From patchwork Tue Jun 8 15:58:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307317 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 519D4C4743E for ; Tue, 8 Jun 2021 15:59:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3AA7460FEA for ; Tue, 8 Jun 2021 15:59:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232031AbhFHQB2 (ORCPT ); Tue, 8 Jun 2021 12:01:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51302 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231308AbhFHQB2 (ORCPT ); Tue, 8 Jun 2021 12:01:28 -0400 Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 49FB9C061787 for ; Tue, 8 Jun 2021 08:59:21 -0700 (PDT) Received: by mail-ej1-x634.google.com with SMTP id l1so33445553ejb.6 for ; Tue, 08 Jun 2021 08:59:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=xtIdW4G81bW74Br+IjP1e2QKqelXexDHXVnkHP0CJk4=; b=o3CGXsvqHep38ta0UBAFBAxhxuXKUJx71dPeHdhKJ8VIsT5SmWCLHYNNyqRw/S2t9v Utfm3T45zDqGqhtH6OH/uO9Ol0dDG52f3qHsNJrFGRvBLgl7E0I94aH1Mi4JlBbjbzAf HP7newv3RzEl1kRPH7wI98a7Uke9fbyxodljI9WWwVQg6R1DEyfmQ4tArMmWcX7imaOG oM/IwXxkJsvNLOuiBVJm2JvG5iDqTBJNzdbql40eOMcusr1YprcCa6koDzVFmYADFFEc eH4EXqoqlcQcvZW2J70/dlH7D0+i+MV4fQnkuIxeMA1t9WLr9BfmINm+SOr5fI/t8ilx ILtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=xtIdW4G81bW74Br+IjP1e2QKqelXexDHXVnkHP0CJk4=; b=gfopiam/By9Ufz8nnFMiH7mpmir3sWtq2BvG0v+MOA85N8yghyV/zZlG7oDSTwusjQ WTLRZPy7eylfvP2dtPdxJxaXwjqlf4VhDVnh9BrOQL9POzgUR9DN3EllThabKwi0lg6T 3KmEV9LNEAQly2YnujvQx1nHuCkGAy4mktwWJD8IGVlZJ7VoYOrefAd22BdvGvMgHxPD jHrY1VgruO8i7XjSpn9pUPFMszvS2HM03leflBoeoe4dPff/7+RftHrLvA1fZ36VA51z KZjHvxdopgAOHFkLKKKadDzuLY5c7S/5hsqjEecshw6zOEb5Ml65f2GhVXXZl5mm47Gg cJBg== X-Gm-Message-State: AOAM530AYsVtgxE0sU4smNrnmAbfSjBQnYOm8KDXOPvK3JXv1n6HSYY4 JDIgFbLzJmjakq5jtIEABViBQtLIW/k= X-Google-Smtp-Source: ABdhPJxZs7jZ7dKDICnHCFymdcbciFY6QTzp66ZZ2SKacoB5eTbUCKlzp+jLgc6daXIRLjLNh1aAug== X-Received: by 2002:a17:906:a854:: with SMTP id dx20mr24616927ejb.128.1623167959871; Tue, 08 Jun 2021 08:59:19 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:19 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 01/23] libsepol: fix typos Date: Tue, 8 Jun 2021 17:58:50 +0200 Message-Id: <20210608155912.32047-2-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/cil/src/cil_build_ast.c | 2 +- libsepol/cil/src/cil_resolve_ast.c | 2 +- libsepol/src/module_to_cil.c | 2 +- libsepol/src/policydb_validate.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c index 71f14e20..42d10c87 100644 --- a/libsepol/cil/src/cil_build_ast.c +++ b/libsepol/cil/src/cil_build_ast.c @@ -3692,7 +3692,7 @@ int cil_gen_sensitivityorder(struct cil_db *db, struct cil_tree_node *parse_curr cil_list_for_each(curr, sensorder->sens_list_str) { if (curr->data == CIL_KEY_UNORDERED) { - cil_log(CIL_ERR, "Sensitivy order cannot be unordered.\n"); + cil_log(CIL_ERR, "Sensitivity order cannot be unordered.\n"); rc = SEPOL_ERR; goto exit; } diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c index 77ffe0ff..d8481002 100644 --- a/libsepol/cil/src/cil_resolve_ast.c +++ b/libsepol/cil/src/cil_resolve_ast.c @@ -1619,7 +1619,7 @@ int cil_resolve_sensitivityorder(struct cil_tree_node *current, void *extra_args cil_list_for_each(curr, sensorder->sens_list_str) { rc = cil_resolve_name(current, (char *)curr->data, CIL_SYM_SENS, extra_args, &datum); if (rc != SEPOL_OK) { - cil_log(CIL_ERR, "Failed to resolve sensitivty %s in sensitivityorder\n", (char *)curr->data); + cil_log(CIL_ERR, "Failed to resolve sensitivity %s in sensitivityorder\n", (char *)curr->data); goto exit; } if (FLAVOR(datum) != CIL_SENS) { diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c index 496693f4..41605eb8 100644 --- a/libsepol/src/module_to_cil.c +++ b/libsepol/src/module_to_cil.c @@ -3972,7 +3972,7 @@ int sepol_module_policydb_to_cil(FILE *fp, struct policydb *pdb, int linked) if (pdb->policy_type != SEPOL_POLICY_BASE && pdb->policy_type != SEPOL_POLICY_MOD) { - log_err("Policy pakcage is not a base or module"); + log_err("Policy package is not a base or module"); rc = -1; goto exit; } diff --git a/libsepol/src/policydb_validate.c b/libsepol/src/policydb_validate.c index b2891ddd..246aa6e3 100644 --- a/libsepol/src/policydb_validate.c +++ b/libsepol/src/policydb_validate.c @@ -641,7 +641,7 @@ static int validate_scope_index(sepol_handle_t *handle, scope_index_t *scope_ind return 0; bad: - ERR(handle, "Invalide scope"); + ERR(handle, "Invalid scope"); return -1; } From patchwork Tue Jun 8 15:58:51 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307321 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B1B0DC4743F for ; Tue, 8 Jun 2021 15:59:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A20A660FEA for ; Tue, 8 Jun 2021 15:59:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231308AbhFHQB2 (ORCPT ); Tue, 8 Jun 2021 12:01:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51316 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230460AbhFHQB2 (ORCPT ); Tue, 8 Jun 2021 12:01:28 -0400 Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 838BAC061789 for ; Tue, 8 Jun 2021 08:59:23 -0700 (PDT) Received: by mail-ej1-x62d.google.com with SMTP id he7so14012665ejc.13 for ; Tue, 08 Jun 2021 08:59:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Ty8GekRQ/JaeL0oD8unL+aEzUu4oz9pGY5yY4pa6Ao8=; b=uHMnM1wJ8/2ofH+UrNZCMHL0vGGxPJRbRFNCy1lq3waJAw45hM9kcOQUCtxkUMd4AC CuogF8thbcAwCc1DKuKKwFkYWgKIsX7Al9RNvucE+RL8BCtjyW2zgZoL/IPMy+KkUdTO IITRAKQt7aWnM8+i+8+OKgats+bcyskDabQib/fwt0qw09XffgHd0ZaJvWd5D2LoMcP7 qn/CPoEtcuvQSnhXRrYCngM9O7bvvDFnLiAG8N+LpMH67yGhdZfqpSTokGdiwh/iSRse wtUbS+zeEdtoqCz18jg4i8Y42ou5ObYqnVwzEyFOKh//WzUDE6rxKubYu2E38UgMh8A8 BrQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Ty8GekRQ/JaeL0oD8unL+aEzUu4oz9pGY5yY4pa6Ao8=; b=V5QCjZWL+8oWLgrFvKEioSGL6zxRZ2jIsJvwiWkLv000bD9qtsHKk+rl8AH8YJ5Ia4 LTj/WlZCd6bd2vn1lS1ymJUdY+BNzHaw/4YX/9kBPtO8jCX5Q5ZYrHowNu1gR0XzG8QD 9pALl6R9dl5HM1VhCMXykEcTXlO1Kc8lssaryQ72zrxkAw2Cf4GSU7og+mi+mFNno3dD vf2G6zlNh2m8n0lBYs1tY+p8COgFnPVRbMUOvmaDJzel1PMOfBIFUwql+MxwAdn6QMsz L/uEO4r7VEb/FlesSFkgwkqJ3OR/XR0iKYSGcUVb0crMghFOx2gz4A7w2hCtrLSI9zJE USzw== X-Gm-Message-State: AOAM533Aa8YX6A7LL8NLyp6ua0CiiTb435mxlTjJBLQNfyLbtC/kgwIu C8zJV17l712Q/piZBWSv/1JGEY9iWeU= X-Google-Smtp-Source: ABdhPJzz6/kNK+B5ku+kEFy/ZCglyqwedLCfV6SQi7PyZ2dWTmTXSAbmPPsC7XmPEG1lUGLDSRivxg== X-Received: by 2002:a17:907:3e1a:: with SMTP id hp26mr24275922ejc.77.1623167960424; Tue, 08 Jun 2021 08:59:20 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:20 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 02/23] libsepol: resolve missing prototypes Date: Tue, 8 Jun 2021 17:58:51 +0200 Message-Id: <20210608155912.32047-3-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Declare the functions as static or include the corresponding header file. assertion.c:294:5: error: no previous prototype for function 'report_assertion_failures' [-Werror,-Wmissing-prototypes] int report_assertion_failures(sepol_handle_t *handle, policydb_t *p, avrule_t *avrule) ^ context.c:23:5: error: no previous prototype for function 'sepol_check_context' [-Werror,-Wmissing-prototypes] int sepol_check_context(const char *context) ^ expand.c:3377:5: error: no previous prototype for function 'expand_cond_av_node' [-Werror,-Wmissing-prototypes] int expand_cond_av_node(policydb_t * p, ^ policydb.c:638:6: error: no previous prototype for function 'role_trans_rule_destroy' [-Werror,-Wmissing-prototypes] void role_trans_rule_destroy(role_trans_rule_t * x) ^ policydb.c:1169:5: error: no previous prototype for function 'policydb_index_decls' [-Werror,-Wmissing-prototypes] int policydb_index_decls(sepol_handle_t * handle, policydb_t * p) ^ policydb.c:1429:6: error: no previous prototype for function 'ocontext_selinux_free' [-Werror,-Wmissing-prototypes] void ocontext_selinux_free(ocontext_t **ocontexts) ^ policydb.c:1451:6: error: no previous prototype for function 'ocontext_xen_free' [-Werror,-Wmissing-prototypes] void ocontext_xen_free(ocontext_t **ocontexts) ^ policydb.c:1750:5: error: no previous prototype for function 'type_set_or' [-Werror,-Wmissing-prototypes] int type_set_or(type_set_t * dst, type_set_t * a, type_set_t * b) ^ policydb.c:2524:5: error: no previous prototype for function 'role_trans_read' [-Werror,-Wmissing-prototypes] int role_trans_read(policydb_t *p, struct policy_file *fp) ^ policydb.c:2567:5: error: no previous prototype for function 'role_allow_read' [-Werror,-Wmissing-prototypes] int role_allow_read(role_allow_t ** r, struct policy_file *fp) ^ policydb.c:2842:5: error: no previous prototype for function 'filename_trans_read' [-Werror,-Wmissing-prototypes] int filename_trans_read(policydb_t *p, struct policy_file *fp) ^ services.c:1027:5: error: no previous prototype for function 'sepol_validate_transition' [-Werror,-Wmissing-prototypes] int sepol_validate_transition(sepol_security_id_t oldsid, ^ Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/assertion.c | 2 +- libsepol/src/context_internal.h | 1 + libsepol/src/expand.c | 6 +++--- libsepol/src/policydb.c | 16 ++++++++-------- libsepol/src/services.c | 2 +- 5 files changed, 14 