Message ID | 20220217142133.72205-2-cgzones@googlemail.com (mailing list archive) |
---|---|
State | Changes Requested |
Delegated to: | Paul Moore |
Headers | show |
Series | [1/5] selinux: drop return statement at end of void functions | expand |
On Thu, Feb 17, 2022 at 9:21 AM Christian Göttsche <cgzones@googlemail.com> wrote: > > Use a consistent type of unsigned int* for boolean arrays, instead of > using implicit casts to and from int*. > > Reported by sparse: > > security/selinux/selinuxfs.c:1481:30: warning: incorrect type in assignment (different signedness) > security/selinux/selinuxfs.c:1481:30: expected unsigned int * > security/selinux/selinuxfs.c:1481:30: got int *[addressable] values > security/selinux/selinuxfs.c:1398:48: warning: incorrect type in argument 3 (different signedness) > security/selinux/selinuxfs.c:1398:48: expected int *values > security/selinux/selinuxfs.c:1398:48: got unsigned int *bool_pending_values > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > > --- > A more invasive change would be to change all boolean arrays to bool*. I think that might be a worthwhile change, although that can happen at a later date. A quick general comment: please try to stick to 80-char long lines. I realize Linus/checkpatch.pl has started to allow longer lines but I would still like SELinux to try and keep to 80-chars or under. > diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c > index 6901dc07680d..7865926962ab 100644 > --- a/security/selinux/ss/services.c > +++ b/security/selinux/ss/services.c > @@ -3175,7 +3175,8 @@ int security_get_bool_value(struct selinux_state *state, > static int security_preserve_bools(struct selinux_policy *oldpolicy, > struct selinux_policy *newpolicy) > { > - int rc, *bvalues = NULL; > + int rc; > + unsigned int *bvalues = NULL; Doesn't this cause a type mismatch (unsigned int vs int) when an entry from bvalues[] is assigned to cond_bool_datum::state later in the security_preserve_bools() function?
On Fri, 18 Feb 2022 at 17:01, Paul Moore <paul@paul-moore.com> wrote: > > On Thu, Feb 17, 2022 at 9:21 AM Christian Göttsche > <cgzones@googlemail.com> wrote: > > > > Use a consistent type of unsigned int* for boolean arrays, instead of > > using implicit casts to and from int*. > > > > Reported by sparse: > > > > security/selinux/selinuxfs.c:1481:30: warning: incorrect type in assignment (different signedness) > > security/selinux/selinuxfs.c:1481:30: expected unsigned int * > > security/selinux/selinuxfs.c:1481:30: got int *[addressable] values > > security/selinux/selinuxfs.c:1398:48: warning: incorrect type in argument 3 (different signedness) > > security/selinux/selinuxfs.c:1398:48: expected int *values > > security/selinux/selinuxfs.c:1398:48: got unsigned int *bool_pending_values > > > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > > > > --- > > A more invasive change would be to change all boolean arrays to bool*. > > I think that might be a worthwhile change, although that can happen at > a later date. > > A quick general comment: please try to stick to 80-char long lines. I > realize Linus/checkpatch.pl has started to allow longer lines but I > would still like SELinux to try and keep to 80-chars or under. > > > diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c > > index 6901dc07680d..7865926962ab 100644 > > --- a/security/selinux/ss/services.c > > +++ b/security/selinux/ss/services.c > > @@ -3175,7 +3175,8 @@ int security_get_bool_value(struct selinux_state *state, > > static int security_preserve_bools(struct selinux_policy *oldpolicy, > > struct selinux_policy *newpolicy) > > { > > - int rc, *bvalues = NULL; > > + int rc; > > + unsigned int *bvalues = NULL; > > Doesn't this cause a type mismatch (unsigned int vs int) when an entry > from bvalues[] is assigned to cond_bool_datum::state later in the > security_preserve_bools() function? Yes, but those variables *should* only hold the values 0 or 1. But probably it's better to re-spin for 5.19 with all arrays and cond_bool_datum::state converted to literal bool type. > > -- > paul-moore.com
diff --git a/security/selinux/include/conditional.h b/security/selinux/include/conditional.h index b09343346e3f..9e65aa409318 100644 --- a/security/selinux/include/conditional.h +++ b/security/selinux/include/conditional.h @@ -14,9 +14,9 @@ #include "security.h" int security_get_bools(struct selinux_policy *policy, - u32 *len, char ***names, int **values); + u32 *len, char ***names, unsigned int **values); -int security_set_bools(struct selinux_state *state, u32 len, int *values); +int security_set_bools(struct selinux_state *state, u32 len, unsigned int *values); int security_get_bool_value(struct selinux_state *state, u32 index); diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index f2f6203e0fff..5216a321bbb0 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -1428,7 +1428,7 @@ static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_ struct inode_security_struct *isec; char **names = NULL, *page; u32 i, num; - int *values = NULL; + unsigned int *values = NULL; u32 sid; ret = -ENOMEM; diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 6901dc07680d..7865926962ab 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3023,7 +3023,7 @@ int security_fs_use(struct selinux_state *state, struct super_block *sb) } int security_get_bools(struct selinux_policy *policy, - u32 *len, char ***names, int **values) + u32 *len, char ***names, unsigned int **values) { struct policydb *policydb; u32 i; @@ -3045,7 +3045,7 @@ int security_get_bools(struct selinux_policy *policy, goto err; rc = -ENOMEM; - *values = kcalloc(*len, sizeof(int), GFP_ATOMIC); + *values = kcalloc(*len, sizeof(unsigned int), GFP_ATOMIC); if (!*values) goto err; @@ -3075,7 +3075,7 @@ int security_get_bools(struct selinux_policy *policy, } -int security_set_bools(struct selinux_state *state, u32 len, int *values) +int security_set_bools(struct selinux_state *state, u32 len, unsigned int *values) { struct selinux_policy *newpolicy, *oldpolicy; int rc; @@ -3175,7 +3175,8 @@ int security_get_bool_value(struct selinux_state *state, static int security_preserve_bools(struct selinux_policy *oldpolicy, struct selinux_policy *newpolicy) { - int rc, *bvalues = NULL; + int rc; + unsigned int *bvalues = NULL; char **bnames = NULL; struct cond_bool_datum *booldatum; u32 i, nbools = 0;
Use a consistent type of unsigned int* for boolean arrays, instead of using implicit casts to and from int*. Reported by sparse: security/selinux/selinuxfs.c:1481:30: warning: incorrect type in assignment (different signedness) security/selinux/selinuxfs.c:1481:30: expected unsigned int * security/selinux/selinuxfs.c:1481:30: got int *[addressable] values security/selinux/selinuxfs.c:1398:48: warning: incorrect type in argument 3 (different signedness) security/selinux/selinuxfs.c:1398:48: expected int *values security/selinux/selinuxfs.c:1398:48: got unsigned int *bool_pending_values Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- A more invasive change would be to change all boolean arrays to bool*. --- security/selinux/include/conditional.h | 4 ++-- security/selinux/selinuxfs.c | 2 +- security/selinux/ss/services.c | 9 +++++---- 3 files changed, 8 insertions(+), 7 deletions(-)