 ++--- > > mcstrans/utils/transcon.c | 2 +- > > mcstrans/utils/untranscon.c | 2 +- > > policycoreutils/newrole/newrole.c | 40 ++++++++++++++--------------- > > policycoreutils/run_init/run_init.c | 4 +-- > > policycoreutils/secon/secon.c | 19 +++++++------- > > sandbox/seunshare.c | 10 ++++---- > > 10 files changed, 54 insertions(+), 53 deletions(-) > > > > diff --git a/mcstrans/src/mcscolor.c b/mcstrans/src/mcscolor.c index > > 4ee0db50..a3838850 100644 > > --- a/mcstrans/src/mcscolor.c > > +++ b/mcstrans/src/mcscolor.c > > @@ -44,7 +44,7 @@ static setab_t *clist[N_COLOR]; static setab_t > > *cend[N_COLOR]; static semnemonic_t *mnemonics; > > > > -static security_context_t my_context; > > +static char *my_context; > > > > void finish_context_colors(void) { > > setab_t *cur, *next; > > @@ -76,7 +76,7 @@ void finish_context_colors(void) { } > > > > static int check_dominance(const char *pattern, const char *raw) { > > - security_context_t ctx; > > + char *ctx; > > context_t con; > > struct av_decision avd; > > int rc = -1; > > @@ -109,7 +109,7 @@ static int check_dominance(const char *pattern, const > > char *raw) { > > if (!raw) > > goto out; > > > > - rc = security_compute_av_raw(ctx, (security_context_t)raw, > > context_class, context_contains_perm, &avd); > > + rc = security_compute_av_raw(ctx, raw, context_class, > > +context_contains_perm, &avd); > > if (rc) > > goto out; > > > > @@ -282,7 +282,7 @@ static int parse_components(context_t con, char > > **components) { > > > > /* Look up colors. > > */ > > -int raw_color(const security_context_t raw, char **color_str) { > > +int raw_color(const char *raw, char **color_str) { > > #define CHARS_PER_COLOR 16 > > context_t con; > > uint32_t i, j, mask = 0; > > diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c index > > 96bdbdff..4a073ca4 100644 > > --- a/mcstrans/src/mcstrans.c > > +++ b/mcstrans/src/mcstrans.c > > @@ -7,8 +7,8 @@ > > > > int init_translations(void); > > void finish_context_translations(void); > > - int trans_context(const security_context_t, security_context_t *); > > - int untrans_context(const security_context_t, security_context_t *); > > + int trans_context(const char *, char **); int untrans_context(const > > + char *, char **); > > > > */ > > > > @@ -888,7 +888,7 @@ init_translations(void) { } > > > > char * > > -extract_range(const security_context_t incon) { > > +extract_range(const char *incon) { > > context_t con = context_new(incon); > > if (!con) { > > syslog(LOG_ERR, "extract_range context_new(%s) failed: %s", > > incon, strerror(errno)); @@ -911,7 +911,7 @@ extract_range(const > > security_context_t incon) { } > > > > char * > > -new_context_str(const security_context_t incon, const char *range) { > > +new_context_str(const char *incon, const char *range) { > > char *rcon = NULL; > > context_t con = context_new(incon); > > if (!con) { > > @@ -1489,7 +1489,7 @@ err: > > } > > > > int > > -trans_context(const security_context_t incon, security_context_t *rcon) { > > +trans_context(const char *incon, char **rcon) { > > char *trans = NULL; > > *rcon = NULL; > > > > @@ -1612,7 +1612,7 @@ trans_context(const security_context_t incon, > > security_context_t *rcon) { } > > > > int > > -untrans_context(const security_context_t incon, security_context_t *rcon) { > > +untrans_context(const char *incon, char **rcon) { > > char *raw = NULL; > > *rcon = NULL; > > > > diff --git a/mcstrans/src/mcstrans.h b/mcstrans/src/mcstrans.h index > > a2f68c18..e5cda93b 100644 > > --- a/mcstrans/src/mcstrans.h > > +++ b/mcstrans/src/mcstrans.h > > @@ -4,6 +4,6 @@ > > > > extern int init_translations(void); > > extern void finish_context_translations(void); > > -extern int trans_context(const security_context_t, security_context_t *); - > > extern int untrans_context(const security_context_t, security_context_t *); > > +extern int trans_context(const