insertions(+), 13 deletions(-) diff --git a/libsepol/src/assertion.c b/libsepol/src/assertion.c index 266f67d7..dd2749a0 100644 --- a/libsepol/src/assertion.c +++ b/libsepol/src/assertion.c @@ -291,7 +291,7 @@ exit: return rc; } -int report_assertion_failures(sepol_handle_t *handle, policydb_t *p, avrule_t *avrule) +static int report_assertion_failures(sepol_handle_t *handle, policydb_t *p, avrule_t *avrule) { int rc; struct avtab_match_args args; diff --git a/libsepol/src/context_internal.h b/libsepol/src/context_internal.h index 3cae28cc..3dc9cd15 100644 --- a/libsepol/src/context_internal.h +++ b/libsepol/src/context_internal.h @@ -1,6 +1,7 @@ #ifndef _SEPOL_CONTEXT_INTERNAL_H_ #define _SEPOL_CONTEXT_INTERNAL_H_ +#include #include #endif diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c index a656ffad..84bfcfa3 100644 --- a/libsepol/src/expand.c +++ b/libsepol/src/expand.c @@ -3374,9 +3374,9 @@ static int expand_cond_insert(cond_av_list_t ** l, return 0; } -int expand_cond_av_node(policydb_t * p, - avtab_ptr_t node, - cond_av_list_t ** newl, avtab_t * expa) +static int expand_cond_av_node(policydb_t * p, + avtab_ptr_t node, + cond_av_list_t ** newl, avtab_t * expa) { avtab_key_t *k = &node->key; avtab_datum_t *d = &node->datum; diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index ffa27971..3f7ddb11 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -635,7 +635,7 @@ void role_trans_rule_init(role_trans_rule_t * x) ebitmap_init(&x->classes); } -void role_trans_rule_destroy(role_trans_rule_t * x) +static void role_trans_rule_destroy(role_trans_rule_t * x) { if (x != NULL) { role_set_destroy(&x->roles); @@ -1166,7 +1166,7 @@ int policydb_index_bools(policydb_t * p) return 0; } -int policydb_index_decls(sepol_handle_t * handle, policydb_t * p) +static int policydb_index_decls(sepol_handle_t * handle, policydb_t * p) { avrule_block_t *curblock; avrule_decl_t *decl; @@ -1426,7 +1426,7 @@ static int range_tr_destroy(hashtab_key_t key, hashtab_datum_t datum, return 0; } -void ocontext_selinux_free(ocontext_t **ocontexts) +static void ocontext_selinux_free(ocontext_t **ocontexts) { ocontext_t *c, *ctmp; int i; @@ -1448,7 +1448,7 @@ void ocontext_selinux_free(ocontext_t **ocontexts) } } -void ocontext_xen_free(ocontext_t **ocontexts) +static void ocontext_xen_free(ocontext_t **ocontexts) { ocontext_t *c, *ctmp; int i; @@ -1747,7 +1747,7 @@ int symtab_insert(policydb_t * pol, uint32_t sym, return retval; } -int type_set_or(type_set_t * dst, type_set_t * a, type_set_t * b) +static int type_set_or(type_set_t * dst, type_set_t * a, type_set_t * b) { type_set_init(dst); @@ -2521,7 +2521,7 @@ static int type_read(policydb_t * p, hashtab_t h, struct policy_file *fp) return -1; } -int role_trans_read(policydb_t *p, struct policy_file *fp) +static int role_trans_read(policydb_t *p, struct policy_file *fp) { role_trans_t **t = &p->role_tr; unsigned int i; @@ -2564,7 +2564,7 @@ int role_trans_read(policydb_t *p, struct policy_file *fp) return 0; } -int role_allow_read(role_allow_t ** r, struct policy_file *fp) +static int role_allow_read(role_allow_t ** r, struct policy_file *fp) { unsigned int i; uint32_t buf[2], nel; @@ -2839,7 +2839,7 @@ err: return -1; } -int filename_trans_read(policydb_t *p, struct policy_file *fp) +static int filename_trans_read(policydb_t *p, struct policy_file *fp) { unsigned int i; uint32_t buf[1], nel; diff --git a/libsepol/src/services.c b/libsepol/src/services.c index 6596431c..39fbd979 100644 --- a/libsepol/src/services.c +++ b/libsepol/src/services.c @@ -1024,7 +1024,7 @@ static int context_struct_compute_av(context_struct_t * scontext, return 0; } -int sepol_validate_transition(sepol_security_id_t oldsid, +static int sepol_validate_transition(sepol_security_id_t oldsid, sepol_security_id_t newsid, sepol_security_id_t tasksid, sepol_security_class_t tclass) From patchwork Tue Jun 8 15:58:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307307 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AC604C4743E for ; Tue, 8 Jun 2021 15:59:23 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9629A61351 for ; Tue, 8 Jun 2021 15:59:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232487AbhFHQBP (ORCPT ); Tue, 8 Jun 2021 12:01:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51306 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232377AbhFHQBP (ORCPT ); Tue, 8 Jun 2021 12:01:15 -0400 Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 63452C061574 for ; Tue, 8 Jun 2021 08:59:22 -0700 (PDT) Received: by mail-ej1-x62f.google.com with SMTP id he7so14012702ejc.13 for ; Tue, 08 Jun 2021 08:59:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=0dT1WXYFxWGO7YTg0yBqdK6fLrIxfUrG/rl0MeVrInw=; b=KSCLgnNKJVLFf/1SD9twyQm9K0lNpSC73tU/bbRzYaAlrCANYbP9x3whLyxY2gTkBl DSQ0WZJWo/GAYR8UKrjTuqg0GOIZSIYIa8ejjjm5sDRHb/vWTven4cfe33BfOcmUb3J1 2BplCwyoenoKXW0ZMCG7YXsArcPdmRY8hPsA7m1qUj8u4dMuG/KRdk364Fv8rz8w2gdT IkvNXokhsa0XNHBFn+tv1jNUzdxr64ZZHPYuDIEz+1Vrv99aS0YGwUkNDETMp6GLwpsB DR2yfRbof2iMzav2OEMOI1Vl0PiSJRiV695Bmwojm56Y84Bes77nJKxf0koNGCVAdCBi fPuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=0dT1WXYFxWGO7YTg0yBqdK6fLrIxfUrG/rl0MeVrInw=; b=oD5ZL1HZrym5LokbNDUI4zY79guHz2VKbjz1+NG3d85UNZ5VySlAQG6k/3OYYHEY9F pFMqcbEO4SsFZJr+IrqXjPwSnqOOzAHXP62ASn3hfaNSuhJdaybRusI1aZViLLz23oJH 60PuHOq1udPG2CyKem+Uf0mD9Pw3tb0QRqmhDehyL9IWMEvMJVkEC27RgCOLRpjin5Ww tKyk3TtCT+6oNdTs75UfDM1F+iKuCgpfeBHIffjTEQFWl+Xp17/hhFUj85LcOrB+DsNk hXjzH46Brlop/s61aQaDAkR+H9asLLid4hVyzrLPR0lyRAMOPTdWDhoP04gecivULpt5 /1GQ== X-Gm-Message-State: AOAM531rjTLZTOCCnc3FDrOiwsF3w0VpPkgQycJTW8jHvXvju2Q20d2W kBVt5K40aBHwGbcXXtHvTAKxJH5T9mE= X-Google-Smtp-Source: ABdhPJx5YtmwJFk/A9muFwl80nwivcoF7UbnKaoPxb1btF9XyzdmI55gBlnqwy/9aaAqRBvZkxo2CA== X-Received: by 2002:a17:906:a1d2:: with SMTP id bx18mr23944381ejb.423.1623167960966; Tue, 08 Jun 2021 08:59:20 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:20 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 03/23] libsepol: remove unused functions Date: Tue, 8 Jun 2021 17:58:52 +0200 Message-Id: <20210608155912.32047-4-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org The functions `role_set_get_role`, `sepol_validate_transition` and `sepol_sidtab_remove` seem to be unused since the initial import. Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/policydb.c | 18 ---------------- libsepol/src/services.c | 47 ----------------------------------------- libsepol/src/sidtab.c | 31 --------------------------- 3 files changed, 96 deletions(-) diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index 3f7ddb11..fc1d0711 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -1791,24 +1791,6 @@ int type_set_or_eq(type_set_t * dst, type_set_t * other) return ret; } -int role_set_get_role(role_set_t * x, uint32_t role) -{ - if (x->flags & ROLE_STAR) - return 1; - - if (ebitmap_get_bit(&x->roles, role - 1)) { - if (x->flags & ROLE_COMP) - return 0; - else - return 1; - } else { - if (x->flags & ROLE_COMP) - return 1; - else - return 0; - } -} - /***********************************************************************/ /* everything below is for policy reads */ diff --git a/libsepol/src/services.c b/libsepol/src/services.c index 39fbd979..ff91f7d2 100644 --- a/libsepol/src/services.c +++ b/libsepol/src/services.c @@ -1024,53 +1024,6 @@ static int context_struct_compute_av(context_struct_t * scontext, return 0; } -static int sepol_validate_transition(sepol_security_id_t oldsid, - sepol_security_id_t newsid, - sepol_security_id_t tasksid, - sepol_security_class_t tclass) -{ - context_struct_t *ocontext; - context_struct_t *ncontext; - context_struct_t *tcontext; - class_datum_t *tclass_datum; - constraint_node_t *constraint; - - if (!tclass || tclass > policydb->p_classes.nprim) { - ERR(NULL, "unrecognized class %d", tclass); - return -EINVAL; - } - tclass_datum = policydb->class_val_to_struct[tclass - 1]; - - ocontext = sepol_sidtab_search(sidtab, oldsid); - if (!ocontext) { - ERR(NULL, "unrecognized SID %d", oldsid); - return -EINVAL; - } - - ncontext = sepol_sidtab_search(sidtab, newsid); - if (!ncontext) { - ERR(NULL, "unrecognized SID %d", newsid); - return -EINVAL; - } - - tcontext = sepol_sidtab_search(sidtab, tasksid); - if (!tcontext) { - ERR(NULL, "unrecognized SID %d", tasksid); - return -EINVAL; - } - - constraint = tclass_datum->validatetrans; - while (constraint) { - if (!constraint_expr_eval_reason(ocontext, ncontext, tcontext, - 0, constraint, NULL, 0)) { - return -EPERM; - } - constraint = constraint->next; - } - - return 0; -} - /* * sepol_validate_transition_reason_buffer - the reason buffer is realloc'd * in the constraint_expr_eval_reason() function. diff --git a/libsepol/src/sidtab.c b/libsepol/src/sidtab.c index e6bf5716..255e0725 100644 --- a/libsepol/src/sidtab.c +++ b/libsepol/src/sidtab.c @@ -84,37 +84,6 @@ int sepol_sidtab_insert(sidtab_t * s, sepol_security_id_t sid, return 0; } -int sepol_sidtab_remove(sidtab_t * s, sepol_security_id_t sid) -{ - int hvalue; - sidtab_node_t *cur, *last; - - if (!s || !s->htable) - return -ENOENT; - - hvalue = SIDTAB_HASH(sid); - last = NULL; - cur = s->htable[hvalue]; - while (cur != NULL && sid > cur->sid) { - last = cur; - cur = cur->next; - } - - if (cur == NULL || sid != cur->sid) - return -ENOENT; - - if (last == NULL) - s->htable[hvalue] = cur->next; - else - last->next = cur->next; - - context_destroy(&cur->context); - - free(cur); - s->nel--; - return 0; -} - context_struct_t *sepol_sidtab_search(sidtab_t * s, sepol_security_id_t sid) { int hvalue; From patchwork Tue Jun 8 15:58:53 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307333 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 33A9AC47082 for ; Tue, 8 Jun 2021 16:00:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1942460FEA for ; Tue, 8 Jun 2021 16:00:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233338AbhFHQCa (ORCPT ); Tue, 8 Jun 2021 12:02:30 -0400 Received: from mail-ej1-f51.google.com ([209.85.218.51]:47045 "EHLO mail-ej1-f51.