char *, char **); extern int > > +untrans_context(const char *, char **); > > > > diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c index > > 85899493..07c052fd 100644 > > --- a/mcstrans/src/mcstransd.c > > +++ b/mcstrans/src/mcstransd.c > > @@ -45,12 +45,12 @@ > > > > extern int init_translations(void); > > extern void finish_context_translations(void); > > -extern int trans_context(const security_context_t, security_context_t *); - > > extern int untrans_context(const security_context_t, security_context_t *); > > +extern int trans_context(const char *, char **); extern int > > +untrans_context(const char *, char **); > > > > extern int init_colors(void); > > extern void finish_context_colors(void); -extern int raw_color(const > > security_context_t, char **); > > +extern int raw_color(const char *, char **); > > > > #define SETRANSD_PATHNAME "/sbin/mcstransd" > > > > diff --git a/mcstrans/utils/transcon.c b/mcstrans/utils/transcon.c index > > f4ded53e..4bf1bd56 100644 > > --- a/mcstrans/utils/transcon.c > > +++ b/mcstrans/utils/transcon.c > > @@ -14,7 +14,7 @@ static __attribute__((__noreturn__)) void usage(const char > > *progname) } > > > > int main(int argc, char **argv) { > > - security_context_t scon; > > + char *scon; > > if ( argc != 2 ) usage(argv[0]); > > if (init_translations()==0) { > > if(trans_context(argv[1],&scon) == 0) { diff --git > > a/mcstrans/utils/untranscon.c b/mcstrans/utils/untranscon.c index > > 85cea294..81668746 100644 > > --- a/mcstrans/utils/untranscon.c > > +++ b/mcstrans/utils/untranscon.c > > @@ -13,7 +13,7 @@ static __attribute__((__noreturn__)) void usage(const char > > *progname) > > exit(1); > > } > > int main(int argc, char **argv) { > > - security_context_t scon; > > + char *scon; > > if ( argc != 2 ) usage(argv[0]); > > if (init_translations()==0) { > > if(untrans_context(argv[1],&scon) == 0) { diff --git > > a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c > > index e70051b1..36e2ba9c 100644 > > --- a/policycoreutils/newrole/newrole.c > > +++ b/policycoreutils/newrole/newrole.c > > @@ -643,8 +643,8 @@ static int transition_to_caller_uid() #ifdef > > AUDIT_LOG_PRIV > > /* Send audit message */ > > static > > -int send_audit_message(int success, security_context_t old_context, > > - security_context_t new_context, const char *ttyn) > > +int send_audit_message(int success, const char *old_context, > > + const char *new_context, const char *ttyn) > > { > > char *msg = NULL; > > int rc; > > @@ -677,9 +677,9 @@ int send_audit_message(int success, security_context_t > > old_context, #else static inline > > int send_audit_message(int success __attribute__ ((unused)), > > - security_context_t old_context > > + const char *old_context > > __attribute__ ((unused)), > > - security_context_t new_context > > + const char *new_context > > __attribute__ ((unused)), const char *ttyn > > __attribute__ ((unused))) > > { > > @@ -695,14 +695,14 @@ static inline > > * This function will not fail if it can not relabel the tty when selinux is > > * in permissive mode. > > */ > > -static int relabel_tty(const char *ttyn, security_context_t new_context, > > - security_context_t * tty_context, > > - security_context_t * new_tty_context) > > +static int relabel_tty(const char *ttyn, const char *new_context, > > + char **tty_context, > > + char **new_tty_context) > > { > > int fd, rc; > > int enforcing = security_getenforce(); > > - security_context_t tty_con = NULL; > > - security_context_t new_tty_con = NULL; > > + char *tty_con = NULL; > > + char *new_tty_con = NULL; > > > > if (!ttyn) > > return 0; > > @@ -775,11 +775,11 @@ static int relabel_tty(const char *ttyn, > > security_context_t new_context, > > * Returns zero on success, non-zero otherwise > > */ > > static int restore_tty_label(int fd, const char *ttyn, > > - security_context_t tty_context, > > - security_context_t new_tty_context) > > + const char *tty_context, > > + const char *new_tty_context) > > { > > int rc = 0; > > - security_context_t chk_tty_context = NULL; > > + char *chk_tty_context = NULL; > > > > if (!ttyn) > > goto skip_relabel; > > @@ -816,8 +816,8 @@ static int restore_tty_label(int fd, const char *ttyn, > > * Returns zero on success, non-zero otherwise. > > */ > > static int parse_command_line_arguments(int argc, char **argv, char *ttyn, > > - security_context_t old_context, > > - security_context_t * new_context, > > + const char *old_context, > > + char **new_context, > > int *preserve_environment) > > { > > int flag_index; /* flag index in argv[] */ > > @@ -827,8 +827,8 @@ static int parse_command_line_arguments(int argc, char > > **argv, char *ttyn, > > char *type_ptr = NULL; /* stores malloc'd data from get_default_type */ > > char *level_s = NULL; /* level spec'd by user in argv[] */ > > char *range_ptr = NULL; > > - security_context_t new_con = NULL; > > - security_context_t tty_con = NULL; > > + char *new_con = NULL; > > + char *tty_con = NULL; > > context_t context = NULL; /* manipulatable form of new_context */ > > const struct option long_options[] = { > > {"role", 1, 0, 'r'}, > > @@ -1021,10 +1021,10 @@ static int set_signal_handles(void) > > > > int main(int argc, char *argv[]) > > { > > - security_context_t new_context = NULL; /* target security context > > */ > > - security_context_t old_context = NULL; /* original securiy context > > */ > > - security_context_t tty_context = NULL; /* current context of tty > > */ > > - security_context_t new_tty_context = NULL; /* new context of tty */ > > + char *new_context = NULL; /* target security context */ > > + char *old_context = NULL; /* original securiy context */ > > + char *tty_context = NULL; /* current context of tty */ > > + char *new_tty_context = NULL; /* new context of tty */ > > > > struct passwd pw; /* struct derived from passwd file line */ > > char *ttyn = NULL; /* tty path */ > > diff --git a/policycoreutils/run_init/run_init.c b/policycoreutils/run_init/run_init.c > > index a007ce49..1c5eb68e 100644 > > --- a/policycoreutils/run_init/run_init.c > > +++ b/policycoreutils/run_init/run_init.c > > @@ -303,7 +303,7 @@ int authenticate_user(void) > > * out: The CONTEXT associated with the context. > > * return: 0 on success, -1 on failure. > > */ > > -int get_init_context(security_context_t * context) > > +int get_init_context(char **context) > > { > > > > FILE *fp; > > @@ -354,7 +354,7 @@ int main(int argc, char *argv[]) > > > > extern char *optarg; /* used by getopt() for arg strings */ > > extern int opterr; /* controls getopt() error messages */ > > - security_context_t new_context; /* context for the init script > > context */ > > + char *new_context; /* context for the init script context */ > > > > #ifdef USE_NLS > > setlocale(LC_ALL, ""); > > diff --git a/policycoreutils/secon/secon.c b/policycoreutils/secon/secon.c index > > 477057a6..d257a9a1 100644 > > --- a/policycoreutils/secon/secon.c > > +++ b/policycoreutils/secon/secon.c > > @@ -341,7 +341,7 @@ static void cmd_line(int argc, char *argv[]) > > errx(EXIT_FAILURE, "SELinux is not enabled"); } > > > > -static int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val) > > +static int my_getXcon_raw(pid_t pid, char **con, const char *val) > > { > > char buf[4096]; > > FILE *fp = NULL; > > @@ -371,23 +371,23 @@ static int my_getXcon_raw(pid_t pid, > > security_context_t * con, const char *val) > > return (0); > > } > > > > -static int my_getpidexeccon_raw(pid_t pid, security_context_t * con) > > +static int my_getpidexeccon_raw(pid_t pid, char **con) > > { > > return (my_getXcon_raw(pid, con, "exec")); } -static int > > my_getpidfscreatecon_raw(pid_t pid, security_context_t * con) > > +static int my_getpidfscreatecon_raw(pid_t pid, char **con) > > { > > return (my_getXcon_raw(pid, con, "fscreate")); } -static int > > my_getpidkeycreatecon_raw(pid_t pid, security_context_t * con) > > +static int my_getpidkeycreatecon_raw(pid_t pid, char **con) > > { > > return (my_getXcon_raw(pid, con, "keycreate")); } > > > > -static security_context_t get_scon(void) > > +static char *get_scon(void) > > { > > static char dummy_NIL[1] = ""; > > - security_context_t con = NULL, con_tmp; > > + char *con = NULL, *con_tmp; > > int ret = -1; > > > > switch (opts->from_type) { > > @@ -620,9 +620,10 @@ static void disp__con_val(const char *name, const char > > *val, > > done = TRUE; > > } > > > > -static void disp_con(security_context_t scon_raw) > > +static void disp_con(const char *scon_raw) > > { > > - security_context_t scon_trans, scon; > > + char *scon_trans; > > + const char *scon; > > context_t con = NULL; > > char *color_str = NULL; > > struct context_color_t color = { .valid = 0 }; @@ -748,7 +749,7 @@ static > > void disp_con(security_context_t scon_raw) > > > > int main(int argc, char *argv[]) > > { > > - security_context_t scon_raw = NULL; > > + char *scon_raw = NULL; > > > > cmd_line(argc, argv); > > > > diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c index > > 9707a456..d626e98d 100644 > > --- a/sandbox/seunshare.c > > +++ b/sandbox/seunshare.c > > @@ -431,13 +431,13 @@ static int cleanup_tmpdir(const char *tmpdir, const char > > *src, > > * to clean it up. > > */ > > static char *create_tmpdir(const char *src, struct stat *src_st, > > - struct stat *out_st, struct passwd *pwd, security_context_t execcon) > > + struct stat *out_st, struct passwd *pwd, const char *execcon) > > { > > char *tmpdir = NULL; > > char *cmdbuf = NULL; > > int fd_t = -1, fd_s = -1; > > struct stat tmp_st; > > - security_context_t con = NULL; > > + char *con = NULL; > > > > /* get selinux context */ > > if (execcon) { > > @@ -549,10 +549,10 @@ good: > > #define PROC_BASE "/proc" > > > > static int > > -killall (security_context_t execcon) > > +killall (const char *execcon) > > { > > DIR *dir; > > - security_context_t scon; > > + char *scon; > > struct dirent *de; > > pid_t *pid_table, pid, self; > > int i; > > @@ -615,7 +615,7 @@ killall (security_context_t execcon) > > > > int main(int argc, char **argv) { > > int status = -1; > > - security_context_t execcon = NULL; > > + const char *execcon = NULL; > > > > int clflag; /* holds codes for command line flags */ > > int kill_all = 0; > > -- > > 2.26.0.rc2 > > Nice, I also see you also made updates to correct const * issues with the > Existing API like, for example, like send_audit_message(). > > Acked-by: William Roberts <william.c.roberts@intel.com> Merged: https://github.com/SELinuxProject/selinux/pull/212
diff --git a/mcstrans/src/mcscolor.c b/mcstrans/src/mcscolor.c index 4ee0db50..a3838850 100644 --- a/mcstrans/src/mcscolor.c +++ b/mcstrans/src/mcscolor.c @@ -44,7 +44,7 @@ static setab_t *clist[N_COLOR]; static setab_t *cend[N_COLOR]; static semnemonic_t *mnemonics; -static security_context_t my_context; +static char *my_context; void finish_context_colors(void) { setab_t *cur, *next; @@ -76,7 +76,7 @@ void finish_context_colors(void) { } static int check_dominance(const char *pattern, const char *raw) { - security_context_t ctx; + char *ctx; context_t con; struct av_decision avd; int rc = -1; @@ -109,7 +109,7 @@ static int check_dominance(const char *pattern, const char *raw) { if (!raw) goto out; - rc = security_compute_av_raw(ctx, (security_context_t)raw, context_class, context_contains_perm, &avd); + rc = security_compute_av_raw(ctx, raw, context_class, context_contains_perm, &avd); if (rc) goto out; @@ -282,7 +282,7 @@ static int parse_components(context_t con, char **components) { /* Look up colors. */ -int raw_color(const security_context_t raw, char **color_str) { +int raw_color(const char *raw, char **color_str) { #define