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233559AbhFHQC2 (ORCPT ); Tue, 8 Jun 2021 12:02:28 -0400 Received: by mail-ej1-f51.google.com with SMTP id he7so14012746ejc.13 for ; Tue, 08 Jun 2021 09:00:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=cilr5VJh6Rx+zDBjugNMcKX9tEVL15YNgChmc2XaUzw=; b=mt1+FZOGyzulAydIUylaOxWuVaLzwhl6HH2fKcFRXqf3Th2QfbZVA5GLeC6gNKgtgc x88Sj8MdkuahAamq0SIDgWZM5Nx9x00E5pYzWiOO3LK4sQYdgJgoSLho1RGidYUgf4Oq 5vXQxV5R8Anr/fqctBTzwNRJ6bFIMDZHK4/ZLfaO9n7FfjBQEpK7lAcdrHYki6S0ENuo hkwx3LEXnSa0W3QxaBZY0vZVVB3pr8K2ACrPyKvz9evy1eVrCsNc52hwKb+9hgCvFV85 X33w0W+f5A0p7yXqP0sGBzhKBpaTEMtKAwiAdELLglzdU41vePUPNWfE962qbkCSPzum OYVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=cilr5VJh6Rx+zDBjugNMcKX9tEVL15YNgChmc2XaUzw=; b=HvxaVyi1Z1+udXGdX+r6UlLVdHck6r6LnTmqI6iPrYOMmRCnPCr5ZCHg/mTGodrs/7 mbX7k55idqjx/w8lEorcT/YByayQq3ViW2iMZ7up3LJkx+5T65bgx3qsGNdtCaDLzyP+ 7KC8GDUXvcgeLpYdUbc0dVm/7lUO9R/5gYo/EQs/zZ7eM216cu/a5ygZCCxbEQojkh9u YeH+m592eEk8L0duH3gQI319cooqpiFCZ7avOdku+Pu3UtkbhkRAEnLViWJzzApYF8F2 y3CcgzYovJxjDIWfNXYig/JXSo5sgNdwxZFQG0rjfpnK1CEANNaiQ0ucoFlhRtyiH0jD 7D1A== X-Gm-Message-State: AOAM530t+R7r+HxiRojeMJra2wbyJ8ugqijC9Zjk+pGqvJJvJUCTN9Zh xt1DMPV+LjAfI9zOW5i+PRI9VQe93UE= X-Google-Smtp-Source: ABdhPJzACwPHZstIWYZhOu28rIS8QvDsrB6n7mjfSZKflY8N0UOPYxpdTXrB7dQW3GC5+Obhl20lZg== X-Received: by 2002:a17:906:1dc5:: with SMTP id v5mr23788609ejh.212.1623167961499; Tue, 08 Jun 2021 08:59:21 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:21 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 04/23] libsepol: ignore UBSAN false-positives Date: Tue, 8 Jun 2021 17:58:53 +0200 Message-Id: <20210608155912.32047-5-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Unsigned integer overflow is well-defined and not undefined behavior. But it is still useful to enable undefined behavior sanitizer checks on unsigned arithmetic to detect possible issues on counters or variables with similar purpose. Annotate functions in which unsigned overflows are expected to happen. avtab.c:76:2: runtime error: unsigned integer overflow: 6 * 3432918353 cannot be represented in type 'unsigned int' policydb.c:795:42: runtime error: unsigned integer overflow: 8160943042179512010 * 11 cannot be represented in type 'unsigned long' symtab.c:25:12: runtime error: left shift of 1766601759 by 4 places cannot be represented in type 'unsigned int' Signed-off-by: Christian Göttsche --- libsepol/src/avtab.c | 6 ++++++ libsepol/src/policydb.c | 6 ++++++ libsepol/src/symtab.c | 6 ++++++ 3 files changed, 18 insertions(+) diff --git a/libsepol/src/avtab.c b/libsepol/src/avtab.c index 257f051a..c2ccb005 100644 --- a/libsepol/src/avtab.c +++ b/libsepol/src/avtab.c @@ -52,6 +52,12 @@ /* Based on MurmurHash3, written by Austin Appleby and placed in the * public domain. */ +#if defined(__clang__) && defined(__clang_major__) && (__clang_major__ >= 4) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#if (__clang_major__ >= 12) +__attribute__((no_sanitize("unsigned-shift-base"))) +#endif +#endif static inline int avtab_hash(struct avtab_key *keyp, uint32_t mask) { static const uint32_t c1 = 0xcc9e2d51; diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index fc1d0711..cbe0c432 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -789,6 +789,12 @@ static int roles_init(policydb_t * p) goto out; } +#if defined(__clang__) && defined(__clang_major__) && (__clang_major__ >= 4) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#if (__clang_major__ >= 12) +__attribute__((no_sanitize("unsigned-shift-base"))) +#endif +#endif static inline unsigned long partial_name_hash(unsigned long c, unsigned long prevhash) { diff --git a/libsepol/src/symtab.c b/libsepol/src/symtab.c index 9a417ca2..738fa0a4 100644 --- a/libsepol/src/symtab.c +++ b/libsepol/src/symtab.c @@ -11,6 +11,12 @@ #include #include +#if defined(__clang__) && defined(__clang_major__) && (__clang_major__ >= 4) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#if (__clang_major__ >= 12) +__attribute__((no_sanitize("unsigned-shift-base"))) +#endif +#endif static unsigned int symhash(hashtab_t h, const_hashtab_key_t key) { const char *p, *keyp; From patchwork Tue Jun 8 15:58:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307319 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id F403BC4743D for ; Tue, 8 Jun 2021 15:59:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DCE3B610A2 for ; Tue, 8 Jun 2021 15:59:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230460AbhFHQB3 (ORCPT ); Tue, 8 Jun 2021 12:01:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51314 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231794AbhFHQB2 (ORCPT ); Tue, 8 Jun 2021 12:01:28 -0400 Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74DE6C061574 for ; Tue, 8 Jun 2021 08:59:23 -0700 (PDT) Received: by mail-ej1-x635.google.com with SMTP id ce15so33436923ejb.4 for ; Tue, 08 Jun 2021 08:59:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=uYZQDgKuK3aWpLYQs8mqqUL/L969oc9TyAiq+YPfHF4=; b=Utp1bVygDJqSOaUF6eKd+4euE5e3syeydX2nUNCm6sEbcss/jUBd7Ahk2vXHumEuDG 7Q3HDsKYmJxRN8SUDiCBrGf5HcSEMmfu1mtPfJc5xkz0/7GUpTbOqbaFkBmj7rHXG317 mAhSjAo4HkyGPaPm6e2cXbefqMFq213gVZVRjuwFQV4Xi2jcjrgLC/nOufILWGCj2jre 0qGZ8Yu64Sckq+qH3cDHEsuOsbftk55Rk1ekaxgikUR8U0Uzxn25qgCnQDcx/S5iTz+C zfuser0M+erur739uglIAXXZPTpkwry5fWSvSsTBs5r4R3+wGtXHoCF+le4U7zpOZlSG UhTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uYZQDgKuK3aWpLYQs8mqqUL/L969oc9TyAiq+YPfHF4=; b=peHH1ftfiwJicrA2h23uPMLSSsWyAod8jI5TOA10uBpxnY3vvM/lwY4GYTLMPCernJ UAKKSw4pVDb+iH7zHYt1ncA7XC44YXxgQC+DjiDmRrJLw8154iYYgCdsoOgL/3b9Stvk 1TtlFRGCpb/Yjmv1pA+IP8/TWWqFw59C3QOZZfBxpdfPeuskkVZSEKK+CqK/yVhAucoW Rno5BF/wY6UGdusQu5mCtdyvPqeEcCiNqA9RC11S5Ryny3a1ElVj0mX7Cfxln6pAiGEe FIN9bRvPtqg/yctwmOzfMLz4/N0y1kAL4BewCnOFsMh4MNboyTw2tZybL80GAfQfxqfF kfeA== X-Gm-Message-State: AOAM531PH3ppNkRjUDU+UBtdJvgrGUT0vr2l2WT4BUE0ol3MatEWvWQv 3ItrwGJXiGS27OHRkq1oxyo6pN0+3zg= X-Google-Smtp-Source: ABdhPJy6r2WwBL/dqd6TuwMk4Jbe9y+YrS017JCRAa8EBGWq8rA3mtZB6dTDN9uHwpFKQRPRNEu+EQ== X-Received: by 2002:a17:906:3057:: with SMTP id d23mr24196100ejd.131.1623167962019; Tue, 08 Jun 2021 08:59:22 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:21 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 05/23] libsepol: avoid implicit conversions Date: Tue, 8 Jun 2021 17:58:54 +0200 Message-Id: <20210608155912.32047-6-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Avoid implicit conversions from signed to unsigned values, found by UB sanitizers, by using unsigned values in the first place. expand.c:1644:18: runtime error: implicit conversion from type 'int' of value -1 (32-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 4294967295 (32-bit, unsigned) expand.c:2892:24: runtime error: implicit conversion from type 'int' of value -2 (32-bit, signed) to type 'unsigned int' changed the value to 4294967294 (32-bit, unsigned) policy_define.c:2344:4: runtime error: implicit conversion from type 'int' of value -1048577 (32-bit, signed) to type 'unsigned int' changed the value to 4293918719 (32-bit, unsigned) Signed-off-by: Christian Göttsche --- libsepol/include/sepol/policydb/conditional.h | 2 +- libsepol/include/sepol/policydb/policydb.h | 2 +- libsepol/src/expand.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/libsepol/include/sepol/policydb/conditional.h b/libsepol/include/sepol/policydb/conditional.h index 9c3df3ef..db3ef98d 100644 --- a/libsepol/include/sepol/policydb/conditional.h +++ b/libsepol/include/sepol/policydb/conditional.h @@ -90,7 +90,7 @@ typedef struct cond_node { uint32_t expr_pre_comp; struct cond_node *next; /* a tunable conditional, calculated and used at expansion */ -#define COND_NODE_FLAGS_TUNABLE 0x01 +#define COND_NODE_FLAGS_TUNABLE 0x01U uint32_t flags; } cond_node_t; diff --git a/libsepol/include/sepol/policydb/policydb.h b/libsepol/include/sepol/policydb/policydb.h index 9ef43abc..c29339dc 100644 --- a/libsepol/include/sepol/policydb/policydb.h +++ b/libsepol/include/sepol/policydb/policydb.h @@ -253,7 +253,7 @@ typedef struct class_perm_node { #define xperm_test(x, p) (1 & (p[x >> 5] >> (x & 0x1f))) #define xperm_set(x, p) (p[x >> 5] |= (1 << (x & 0x1f))) -#define xperm_clear(x, p) (p[x >> 5] &= ~(1 << (x & 0x1f))) +#define xperm_clear(x, p) (p[x >> 5] &= ~(1U << (x & 0x1f))) #define EXTENDED_PERMS_LEN 8 typedef struct av_extended_perms { diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c index 84bfcfa3..35e45780 100644 --- a/libsepol/src/expand.c +++ b/libsepol/src/expand.c @@ -1641,7 +1641,7 @@ static avtab_ptr_t find_avtab_node(sepol_handle_t * handle, * AUDITDENY, aka DONTAUDIT, are &= assigned, versus |= for * others. Initialize the data accordingly. */ - avdatum.data = key->specified == AVTAB_AUDITDENY ? ~0 : 0; + avdatum.data = key->specified == AVTAB_AUDITDENY ? ~0U : 0U; /* this is used to get the node - insertion is actually unique */ node = avtab_insert_nonunique(avtab, key, &avdatum); if (!node) { From patchwork Tue Jun 8 15:58:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307335 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 912BFC4743D for ; Tue, 8 Jun 2021 16:00:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7824660FEA for ; Tue, 8 Jun 2021 16:00:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233470AbhFHQCa (ORCPT ); Tue, 8 Jun 2021 12:02:30 -0400 Received: from mail-ed1-f53.google.com ([209.85.208.53]:33517 "EHLO mail-ed1-f53.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233574AbhFHQC2 (ORCPT ); Tue, 8 Jun 2021 12:02:28 -0400 Received: by mail-ed1-f53.google.com with SMTP id f5so20105769eds.0 for ; Tue, 08 Jun 2021 09:00:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=hNFqoMTSBb2YEQ/JMOq6ZaerAAisBzB47j3A/Xya/Nw=; b=JfZd4LhBCqb/hWyB72Eq0YKrinGRJifxM/hIDh7Cxh5gHQb2EbaLvMoKndgdZVebX2 R3N1dw62mYuie1zwifNgwoHTP01UeHi/9fuM2PHxmmoZ0D+growvJbhHH3wA6zpdq76V kGCnB8dCHAfC2cJTg62f/lnA9ZZLQ5XzsZNhRrJW24HjcPOu1GC6kEe0HyC8s+zDRrp1 ChQml2ZuI/0lI2z7TGwe+NlaUi3rnk0RQuEiz1HlfaZHpoKWU4P1H2Jakf33JsZkrI4O XRO0Ztd+dsHg8zp51au2H8OF+1Z2+9RceNcNUlKnAaq27NQwiPCfY0Oo2ZUXDcVUs0EY oQKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hNFqoMTSBb2YEQ/JMOq6ZaerAAisBzB47j3A/Xya/Nw=; b=SYGXrsdIZI8QGT9kamyzmgKhyMa9iAIPmnof7vdZB4QbPazQWK+0bpsIk7uPURGyqb g+EgUnC5Ap0/hoyQm3bobkQIv1hdS1olyRuu9FRgAq36CKd8sEYLsKFxwADAbzI/3lgw eDqaeucM+uKuz0BKzAfpSEhDHVBhKww7TdNw2OH0PRGbTwMQLJBhQwIVo464T/jbofwk GpLSpS7Q4jOutcO99U/6rdSK0nu+9K4ZUoT9TpJKlMHw/pwr8crWsA4b8taDLySeKOVy EDyqltYHJ7pfYnRyIqx3XUsYFqCH/RrYiIzKllClnsOCkKsSDik/gsDw8JCWXB5aBS9F HqJQ== X-Gm-Message-State: AOAM533fYEFI1//pBM/06JWYEZDQJQJsyLtiRL9pV38adVsJjYM3Sd0t sxSKRRxGF3x4Zn7QlHXTwyly9ccmSFI= X-Google-Smtp-Source: ABdhPJxwzzV7M7rzWu1x3bEDaXQL4rl7ezfJOYKtJAScuycx7ViUIq0UAKgZg6p7UooQBWcvmeWr4g== X-Received: by 2002:a05:6402:1ac9:: with SMTP id ba9mr26459682edb.250.1623167962603; Tue, 08 Jun 2021 08:59:22 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:22 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 06/23] libsepol: avoid unsigned integer overflow Date: Tue, 8 Jun 2021 17:58:55 +0200 Message-Id: <20210608155912.32047-7-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Unsigned integer overflow is well-defined and not undefined behavior. But it is still useful to enable undefined behavior sanitizer checks on unsigned arithmetic to detect possible issues on counters or variables with similar purpose. Use a spaceship operator like comparison instead of subtraction. Modern compilers will generate a single comparison instruction instead of actually perform the subtraction. policydb.c:826:17: runtime error: unsigned integer overflow: 24 - 1699 cannot be represented in type 'unsigned int' Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/policydb.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index cbe0c432..3389a943 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -823,11 +823,11 @@ static int filenametr_cmp(hashtab_t h __attribute__ ((unused)), const filename_trans_key_t *ft2 = (const filename_trans_key_t *)k2; int v; - v = ft1->ttype - ft2->ttype; + v = (ft1->ttype > ft2->ttype) - (ft1->ttype < ft2->ttype); if (v) return v; - v = ft1->tclass - ft2->tclass; + v = (ft1->tclass > ft2->tclass) - (ft1->tclass < ft2->tclass); if (v) return v; From patchwork Tue Jun 8 15:58:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307343 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CDE52C4743E for ; Tue, 8 Jun 2021 16:00:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B68B760FEA for ; Tue, 8 Jun 2021 16:00:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233328AbhFHQCa (ORCPT ); Tue, 8 Jun 2021 12:02:30 -0400 Received: from mail-ej1-f48.google.com ([209.85.218.48]:42691 "EHLO mail-ej1-f48.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233614AbhFHQC2 (ORCPT ); Tue, 8 Jun 2021 12:02:28 -0400 Received: by mail-ej1-f48.google.com with SMTP id k25so27948940eja.9 for ; Tue, 08 Jun 2021 09:00:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=aAZjW58Wsgpjs3ntxspU4uWrr852AOQHgRC4H8b0Gxo=; b=BtbqOVY++aanhi9crUnDnQyqYJvz00xGDpeuVXIypDBLBMb+qlx6WZ1JP7RM1LkUnz 49ixWnW/pph32i/X+1azquGAt61ZFMcowpkIXFM14jZ1Yc9EWCc4qLpBMJUDIyco61pL MU8cpmQyfV2OLYjY69dbM8TR+SZC5lnZSL79T6fPRJhvU8h8/EZlessyUXKrfTG4Wu5i 07EqAawaH2fWtRKTZHT3Bysk1nsEe2lY9Xm0VR3Qye2icJDp50bI1VyQJFwLrlbxtJ8T aFvaoMyvbjHUFYi1EjsZChUfFLAyDDq2v7ETJQLw3nKoNts0oCYsgIqO/stwOMqCv4hd Nrtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=aAZjW58Wsgpjs3ntxspU4uWrr852AOQHgRC4H8b0Gxo=; b=Olj2kuGCs2zuUFOAyX93NbgrRXu01gyOLvoNcTr2Cmnlvapd50P6bgsBsg52WYflF1 +31w2GbLSxmo9jq3Vs0ne9Uz2uI7Rmy/P8CQEolOZM+ogZnXhWwD/TVZmqjfhvFVVVdj xOJSwnZ5tDb9aD74ltVELNMxrAtLM3QslWjqh09tIBkACuBJIiJJuuY9+NZx2IIY+kvr yyC3SMz1kTUVV1GVmioLE/y6eZBD+ImocuxjgOnncr8RZHTCvRwMZ0OEcNy5dqndUY/x 0RT7U35h4kzgOZDhtdKVETKAoYONHhK0zQfFUa62GyoDXaPYUq4ugAKI+Hg3vXDoHGoQ PE3Q== X-Gm-Message-State: AOAM530/AUwlyaO1zm18/1I6fPOu+xhGIUvmsBjxlbiON2cN0UHDaKa1 +wqKf9EqqCw7kMAdTeKVqStrVM2B7oY= X-Google-Smtp-Source: ABdhPJwOJs7sAsnS5/YgNrq034mJlq3bxFIPeEz+b8m0eZrTDVdQpIQZ7Ar6ojl2/AU+yOm9B3Jizg== X-Received: by 2002:a17:906:b19:: with SMTP id u25mr23772384ejg.238.1623167963254; Tue, 08 Jun 2021 08:59:23 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:22 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 07/23] libsepol: follow declaration-after-statement Date: Tue, 8 Jun 2021 17:58:56 +0200 Message-Id: <20210608155912.32047-8-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Follow the project style of no declaration after statement. Found by the gcc warning -Wdeclaration-after-statement Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/booleans.c | 6 ++-- libsepol/src/debug.c | 2 +- libsepol/src/ebitmap.c | 11 ++++--- libsepol/src/module_to_cil.c | 10 +++--- libsepol/src/nodes.c | 6 ++-- libsepol/src/services.c | 59 ++++++++++++++++++------------------ libsepol/src/util.c | 2 +- 7 files changed, 50 insertions(+), 46 deletions(-) diff --git a/libsepol/src/booleans.c b/libsepol/src/booleans.c index 30fcf29d..716da6b4 100644 --- a/libsepol/src/booleans.c +++ b/libsepol/src/booleans.c @@ -19,6 +19,7 @@ static int bool_update(sepol_handle_t * handle, const char *cname; char *name; int value; + cond_bool_datum_t *datum; sepol_bool_key_unpack(key, &cname); name = strdup(cname); @@ -27,8 +28,7 @@ static int bool_update(sepol_handle_t * handle, if (!name) goto omem; - cond_bool_datum_t *datum = - hashtab_search(policydb->p_bools.table, name); + datum = hashtab_search(policydb->p_bools.table, name); if (!datum) { ERR(handle, "boolean %s no longer in policy", name); goto err; @@ -84,10 +84,10 @@ int sepol_bool_set(sepol_handle_t * handle, const sepol_bool_key_t * key, const sepol_bool_t * data) { + policydb_t *policydb = &p->p; const char *name; sepol_bool_key_unpack(key, &name); - policydb_t *policydb = &p->p; if (bool_update(handle, policydb, key, data) < 0) goto err; diff --git a/libsepol/src/debug.c b/libsepol/src/debug.c index 0458e353..f6a59ae7 100644 --- a/libsepol/src/debug.c +++ b/libsepol/src/debug.c @@ -44,6 +44,7 @@ void sepol_msg_default_handler(void *varg __attribute__ ((unused)), { FILE *stream = NULL; + va_list ap; switch (sepol_msg_get_level(handle)) { @@ -60,7 +61,6 @@ void sepol_msg_default_handler(void *varg __attribute__ ((unused)), fprintf(stream, "%s.