CHARS_PER_COLOR 16 context_t con; uint32_t i, j, mask = 0; diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c index 96bdbdff..4a073ca4 100644 --- a/mcstrans/src/mcstrans.c +++ b/mcstrans/src/mcstrans.c @@ -7,8 +7,8 @@ int init_translations(void); void finish_context_translations(void); - int trans_context(const security_context_t, security_context_t *); - int untrans_context(const security_context_t, security_context_t *); + int trans_context(const char *, char **); + int untrans_context(const char *, char **); */ @@ -888,7 +888,7 @@ init_translations(void) { } char * -extract_range(const security_context_t incon) { +extract_range(const char *incon) { context_t con = context_new(incon); if (!con) { syslog(LOG_ERR, "extract_range context_new(%s) failed: %s", incon, strerror(errno)); @@ -911,7 +911,7 @@ extract_range(const security_context_t incon) { } char * -new_context_str(const security_context_t incon, const char *range) { +new_context_str(const char *incon, const char *range) { char *rcon = NULL; context_t con = context_new(incon); if (!con) { @@ -1489,7 +1489,7 @@ err: } int -trans_context(const security_context_t incon, security_context_t *rcon) { +trans_context(const char *incon, char **rcon) { char *trans = NULL; *rcon = NULL; @@ -1612,7 +1612,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) { } int -untrans_context(const security_context_t incon, security_context_t *rcon) { +untrans_context(const char *incon, char **rcon) { char *raw = NULL; *rcon = NULL; diff --git a/mcstrans/src/mcstrans.h b/mcstrans/src/mcstrans.h index a2f68c18..e5cda93b 100644 --- a/mcstrans/src/mcstrans.h +++ b/mcstrans/src/mcstrans.h @@ -4,6 +4,6 @@ extern int init_translations(void); extern void finish_context_translations(void); -extern int trans_context(const security_context_t, security_context_t *); -extern int untrans_context(const security_context_t, security_context_t *); +extern int trans_context(const char *, char **); +extern int untrans_context(const char *, char **); diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c index 85899493..07c052fd 100644 --- a/mcstrans/src/mcstransd.c +++ b/mcstrans/src/mcstransd.c @@ -45,12 +45,12 @@ extern int init_translations(void); extern void finish_context_translations(void); -extern int trans_context(const security_context_t, security_context_t *); -extern int untrans_context(const security_context_t, security_context_t *); +extern int trans_context(const char *, char **); +extern int untrans_context(const char *, char **); extern int init_colors(void); extern void finish_context_colors(void); -extern int raw_color(const security_context_t, char **); +extern int raw_color(const char *, char **); #define SETRANSD_PATHNAME "/sbin/mcstransd" diff --git a/mcstrans/utils/transcon.c b/mcstrans/utils/transcon.c index f4ded53e..4bf1bd56 100644 --- a/mcstrans/utils/transcon.c +++ b/mcstrans/utils/transcon.c @@ -14,7 +14,7 @@ static __attribute__((__noreturn__)) void usage(const char *progname) } int main(int argc, char **argv) { - security_context_t scon; + char *scon; if ( argc != 2 ) usage(argv[0]); if (init_translations()==0) { if(trans_context(argv[1],&scon) == 0) { diff --git a/mcstrans/utils/untranscon.c b/mcstrans/utils/untranscon.c index 85cea294..81668746 100644 --- a/mcstrans/utils/untranscon.c +++ b/mcstrans/utils/untranscon.c @@ -13,7 +13,7 @@ static __attribute__((__noreturn__)) void usage(const char *progname) exit(1); } int main(int argc, char **argv) { - security_context_t scon; + char *scon; if ( argc != 2 ) usage(argv[0]); if (init_translations()==0) { if(untrans_context(argv[1],&scon) == 0) { diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c index e70051b1..36e2ba9c 100644 --- a/policycoreutils/newrole/newrole.c +++ b/policycoreutils/newrole/newrole.c @@ -643,8 +643,8 @@ static int transition_to_caller_uid() #ifdef AUDIT_LOG_PRIV /* Send audit message */ static -int send_audit_message(int success, security_context_t old_context, - security_context_t new_context, const char *ttyn) +int send_audit_message(int success, const char *old_context, + const char *new_context, const char *ttyn) { char *msg = NULL; int rc; @@ -677,9 +677,9 @@ int send_audit_message(int success, security_context_t old_context, #else static inline int send_audit_message(int success __attribute__ ((unused)), - security_context_t old_context + const char *old_context __attribute__ ((unused)), - security_context_t new_context + const char *new_context __attribute__ ((unused)), const char *ttyn __attribute__ ((unused))) { @@ -695,14 +695,14 @@ static inline * This function will not fail if it can not relabel the tty when selinux is * in permissive mode. */ -static int relabel_tty(const char *ttyn, security_context_t new_context, - security_context_t * tty_context, - security_context_t * new_tty_context) +static int relabel_tty(const char *ttyn, const char *new_context, + char **tty_context, + char **new_tty_context) { int fd, rc; int enforcing = security_getenforce(); - security_context_t tty_con = NULL; - security_context_t new_tty_con = NULL; + char *tty_con = NULL; + char *new_tty_con = NULL; if (!ttyn) return 0; @@ -775,11 +775,11 @@ static int relabel_tty(const char *ttyn, security_context_t new_context, * Returns zero on success, non-zero otherwise */ static int restore_tty_label(int fd, const char *ttyn, - security_context_t tty_context, - security_context_t new_tty_context) + const char *tty_context, + const char *new_tty_context) { int rc = 0; - security_context_t chk_tty_context = NULL; + char *chk_tty_context = NULL; if (!ttyn) goto skip_relabel; @@ -816,8 +816,8 @@ static int restore_tty_label(int fd, const char *ttyn, * Returns zero on success, non-zero otherwise. */ static int parse_command_line_arguments(int argc, char **argv, char *ttyn, - security_context_t old_context, - security_context_t * new_context, + const char *old_context, + char **new_context, int *preserve_environment) { int flag_index; /* flag index in argv[] */ @@ -827,8 +827,8 @@ static int parse_command_line_arguments(int argc, char **argv, char *ttyn, char *type_ptr = NULL; /* stores malloc'd data from get_default_type */ char *level_s = NULL; /* level spec'd by user in argv[] */ char *range_ptr = NULL; - security_context_t new_con = NULL; - security_context_t tty_con = NULL; + char *new_con = NULL; + char *tty_con = NULL; context_t context = NULL; /* manipulatable form of new_context */ const struct option long_options[] = { {"role", 1, 0, 'r'}, @@ -1021,10 +1021,10 @@ static int set_signal_handles(void) int main(int argc, char *argv[]) { - security_context_t new_context = NULL; /* target security context */ - security_context_t old_context = NULL; /* original securiy context */ - security_context_t tty_context = NULL; /* current context of tty */ - security_context_t new_tty_context = NULL; /* new context of tty */ + char *new_context = NULL; /* target security context */ + char *old_context = NULL; /* original securiy context */ + char *tty_context = NULL; /* current context of tty */ + char *new_tty_context = NULL; /* new context of tty */ struct passwd pw; /* struct derived from passwd file line */ char *ttyn = NULL; /* tty path */ diff --git a/policycoreutils/run_init/run_init.c b/policycoreutils/run_init/run_init.c index a007ce49..1c5eb68e 100644 --- a/policycoreutils/run_init/run_init.c +++ b/policycoreutils/run_init/run_init.c @@ -303,7 +303,7 @@ int authenticate_user(void) * out: The CONTEXT associated with the context. * return: 0 on success, -1 on failure. */ -int get_init_context(security_context_t * context) +int get_init_context(char **context) { FILE *fp; @@ -354,7 +354,7 @@ int main(int argc, char *argv[]) extern char *optarg; /* used by getopt() for arg strings */ extern int opterr; /* controls getopt() error messages */ - security_context_t new_context; /* context for the init script context */ + char *new_context; /* context for the init script context */ #ifdef USE_NLS setlocale(LC_ALL, ""); diff --git a/policycoreutils/secon/secon.c b/policycoreutils/secon/secon.c index 477057a6..d257a9a1 100644 --- a/policycoreutils/secon/secon.c +++ b/policycoreutils/secon/secon.c @@ -341,7 +341,7 @@ static void cmd_line(int argc, char *argv[]) errx(EXIT_FAILURE, "SELinux is not enabled"); } -static int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val) +static int my_getXcon_raw(pid_t pid, char **con, const char *val) { char buf[4096]; FILE *fp = NULL; @@ -371,23 +371,23 @@ static int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val) return (0); } -static int my_getpidexeccon_raw(pid_t pid, security_context_t * con) +static int my_getpidexeccon_raw(pid_t pid, char **con) { return (my_getXcon_raw(pid, con, "exec")); } -static int my_getpidfscreatecon_raw(pid_t pid, security_context_t * con) +static int my_getpidfscreatecon_raw(pid_t pid, char **con) { return (my_getXcon_raw(pid, con, "fscreate")); } -static int my_getpidkeycreatecon_raw(pid_t pid, security_context_t * con) +static int my_getpidkeycreatecon_raw(pid_t pid, char **con) { return (my_getXcon_raw(pid, con, "keycreate")); } -static security_context_t get_scon(void) +static char *get_scon(void) { static char dummy_NIL[1] = ""; - security_context_t con = NULL, con_tmp; + char *con = NULL, *con_tmp; int ret = -1; switch (opts->from_type) { @@ -620,9 +620,10 @@ static void disp__con_val(const char *name, const char *val, done = TRUE; } -static void disp_con(security_context_t scon_raw) +static void disp_con(const char *scon_raw) { - security_context_t scon_trans, scon; + char *scon_trans; + const char *scon; context_t con = NULL; char *color_str = NULL; struct context_color_t color = { .valid = 0 }; @@ -748,7 +749,7 @@ static void disp_con(security_context_t scon_raw) int main(int argc, char *argv[]) { - security_context_t scon_raw = NULL; + char *scon_raw = NULL; cmd_line(argc, argv); diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c index 9707a456..d626e98d 100644 --- a/sandbox/seunshare.c +++ b/sandbox/seunshare.c @@ -431,13 +431,13 @@ static int cleanup_tmpdir(const char *tmpdir, const char *src, * to clean it up. */ static char *create_tmpdir(const char *src, struct stat *src_st, - struct stat *out_st, struct passwd *pwd, security_context_t execcon) + struct stat *out_st, struct passwd *pwd, const char *execcon) { char *tmpdir = NULL; char *cmdbuf = NULL; int fd_t = -1, fd_s = -1; struct stat tmp_st; - security_context_t con = NULL; + char *con = NULL; /* get selinux context */ if (execcon) { @@ -549,10 +549,10 @@ good: #define PROC_BASE "/proc" static int -killall (security_context_t execcon) +killall (const char *execcon) { DIR *dir; - security_context_t scon; + char *scon; struct dirent *de; pid_t *pid_table, pid, self; int i; @@ -615,7 +615,7 @@ killall (security_context_t execcon) int main(int argc, char **argv) { int status = -1; - security_context_t execcon = NULL; + const char *execcon = NULL; int clflag; /* holds codes for command line flags */ int kill_all = 0;
Follow-up of: 9eb9c9327563014ad6a807814e7975424642d5b9 ("Get rid of security_context_t and fix const declarations.") Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- mcstrans/src/mcscolor.c | 8 +++--- mcstrans/src/mcstrans.c | 12 ++++----- mcstrans/src/mcstrans.h | 4 +-- mcstrans/src/mcstransd.c | 6 ++--- mcstrans/utils/transcon.c | 2 +- mcstrans/utils/untranscon.c | 2 +- policycoreutils/newrole/newrole.c | 40 ++++++++++++++--------------- policycoreutils/run_init/run_init.c | 4 +-- policycoreutils/secon/secon.c | 19 +++++++------- sandbox/seunshare.c | 10 ++++---- 10 files changed, 54 insertions(+), 53 deletions(-)