%s: ", sepol_msg_get_channel(handle), sepol_msg_get_fname(handle)); - va_list ap; va_start(ap, fmt); vfprintf(stream, fmt, ap); va_end(ap); diff --git a/libsepol/src/ebitmap.c b/libsepol/src/ebitmap.c index 7f425349..522e14a6 100644 --- a/libsepol/src/ebitmap.c +++ b/libsepol/src/ebitmap.c @@ -113,9 +113,10 @@ int ebitmap_not(ebitmap_t *dst, ebitmap_t *e1, unsigned int maxbit) int ebitmap_andnot(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2, unsigned int maxbit) { + int rc; ebitmap_t e3; ebitmap_init(dst); - int rc = ebitmap_not(&e3, e2, maxbit); + rc = ebitmap_not(&e3, e2, maxbit); if (rc < 0) return rc; rc = ebitmap_and(dst, e1, &e3); @@ -138,13 +139,15 @@ unsigned int ebitmap_cardinality(ebitmap_t *e1) int ebitmap_hamming_distance(ebitmap_t * e1, ebitmap_t * e2) { + int rc; + ebitmap_t tmp; + int distance; if (ebitmap_cmp(e1, e2)) return 0; - ebitmap_t tmp; - int rc = ebitmap_xor(&tmp, e1, e2); + rc = ebitmap_xor(&tmp, e1, e2); if (rc < 0) return -1; - int distance = ebitmap_cardinality(&tmp); + distance = ebitmap_cardinality(&tmp); ebitmap_destroy(&tmp); return distance; } diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c index 41605eb8..73ec7971 100644 --- a/libsepol/src/module_to_cil.c +++ b/libsepol/src/module_to_cil.c @@ -107,8 +107,8 @@ static void cil_printf(const char *fmt, ...) { __attribute__ ((format(printf, 2, 3))) static void cil_println(int indent, const char *fmt, ...) { - cil_indent(indent); va_list argptr; + cil_indent(indent); va_start(argptr, fmt); if (vfprintf(out_file, fmt, argptr) < 0) { log_err("Failed to write to output"); @@ -235,12 +235,14 @@ static void role_list_destroy(void) static void attr_list_destroy(struct list **attr_list) { + struct list_node *curr; + struct attr_list_node *attr; + if (attr_list == NULL || *attr_list == NULL) { return; } - struct list_node *curr = (*attr_list)->head; - struct attr_list_node *attr; + curr = (*attr_list)->head; while (curr != NULL) { attr = curr->data; @@ -3525,12 +3527,12 @@ exit: static int additive_scopes_to_cil(int indent, struct policydb *pdb, struct avrule_block *block, struct stack *decl_stack) { int rc = -1; + struct avrule_decl *decl = stack_peek(decl_stack); struct map_args args; args.pdb = pdb; args.block = block; args.decl_stack = decl_stack; args.indent = indent; - struct avrule_decl *decl = stack_peek(decl_stack); for (args.sym_index = 0; args.sym_index < SYM_NUM; args.sym_index++) { if (func_to_cil[args.sym_index] == NULL) { diff --git a/libsepol/src/nodes.c b/libsepol/src/nodes.c index 820346d0..97a0f959 100644 --- a/libsepol/src/nodes.c +++ b/libsepol/src/nodes.c @@ -19,20 +19,20 @@ static int node_from_record(sepol_handle_t * handle, ocontext_t *tmp_node = NULL; context_struct_t *tmp_con = NULL; char *addr_buf = NULL, *mask_buf = NULL; + size_t addr_bsize, mask_bsize; + int proto; tmp_node = (ocontext_t *) calloc(1, sizeof(ocontext_t)); if (!tmp_node) goto omem; - size_t addr_bsize, mask_bsize; - /* Address and netmask */ if (sepol_node_get_addr_bytes(handle, data, &addr_buf, &addr_bsize) < 0) goto err; if (sepol_node_get_mask_bytes(handle, data, &mask_buf, &mask_bsize) < 0) goto err; - int proto = sepol_node_get_proto(data); + proto = sepol_node_get_proto(data); switch (proto) { case SEPOL_PROTO_IP4: diff --git a/libsepol/src/services.c b/libsepol/src/services.c index ff91f7d2..d647c8f5 100644 --- a/libsepol/src/services.c +++ b/libsepol/src/services.c @@ -290,6 +290,19 @@ static char *get_class_info(sepol_security_class_t tclass, { constraint_expr_t *e; int mls, state_num; + /* Determine statement type */ + const char *statements[] = { + "constrain ", /* 0 */ + "mlsconstrain ", /* 1 */ + "validatetrans ", /* 2 */ + "mlsvalidatetrans ", /* 3 */ + 0 }; + size_t class_buf_len = 0; + size_t new_class_buf_len; + size_t buf_used; + int len; + char *class_buf = NULL, *p; + char *new_class_buf = NULL; /* Find if MLS statement or not */ mls = 0; @@ -300,26 +313,11 @@ static char *get_class_info(sepol_security_class_t tclass, } } - /* Determine statement type */ - const char *statements[] = { - "constrain ", /* 0 */ - "mlsconstrain ", /* 1 */ - "validatetrans ", /* 2 */ - "mlsvalidatetrans ", /* 3 */ - 0 }; - if (xcontext == NULL) state_num = mls + 0; else state_num = mls + 2; - size_t class_buf_len = 0; - size_t new_class_buf_len; - size_t buf_used; - int len; - char *class_buf = NULL, *p; - char *new_class_buf = NULL; - while (1) { new_class_buf_len = class_buf_len + EXPR_BUF_SIZE; new_class_buf = realloc(class_buf, new_class_buf_len); @@ -417,6 +415,8 @@ static int constraint_expr_eval_reason(context_struct_t *scontext, char *tgt = NULL; int rc = 0, x; char *class_buf = NULL; + int expr_list_len = 0; + int expr_count; /* * The array of expression answer buffer pointers and counter. @@ -424,6 +424,11 @@ static int constraint_expr_eval_reason(context_struct_t *scontext, char **answer_list = NULL; int answer_counter = 0; + /* The pop operands */ + char *a; + char *b; + int a_len, b_len; + class_buf = get_class_info(tclass, constraint, xcontext); if (!class_buf) { ERR(NULL, "failed to allocate class buffer"); @@ -431,7 +436,6 @@ static int constraint_expr_eval_reason(context_struct_t *scontext, } /* Original function but with buffer support */ - int expr_list_len = 0; expr_counter = 0; expr_list = NULL; for (e = constraint->expr; e; e = e->next) { @@ -701,7 +705,7 @@ mls_ops: * expr_list malloc's. Normally they are released by the RPN to * infix code. */ - int expr_count = expr_counter; + expr_count = expr_counter; expr_counter = 0; /* @@ -715,11 +719,6 @@ mls_ops: goto out; } - /* The pop operands */ - char *a; - char *b; - int a_len, b_len; - /* Convert constraint from RPN to infix notation. */ for (x = 0; x != expr_count; x++) { if (strncmp(expr_list[x], "and", 3) == 0 || strncmp(expr_list[x], @@ -778,14 +777,6 @@ mls_ops: xcontext ? "Validatetrans" : "Constraint", s[0] ? "GRANTED" : "DENIED"); - int len, new_buf_len; - char *p, **new_buf = r_buf; - /* - * These contain the constraint components that are added to the - * callers reason buffer. - */ - const char *buffers[] = { class_buf, a, "); ", tmp_buf, 0 }; - /* * This will add the constraints to the callers reason buffer (who is * responsible for freeing the memory). It will handle any realloc's @@ -796,6 +787,14 @@ mls_ops: if (r_buf && ((s[0] == 0) || ((s[0] == 1 && (flags & SHOW_GRANTED) == SHOW_GRANTED)))) { + int len, new_buf_len; + char *p, **new_buf = r_buf; + /* + * These contain the constraint components that are added to the + * callers reason buffer. + */ + const char *buffers[] = { class_buf, a, "); ", tmp_buf, 0 }; + for (x = 0; buffers[x] != NULL; x++) { while (1) { p = *r_buf + reason_buf_used; diff --git a/libsepol/src/util.c b/libsepol/src/util.c index d51750af..a47cae87 100644 --- a/libsepol/src/util.c +++ b/libsepol/src/util.c @@ -129,9 +129,9 @@ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms) unsigned int bit; unsigned int in_range = 0; static char xpermsbuf[2048]; - xpermsbuf[0] = '\0'; char *p; int len, xpermslen = 0; + xpermsbuf[0] = '\0'; p = xpermsbuf; if ((xperms->specified != AVTAB_XPERMS_IOCTLFUNCTION) From patchwork Tue Jun 8 15:58:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307329 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7C7EC47082 for ; Tue, 8 Jun 2021 16:00:25 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A0E616128E for ; Tue, 8 Jun 2021 16:00:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233064AbhFHQCS (ORCPT ); Tue, 8 Jun 2021 12:02:18 -0400 Received: from mail-ej1-f49.google.com ([209.85.218.49]:35407 "EHLO mail-ej1-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231243AbhFHQCR (ORCPT ); Tue, 8 Jun 2021 12:02:17 -0400 Received: by mail-ej1-f49.google.com with SMTP id h24so33483150ejy.2 for ; Tue, 08 Jun 2021 09:00:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=zuJF77diJ0OlqenndOdxFGXjb+CzZpkVStMkjT4TTio=; b=RjT0qQWQ7h0sAz2Nk570DfD4c0fREpQpyNb6bRHmNM/MZOLdRUCy7ZyBgr/FuGjXCf 7LTOoMIWcQMYZ1+7TDIN4e5pqWgxlBKA8LMqRsVJw+fdIhD38furWyWp5y5/+H8mx1// tNRKW9E9V9TsLkPatWCncIyhXR/zrfBg8z7eYUFH2ZfqZ1OiUbSRVwDV7G8ZTbGbO+U4 h4FLH7CmjHSXjw6CK44aEOkA3+pjCVTLGXhEEs+RnFhHHZoq0FJ37fnhTWAVELuIZ+qf MPZ5o/ivECxB6uNr/8zdioDK/OyLz2puB+HAyfMQCGE+KJFisNZQItFuivnM21TQuvpo z9zg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=zuJF77diJ0OlqenndOdxFGXjb+CzZpkVStMkjT4TTio=; b=XKOKeGoCKfBbO/Wf2MZxzbGIpjEzXd1vJqoC5/y6AayojYnw0fMhGhkfZDkh01YDVj CmHdYFU/17CDX7GojqXY7/BV9pEMTbSagGf5+xVX49NHo3R2Beouwsc6ex1bw5x6wMxd wAO6kEhkm32iPqLe5GJAMNFUBL7ItJx1xXVaFhMCGMHKfpW4YwaJ8sHcaGMHCmyqNeSz HToCkWt7kZP4lz015VjjvboI33h9o9BgxUs+DCs2doBp4uBzeFvq2jjLi0hcKZqAFRdC 5jvmIRigY/AFlnvhx+j2hoz/rqNKK1Qyjr3P0AXuuN6GYLjnuTG3OPe2QipB+vKf3mEm C52g== X-Gm-Message-State: AOAM531pAPxWd7ClV3C1lLUGd42ar9krVMmOnWjvKt8IDgJXFBWsAkHH RktRRZBoMC7DejwxGCzGLjgOb3oZMwA= X-Google-Smtp-Source: ABdhPJwDJKEphFXiyDaxgB1RXQfj6YvoyXwuKqO2Vw4ka0GAdzHquFP161l8GLmbFaOclLVgA4Ry5Q== X-Received: by 2002:a17:906:f285:: with SMTP id gu5mr24343991ejb.226.1623167963855; Tue, 08 Jun 2021 08:59:23 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:23 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 08/23] libsepol/cil: follow declaration-after-statement Date: Tue, 8 Jun 2021 17:58:57 +0200 Message-Id: <20210608155912.32047-9-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Follow the project style of no declaration after statement. Found by the gcc warning -Wdeclaration-after-statement Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/cil/src/cil_binary.c | 5 +++-- libsepol/cil/src/cil_build_ast.c | 5 +++-- libsepol/cil/src/cil_fqn.c | 3 ++- libsepol/cil/src/cil_list.c | 7 ++++--- libsepol/cil/src/cil_post.c | 2 +- libsepol/cil/src/cil_resolve_ast.c | 6 +++--- libsepol/cil/src/cil_strpool.c | 3 ++- 7 files changed, 18 insertions(+), 13 deletions(-) diff --git a/libsepol/cil/src/cil_binary.c b/libsepol/cil/src/cil_binary.c index 18532aad..85094b01 100644 --- a/libsepol/cil/src/cil_binary.c +++ b/libsepol/cil/src/cil_binary.c @@ -593,11 +593,11 @@ exit: int __cil_typeattr_bitmap_init(policydb_t *pdb) { int rc = SEPOL_ERR; + uint32_t i; pdb->type_attr_map = cil_malloc(pdb->p_types.nprim * sizeof(ebitmap_t)); pdb->attr_type_map = cil_malloc(pdb->p_types.nprim * sizeof(ebitmap_t)); - uint32_t i = 0; for (i = 0; i < pdb->p_types.nprim; i++) { ebitmap_init(&pdb->type_attr_map[i]); ebitmap_init(&pdb->attr_type_map[i]); @@ -2657,6 +2657,7 @@ int __cil_constrain_expr_to_sepol_expr_helper(policydb_t *pdb, const struct cil_ int rc = SEPOL_ERR; struct cil_list_item *item; enum cil_flavor flavor; + enum cil_flavor cil_op; constraint_expr_t *op, *h1, *h2, *t1, *t2; int is_leaf = CIL_FALSE; @@ -2673,7 +2674,7 @@ int __cil_constrain_expr_to_sepol_expr_helper(policydb_t *pdb, const struct cil_ goto exit; } - enum cil_flavor cil_op = (enum cil_flavor)(uintptr_t)item->data; + cil_op = (enum cil_flavor)(uintptr_t)item->data; switch (cil_op) { case CIL_NOT: op->expr_type = CEXPR_NOT; diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c index 42d10c87..9a9bc598 100644 --- a/libsepol/cil/src/cil_build_ast.c +++ b/libsepol/cil/src/cil_build_ast.c @@ -5173,6 +5173,7 @@ int cil_gen_macro(struct cil_db *db, struct cil_tree_node *parse_current, struct char *key = NULL; struct cil_macro *macro = NULL; struct cil_tree_node *macro_content = NULL; + struct cil_tree_node *current_item; enum cil_syntax syntax[] = { CIL_SYN_STRING, CIL_SYN_STRING, @@ -5195,7 +5196,7 @@ int cil_gen_macro(struct cil_db *db, struct cil_tree_node *parse_current, struct key = parse_current->next->data; - struct cil_tree_node *current_item = parse_current->next->next->cl_head; + current_item = parse_current->next->next->cl_head; while (current_item != NULL) { enum cil_syntax param_syntax[] = { CIL_SYN_STRING, @@ -5205,6 +5206,7 @@ int cil_gen_macro(struct cil_db *db, struct cil_tree_node *parse_current, struct int param_syntax_len = sizeof(param_syntax)/sizeof(*param_syntax); char *kind = NULL; struct cil_param *param = NULL; + struct cil_list_item *curr_param; rc =__cil_verify_syntax(current_item->cl_head, param_syntax, param_syntax_len); if (rc != SEPOL_OK) { @@ -5263,7 +5265,6 @@ int cil_gen_macro(struct cil_db *db, struct cil_tree_node *parse_current, struct } //walk current list and check for duplicate parameters - struct cil_list_item *curr_param; cil_list_for_each(curr_param, macro->params) { if (param->str == ((struct cil_param*)curr_param->data)->str) { cil_log(CIL_ERR, "Duplicate parameter\n"); diff --git a/libsepol/cil/src/cil_fqn.c b/libsepol/cil/src/cil_fqn.c index 097222a8..46db069b 100644 --- a/libsepol/cil/src/cil_fqn.c +++ b/libsepol/cil/src/cil_fqn.c @@ -78,12 +78,13 @@ static int __cil_fqn_qualify_blocks(__attribute__((unused)) hashtab_key_t k, has struct cil_tree_node *node = NODE(datum); int i; int rc = SEPOL_OK; + int newlen; if (node->flavor != CIL_BLOCK) { goto exit; } - int newlen = fqn_args->len + strlen(datum->name) + 1; + newlen = fqn_args->len + strlen(datum->name) + 1; if (newlen >= CIL_MAX_NAME_LENGTH) { cil_log(CIL_INFO, "Fully qualified name for block %s is too long\n", datum->name); rc = SEPOL_ERR; diff --git a/libsepol/cil/src/cil_list.c b/libsepol/cil/src/cil_list.c index 4e7843cb..8a426f1f 100644 --- a/libsepol/cil/src/cil_list.c +++ b/libsepol/cil/src/cil_list.c @@ -55,15 +55,16 @@ void cil_list_init(struct cil_list **list, enum cil_flavor flavor) void cil_list_destroy(struct cil_list **list, unsigned destroy_data) { + struct cil_list_item *item; + if (*list == NULL) { return; } - struct cil_list_item *item = (*list)->head; - struct cil_list_item *next = NULL; + item = (*list)->head; while (item != NULL) { - next = item->next; + struct cil_list_item *next = item->next; if (item->flavor == CIL_LIST) { cil_list_destroy((struct cil_list**)&(item->data), destroy_data); free(item); diff --git a/libsepol/cil/src/cil_post.c b/libsepol/cil/src/cil_post.c index 05842b64..7bca0834 100644 --- a/libsepol/cil/src/cil_post.c +++ b/libsepol/cil/src/cil_post.c @@ -213,8 +213,8 @@ int cil_post_filecon_compare(const void *a, const void *b) struct fc_data *a_data = cil_malloc(sizeof(*a_data)); struct fc_data *b_data = cil_malloc(sizeof(*b_data)); char *a_path = cil_malloc(strlen(a_filecon->path_str) + 1); - a_path[0] = '\0'; char *b_path = cil_malloc(strlen(b_filecon->path_str) + 1); + a_path[0] = '\0'; b_path[0] = '\0'; strcat(a_path, a_filecon->path_str); strcat(b_path, b_filecon->path_str); diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c index d8481002..a322b1b7 100644 --- a/libsepol/cil/src/cil_resolve_ast.c +++ b/libsepol/cil/src/cil_resolve_ast.c @@ -3949,10 +3949,10 @@ int __cil_resolve_ast_node_helper(struct cil_tree_node *node, uint32_t *finished enum cil_log_level lvl = CIL_ERR; if (optional != NULL) { - lvl = CIL_INFO; - struct cil_optional *opt = (struct cil_optional *)optional->data; - struct cil_tree_node *opt_node = NODE(opt);; + struct cil_tree_node *opt_node = NODE(opt); + + lvl = CIL_INFO; /* disable an optional if something failed to resolve */ opt->enabled = CIL_FALSE; cil_tree_log(node, lvl, "Failed to resolve %s statement", cil_node_to_string(node)); diff --git a/libsepol/cil/src/cil_strpool.c b/libsepol/cil/src/cil_strpool.c index 2598bbf3..70bca363 100644 --- a/libsepol/cil/src/cil_strpool.c +++ b/libsepol/cil/src/cil_strpool.c @@ -75,9 +75,10 @@ char *cil_strpool_add(const char *str) strpool_ref = hashtab_search(cil_strpool_tab, (hashtab_key_t)str); if (strpool_ref == NULL) { + int rc; strpool_ref = cil_malloc(sizeof(*strpool_ref)); strpool_ref->str = cil_strdup(str); - int rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref); + rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref); if (rc != SEPOL_OK) { pthread_mutex_unlock(&cil_strpool_mutex); cil_log(CIL_ERR, "Failed to allocate memory\n"); From patchwork Tue Jun 8 15:58:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307339 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 531FEC4743F for ; Tue, 8 Jun 2021 16:00:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3D4D3610A2 for ; Tue, 8 Jun 2021 16:00:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233559AbhFHQCb (ORCPT ); Tue, 8 Jun 2021 12:02:31 -0400 Received: from mail-ej1-f45.google.com ([209.85.218.45]:43563 "EHLO mail-ej1-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233622AbhFHQCa (ORCPT ); Tue, 8 Jun 2021 12:02:30 -0400 Received: by mail-ej1-f45.google.com with SMTP id ci15so33423479ejc.10 for ; Tue, 08 Jun 2021 09:00:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=P6GPJC2qa5dzk47OPuHyvIvE3Fkla02EA5B4DBJukQ4=; b=luFgcmUYUTGlev2XyEQNnKbsiTHeLQ+avIz4JCUFywX6wcwiljh0TdCgkRVmkgzm90 cDAeR9ZQmoFr/TeqiWYijEiJ0mPqUMcd2VvNxTheyrb+KWA6T9TYEzOMt+RNsYSNlds9 uH6StFToP21VdoPBBnXej50FFKTp9o2p/q3W3rxbrzoqFtNbXG2xV2SUQWUnHQBlHtDO igdsdhTRIBC90XcWYSbm94pjKzcDKGhhV61gEdcAqpEHNrRLKciDxihAEv+8U08ja9+y FsLibTanWybauSNtwN0dV+irDTmib7bh/qJWuUAAROGMxWxWzWvnVbDWZTmUhYews74u YbuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=P6GPJC2qa5dzk47OPuHyvIvE3Fkla02EA5B4DBJukQ4=; b=IPUMLff0WXWjUG5C3KtHo+tPOLIvyRfkiQUCwtgsby9PAo0RBi+XjTnEV4imNorKlu Ffo0K32F3W3hd/eEx5O62STmPQCPcUGCs+12pZxaH+inxKDckmslDvK0krKQS43BMCDa EwIDNqaQohl7Ac20yeKDIMmqxhs+oTcAiMpR0FWaQLWVsJ2bIsOyQOEbrDfn0uUE6K6H ns1pCaVx4RwdMfWYHdUcOFX69vqtQxxLKT6QlBu771ka+sOoviaz1YJk3tUq2ZCWMfQL BmP4ytdr6wwcbsCpnLzxqpWLHnPMzllSrdN4vCODXAjwVzAJQLLydBWoTPQf4ZJIQ740 0goA== X-Gm-Message-State: AOAM533yuR7SB4HSNmU79PWk9ZepSd/dTbZAYzBnn6V+0+XZP0Ye6cJ1 ZpGH//xYeIAkJ127Rsdz038qoY/Ww5g= X-Google-Smtp-Source: ABdhPJy2p7tk4N7vdoUAt/GCE22c3WtfUJZf/j9CfZwdIDzTcBZsyJuM+2+QtcP7iEbSbrYNvt3LoQ== X-Received: by 2002:a17:907:2bd9:: with SMTP id gv25mr23826906ejc.157.1623167964405; Tue, 08 Jun 2021 08:59:24 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:24 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 09/23] libsepol: remove dead stores Date: Tue, 8 Jun 2021 17:58:58 +0200 Message-Id: <20210608155912.32047-10-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org conditional.c:391:4: warning: Value stored to 'i' is never read [deadcode.DeadStores] i = 0; ^ ~ conditional.c:718:2: warning: Value stored to 'len' is never read [deadcode.DeadStores] len = 0; ^ ~ conditional.c:772:2: warning: Value stored to 'len' is never read [deadcode.DeadStores] len = 0; ^ ~ services.c:89:10: warning: Value stored to 'new_stack' during its initialization is never read [deadcode.DeadStores] char **new_stack = stack; ^~~~~~~~~ ~~~~~ services.c:440:11: warning: Value stored to 'new_expr_list' during its initialization is never read [deadcode.DeadStores] char **new_expr_list = expr_list; ^~~~~~~~~~~~~ ~~~~~~~~~ ../cil/src/cil_binary.c:2230:24: warning: Value stored to 'cb_node' during its initialization is never read [deadcode.DeadStores] struct cil_tree_node *cb_node = node->cl_head; ^~~~~~~ ~~~~~~~~~~~~~ Found by clang-analyzer Signed-off-by: Christian Göttsche --- libsepol/src/conditional.c | 3 --- libsepol/src/services.c | 4 ++-- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/libsepol/src/conditional.c b/libsepol/src/conditional.c index 823b649a..e3ede694 100644 --- a/libsepol/src/conditional.c +++ b/libsepol/src/conditional.c @@ -388,7 +388,6 @@ int cond_normalize_expr(policydb_t * p, cond_node_t * cn) for (e = cn->expr; e != NULL; e = e->next) { switch (e->expr_type) { case COND_BOOL: - i = 0; /* see if we've already seen this bool */ if (!bool_present(e->bool, cn->bool_ids, cn->nbools)) { /* count em all but only record up to COND_MAX_BOOLS */ @@ -715,7 +714,6 @@ static int cond_read_av_list(policydb_t * p, void *fp, *ret_list = NULL; - len = 0; rc = next_entry(buf, fp, sizeof(uint32_t)); if (rc < 0) return -1; @@ -769,7 +767,6 @@ static int cond_read_node(policydb_t * p, cond_node_t * node, void *fp) node->cur_state = le32_to_cpu(buf[0]); - len = 0; rc = next_entry(buf, fp, sizeof(uint32_t)); if (rc < 0) goto err; diff --git a/libsepol/src/services.c b/libsepol/src/services.c index d647c8f5..c34bb966 100644 --- a/libsepol/src/services.c +++ b/libsepol/src/services.c @@ -86,7 +86,7 @@ static int next_stack_entry; static void push(char *expr_ptr) { if (next_stack_entry >= stack_len) { - char **new_stack = stack; + char **new_stack; int new_stack_len; if (stack_len == 0) @@ -441,7 +441,7 @@ static int constraint_expr_eval_reason(context_struct_t *scontext, for (e = constraint->expr; e; e = e->next) { /* Allocate a stack to hold expression buffer entries */ if (expr_counter >= expr_list_len) { - char **new_expr_list = expr_list; + char **new_expr_list; int new_expr_list_len; if (expr_list_len == 0) From patchwork Tue Jun 8 15:58:59 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307311 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E7D88C4743F for ; Tue, 8 Jun 2021 15:59:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C44E060FEA for ; Tue, 8 Jun 2021 15:59:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232208AbhFHQBU (ORCPT ); Tue, 8 Jun 2021 12:01:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51326 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232377AbhFHQBT (ORCPT ); Tue, 8 Jun 2021 12:01:19 -0400 Received: from mail-ed1-x531.google.com (mail-ed1-x531.google.com [IPv6:2a00:1450:4864:20::531]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5BFDCC06178B for ; Tue, 8 Jun 2021 08:59:26 -0700 (PDT) Received: by mail-ed1-x531.google.com with SMTP id g18so23108992edq.8 for ; Tue, 08 Jun 2021 08:59:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=f8Skzmh2yOOR2rqJQHZGom4biqoFz9njBKN2ekELaQU=; b=r309N2V7/sARVTjc26o2IbuaTlM4x1UjKTSBKLNo9W+DPO7xiP38lKBRrSpL+teD86 Te3aOGfql/WsXRMZ92x40nkZvx5xCM1c161fpQrYWTdadP/09H/dHMqXmk8c8kOQ6XJH jLXchMRg/IwQgWnI9h5s2KGPS7GqsovsN1/zcZ3DvJ6dAjgzVLGF1xKQ/qExFTgFStMu gJvu1RQdiXxD50mOXCFrZHNWTRBVVw48vYn36IS9ZyX7GEQDwuFXGHwDDrDBnZ7i8jZZ an6GPE9eozos2lMThrL4YqtiS++nLSg9sRs5LxpJJ88ek3AL32wquFc2LAQ4uPOzKxQb Te2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=f8Skzmh2yOOR2rqJQHZGom4biqoFz9njBKN2ekELaQU=; b=TVAT2w51Mk/lz9bSdx3j3JIVdTb0bTVnOJ+COQu9sCuf2tK9xSYE/5dXB3nl0SIal/ s44P7FQk1BDkbNIF8Fbp/hFvRFvC7fokABbfMGNtUfLaLVgCBZbvksmQXbIVl6xLaREc uOXb2bwwj6kQSzNbemjGtodWf16tLjSgqC+SR5Sb6TLMLpHfPqb6IMAwuzWq5A84x3z3 6GsgDY00OxYzPxmr1JiTRkUoeNBYtkBJp5xoOUe4T/lYUYi/KUoVpgUMhkkvXQEgCUY5 Ce9b48eXrrH4v9s9kWp5s5J7JZZ6+Ilivwqhiy+0MhIOiPj3jM8XxgwSgNT5YhYOvF5F e1Hw== X-Gm-Message-State: AOAM530ieLXCLho+lsQ30033cqdwQk1+5xx1RJtt12F+zQmXkAaxtR0N VD+gF9ysDF5DySLWX8kMhALbNJ/8DCQ= X-Google-Smtp-Source: ABdhPJxmz+S6xuWjTrPfZ/nfRvOZPfV7cz8T5EWDLbxkdxqdu9Xrz//yghMj6gHAwlfIGIh/MNdxNw== X-Received: by 2002:aa7:db95:: with SMTP id u21mr26447383edt.152.1623167964956; Tue, 08 Jun 2021 08:59:24 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:24 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 10/23] libsepol: mark read-only parameters of ebitmap interfaces const Date: Tue, 8 Jun 2021 17:58:59 +0200 Message-Id: <20210608155912.32047-11-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Make it more obvious which parameters are read-only and not being modified and allow callers to pass const pointers. Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/include/sepol/policydb/ebitmap.h | 16 ++++++++-------- libsepol/src/ebitmap.c | 18 +++++++++--------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/libsepol/include/sepol/policydb/ebitmap.h b/libsepol/include/sepol/policydb/ebitmap.h index 634436f6..81d0c7a6 100644 --- a/libsepol/include/sepol/policydb/ebitmap.h +++ b/libsepol/include/sepol/policydb/ebitmap.h @@ -67,7 +67,7 @@ static inline unsigned int ebitmap_next(ebitmap_node_t ** n, unsigned int bit) return (bit + 1); } -static inline int ebitmap_node_get_bit(ebitmap_node_t * n, unsigned int bit) +static inline int ebitmap_node_get_bit(const ebitmap_node_t * n, unsigned int bit) { if (n->map & (MAPBIT << (bit - n->startbit))) return 1; @@ -83,18 +83,18 @@ static inline int ebitmap_node_get_bit(ebitmap_node_t * n, unsigned int bit) extern int ebitmap_cmp(const ebitmap_t * e1, const ebitmap_t * e2); extern int ebitmap_or(ebitmap_t * dst, const ebitmap_t * e1, const ebitmap_t * e2); extern int ebitmap_union(ebitmap_t * dst, const ebitmap_t * e1); -extern int ebitmap_and(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2); -extern int ebitmap_xor(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2); -extern int ebitmap_not(ebitmap_t *dst, ebitmap_t *e1, unsigned int maxbit); -extern int ebitmap_andnot(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2, unsigned int maxbit); -extern unsigned int ebitmap_cardinality(ebitmap_t *e1); -extern int ebitmap_hamming_distance(ebitmap_t * e1, ebitmap_t * e2); +extern int ebitmap_and(ebitmap_t *dst, const ebitmap_t *e1, const ebitmap_t *e2); +extern int ebitmap_xor(ebitmap_t *dst, const ebitmap_t *e1, const ebitmap_t *e2); +extern int ebitmap_not(ebitmap_t *dst, const ebitmap_t *e1, unsigned int maxbit); +extern int ebitmap_andnot(ebitmap_t *dst, const ebitmap_t *e1, const ebitmap_t *e2, unsigned int maxbit); +extern unsigned int ebitmap_cardinality(const ebitmap_t *e1); +extern int ebitmap_hamming_distance(const ebitmap_t * e1, const ebitmap_t * e2); extern int ebitmap_cpy(ebitmap_t * dst, const ebitmap_t * src); extern int ebitmap_contains(const ebitmap_t * e1, const ebitmap_t * e2); extern int ebitmap_match_any(const ebitmap_t *e1, const ebitmap_t *e2); extern int ebitmap_get_bit(const ebitmap_t * e, unsigned int bit); extern int ebitmap_set_bit(ebitmap_t * e, unsigned int bit, int value); -extern unsigned int ebitmap_highest_set_bit(ebitmap_t * e); +extern unsigned int ebitmap_highest_set_bit(const ebitmap_t * e); extern void ebitmap_destroy(ebitmap_t * e); extern int ebitmap_read(ebitmap_t * e, void *fp); diff --git a/libsepol/src/ebitmap.c b/libsepol/src/ebitmap.c index 522e14a6..4e9acdf8 100644 --- a/libsepol/src/ebitmap.c +++ b/libsepol/src/ebitmap.c @@ -71,7 +71,7 @@ int ebitmap_union(ebitmap_t * dst, const ebitmap_t * e1) return 0; } -int ebitmap_and(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2) +int ebitmap_and(ebitmap_t *dst, const ebitmap_t *e1, const ebitmap_t *e2) { unsigned int i, length = min(ebitmap_length(e1), ebitmap_length(e2)); ebitmap_init(dst); @@ -85,7 +85,7 @@ int ebitmap_and(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2) return 0; } -int ebitmap_xor(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2) +int ebitmap_xor(ebitmap_t *dst, const ebitmap_t *e1, const ebitmap_t *e2) { unsigned int i, length = max(ebitmap_length(e1), ebitmap_length(e2)); ebitmap_init(dst); @@ -98,7 +98,7 @@ int ebitmap_xor(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2) return 0; } -int ebitmap_not(ebitmap_t *dst, ebitmap_t *e1, unsigned int maxbit) +int ebitmap_not(ebitmap_t *dst, const ebitmap_t *e1, unsigned int maxbit) { unsigned int i; ebitmap_init(dst); @@ -111,7 +111,7 @@ int ebitmap_not(ebitmap_t *dst, ebitmap_t *e1, unsigned int maxbit) return 0; } -int ebitmap_andnot(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2, unsigned int maxbit) +int ebitmap_andnot(ebitmap_t *dst, const ebitmap_t *e1, const ebitmap_t *e2, unsigned int maxbit) { int rc; ebitmap_t e3; @@ -126,10 +126,10 @@ int ebitmap_andnot(ebitmap_t *dst, ebitmap_t *e1, ebitmap_t *e2, unsigned int ma return 0; } -unsigned int ebitmap_cardinality(ebitmap_t *e1) +unsigned int ebitmap_cardinality(const ebitmap_t *e1) { unsigned int count = 0; - ebitmap_node_t *n; + const ebitmap_node_t *n; for (n = e1->node; n; n = n->next) { count += __builtin_popcountll(n->map); @@ -137,7 +137,7 @@ unsigned int ebitmap_cardinality(ebitmap_t *e1) return count; } -int ebitmap_hamming_distance(ebitmap_t * e1, ebitmap_t * e2) +int ebitmap_hamming_distance(const ebitmap_t * e1, const ebitmap_t * e2) { int rc; ebitmap_t tmp; @@ -347,9 +347,9 @@ int ebitmap_set_bit(ebitmap_t * e, unsigned int bit, int value) return 0; } -unsigned int ebitmap_highest_set_bit(ebitmap_t * e) +unsigned int ebitmap_highest_set_bit(const ebitmap_t * e) { - ebitmap_node_t *n; + const ebitmap_node_t *n; MAPTYPE map; unsigned int pos = 0; From patchwork Tue Jun 8 15:59:00 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307337 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id F2AC7C48BCD for ; Tue, 8 Jun 2021 16:00:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DE5E660FEA for ; Tue, 8 Jun 2021 16:00:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233500AbhFHQCb (ORCPT ); Tue, 8 Jun 2021 12:02:31 -0400 Received: from mail-ed1-f54.google.com ([209.85.208.54]:43993 "EHLO mail-ed1-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233322AbhFHQC3 (ORCPT ); Tue, 8 Jun 2021 12:02:29 -0400 Received: by mail-ed1-f54.google.com with SMTP id s6so25101498edu.10 for ; Tue, 08 Jun 2021 09:00:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=H3YB1WMTihvMYXd4viLcaKhMEb0OVXEjSm6kuCa/G6w=; b=XWe9vLXqqo+/Kv0Xmp4p0RLwJmMddDHaBJxe9M1WpYl9dwoYH/H4LSSSvqi4nIuSyY ndK1fAL+OMg693hEAcsfOXTbH7gBx+3LFviVC8Fedu1blUrDXwgB5OCRojilU20NBCkx fpMZ51oSWozYCV0R12cblKrFGSIha1uHKfwkWEZHaceBCjS0W9SdZV0zJEKUkk4cpZYj zi3m12cV7TUdY6LLIBkysKi88c6eokip1r16exbxBDzW0GVYDdithi65taiVaApb5NGQ CPdJv+C4f2Symto1Ysv7GvzdJ9Ozh3ysShh5rCxPB0yhYmjFIBV5FNTg29gtm83dookl N6BQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=H3YB1WMTihvMYXd4viLcaKhMEb0OVXEjSm6kuCa/G6w=; b=AGUQlhDgiCq1fmwI9RtnGYP6SOGoRUoKvmCACK0lK2v4W+qK8+u/gvRQ7kJAIEwqM+ kpThGDddhrwhT/LQazVG34pR9KDIFy2sUwMmgXc1KSfveHeKqhqgo6E3t1BouSM2CRyW 2LKTdty5On4Ieo8ZJVFEj1edifTj2iKZgVSbsS//k4pR5c80/at7oZDTyMqf6dJEsiB8 H726vk7S5ne8d4Z9SudddhXm4tL2Ry+CXtMr5SQCnoHG4bsc/YFEWy/OhhURtvxm1NQV E4Wuqouv++/QusJkuQV6AsBdUdOv8PDS7UFFR/TSRI59tq8lZtugVPvdqjDpxn5yu7Ei rWiQ== X-Gm-Message-State: AOAM531l1UL5FS+L6sVrV4K4LmDaj8hHRNRxIS6ByjCExmrwxtaWCu20 WC7N3u3xSxXYjHvefoejWQ49sC47o0k= X-Google-Smtp-Source: ABdhPJy0jzN2W6y71IEKyEVW1sF94GoA8S2SQZgpCz2HvJ+JfEL6kVXTMDZbHUGg1hBumqrEUbPq6A== X-Received: by 2002:aa7:de8b:: with SMTP id j11mr26444793edv.363.1623167965485; Tue, 08 Jun 2021 08:59:25 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:25 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 11/23] libsepol: mark read-only parameters of type_set_ interfaces const Date: Tue, 8 Jun 2021 17:59:00 +0200 Message-Id: <20210608155912.32047-12-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Make it more obvious which parameters are read-only and not being modified and allow callers to pass const pointers. Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/include/sepol/policydb/policydb.h | 4 ++-- libsepol/src/policydb.c | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/libsepol/include/sepol/policydb/policydb.h b/libsepol/include/sepol/policydb/policydb.h index c29339dc..78699fb4 100644 --- a/libsepol/include/sepol/policydb/policydb.h +++ b/libsepol/include/sepol/policydb/policydb.h @@ -667,8 +667,8 @@ extern int scope_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p); extern void class_perm_node_init(class_perm_node_t * x); extern void type_set_init(type_set_t * x); extern void type_set_destroy(type_set_t * x); -extern int type_set_cpy(type_set_t * dst, type_set_t * src); -extern int type_set_or_eq(type_set_t * dst, type_set_t * other); +extern int type_set_cpy(type_set_t * dst, const type_set_t * src); +extern int type_set_or_eq(type_set_t * dst, const type_set_t * other); extern void role_set_init(role_set_t * x); extern void role_set_destroy(role_set_t * x); extern void avrule_init(avrule_t * x); diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index 3389a943..7739b0fb 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -1753,7 +1753,7 @@ int symtab_insert(policydb_t * pol, uint32_t sym, return retval; } -static int type_set_or(type_set_t * dst, type_set_t * a, type_set_t * b) +static int type_set_or(type_set_t * dst, const type_set_t * a, const type_set_t * b) { type_set_init(dst); @@ -1770,7 +1770,7 @@ static int type_set_or(type_set_t * dst, type_set_t * a, type_set_t * b) return 0; } -int type_set_cpy(type_set_t * dst, type_set_t * src) +int type_set_cpy(type_set_t * dst, const type_set_t * src) { type_set_init(dst); @@ -1783,7 +1783,7 @@ int type_set_cpy(type_set_t * dst, type_set_t * src) return 0; } -int type_set_or_eq(type_set_t * dst, type_set_t * other) +int type_set_or_eq(type_set_t * dst, const type_set_t * other) { int ret; type_set_t tmp; From patchwork Tue Jun 8 15:59:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307341 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D3A3C48BCF for ; Tue, 8 Jun 2021 16:00:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6805160FEA for ; Tue, 8 Jun 2021 16:00:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231775AbhFHQCb (ORCPT ); Tue, 8 Jun 2021 12:02:31 -0400 Received: from mail-ej1-f49.google.com ([209.85.218.49]:35416 "EHLO mail-ej1-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233618AbhFHQCa (ORCPT ); Tue, 8 Jun 2021 12:02:30 -0400 Received: by mail-ej1-f49.google.com with SMTP id h24so33483322ejy.2 for ; Tue, 08 Jun 2021 09:00:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=0z7t5twwtM2WwZB2k3WH5stRi/ApvczF5bMdyFPqhA0=; b=sVZDhUc3y/ZZQGfvhYSvDGQh2l/2noHMwB6DWygYq4Ku82nIVjqWIuC8PkQ2/Y3rgw EXIX/p01l2QJxnEq1IYk618t5EQ4SKBaRzuIpSP9hI3sr/g919k9Se4gbt2DqvkK0UA+ XFph79fGptrVYcvTVMzo+NRN7QQBDrNcjvm+Ie1X00VY2pGIZhVsK+v3ou2lSPTwCUAO 1mlmnVGheXD+wo6nxLQELNcoh1lcfDTea5/OHbk/9wp8Hc7lY/1nFJS8c3hRQTOToRse m0rV4kufZWdpLdd+ePgAV4fe4RN5Wj9tQTCjCW3VZQEIKtwlHYxkzzIPZmnuMlq2/ol3 XX0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=0z7t5twwtM2WwZB2k3WH5stRi/ApvczF5bMdyFPqhA0=; b=FbbBoiop8WMyRd2iWilBdmHSP1Rnf2e0Whp1dri6mPqCI1NaMcHjVnG1U7YS71kJ0j 5GMaLqZXnys0W4Qtvv5p2QUGUQtAtfefjFyh0df0MqnfDBns1xByGj2LGpq/6l8l2UF8 WPYgVgUYB5CYwj25cPXmWmH/RQxmSk27PHigHJ9q/gCKCI2wJYUaCv0ElcEuDEfMi++I 7gFtXcAHkfPpWkhaV954biL2r1zhvur0ArT6sxKL0dbNQOt6IFNsBfU4BkR6aPTvT+sX Y+LZeAqGgc9KgauzNQRnlVIAIpUzHd9tCsTv5boAfnsJENZvW+IXACtS1sfH2e/j2T4T X8dQ== X-Gm-Message-State: AOAM532B6WSEYrjUi9zR9LkwYeaUqif3bR6jXgT8Qlgu61kVDolqBlkU 7upbRZj07fsGJiCiV2W4FRT3s43A65w= X-Google-Smtp-Source: ABdhPJzJ6uHWXHLkflR16P/gTmYZvCALcM7hHKaspTgsbDl9qBwLEYc8mw1Ar0oTDOW+U696Yl+Pfg== X-Received: by 2002:a17:906:fcb5:: with SMTP id qw21mr23773611ejb.57.1623167966075; Tue, 08 Jun 2021 08:59:26 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:25 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 12/23] libsepol: do not allocate memory of size 0 Date: Tue, 8 Jun 2021 17:59:01 +0200 Message-Id: <20210608155912.32047-13-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org In case cats_ebitmap_len() returns 0, do not allocate but quit. Found by clang-analyzer Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/kernel_to_cil.c | 5 ++++- libsepol/src/kernel_to_conf.c | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index 989aacde..17b5ebf0 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -1034,11 +1034,14 @@ static char *cats_ebitmap_to_str(struct ebitmap *cats, char **val_to_name) { struct ebitmap_node *node; uint32_t i, start, range; - char *catsbuf, *p; + char *catsbuf = NULL, *p; const char *fmt; int len, remaining; remaining = (int)cats_ebitmap_len(cats, val_to_name); + if (remaining == 0) { + goto exit; + } catsbuf = malloc(remaining); if (!catsbuf) { goto exit; diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c index 5db47fe4..c1253820 100644 --- a/libsepol/src/kernel_to_conf.c +++ b/libsepol/src/kernel_to_conf.c @@ -1025,12 +1025,15 @@ static char *cats_ebitmap_to_str(struct ebitmap *cats, char **val_to_name) { struct ebitmap_node *node; uint32_t i, start, range, first; - char *catsbuf, *p; + char *catsbuf = NULL, *p; const char *fmt; char sep; int len, remaining; remaining = (int)cats_ebitmap_len(cats, val_to_name); + if (remaining == 0) { + goto exit; + } catsbuf = malloc(remaining); if (!catsbuf) { goto exit; From patchwork Tue Jun 8 15:59:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307313 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CA5AEC4743E for ; Tue, 8 Jun 2021 15:59:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B467060FEA for ; Tue, 8 Jun 2021 15:59:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231760AbhFHQBW (ORCPT ); Tue, 8 Jun 2021 12:01:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51326 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231712AbhFHQBV (ORCPT ); Tue, 8 Jun 2021 12:01:21 -0400 Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 259D7C06178B for ; Tue, 8 Jun 2021 08:59:28 -0700 (PDT) Received: by mail-ed1-x534.google.com with SMTP id cb9so25158965edb.1 for ; Tue, 08 Jun 2021 08:59:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=C3nXCcvnkDXMCR3wdcYuoqMvBk+nOj0oP10tIddhEXQ=; b=GBB79vKIQHta4WRS+yNRLPxhrBRgX3YtUZPMwKit9c4+otim3kHzJEBdoFKDuVb6HH wE91652rRfe4qytx4HK4x9vkYcagrrJQ88PtQ4f1epuUbxxgWkzFghuCxYr+NXsR92TP HkmxfohJjz+BWnduMTOZzalDpOTdKbbnlKkj5qq6tsjBYqAfPd3QbZpSaQyqlIxQSHEi ogBkbZdKmOxDzuk6k2noHzB95fRaLXSwFIcsv9emo6xe6AJDnDTwIwstoBrmqkKGR/D5 qHJTXPe+W0vWZplGIVdLNai59VGc5pzYERadnfbW+tGZ0uSe/6fL4pfjXZSvv36Ovk6G wEAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=C3nXCcvnkDXMCR3wdcYuoqMvBk+nOj0oP10tIddhEXQ=; b=K7C9+LpxILS7jmJbcSeJnFFWc+ZeLNrcuNYIgvFnt0uYiEORSPIzIE1OsKtEW6KO/S wnutyW735xmIm/i8r1iLYL/0CfoQU6feo4XsQTeu350s2NVLml+fl2DdQE6oiRIUMfNO g/RKBn4lp9Y+BV5cQzluYSkCC9K4LXoX0lg3gQ++Ve2ewz1wPnfehTiphE48JTVBbFGo z3/26MhVpZZg5YegyP23ipegIdXX8adHP0n/M4I6mscuRebBi6uHZH6DkWp8Xli7HhD7 l8qDY5yYHKelHPqfe0KauShQE5rlqcdC4bEKTPLEJsBYCFClC7sqiRAMzS4eeBQnOM7v Gxeg== X-Gm-Message-State: AOAM532xq12L+ExHY8RlnAWGy63n8SBS9e3bYagOipAYzlaRGOIDtVYM Zj+2XDjgaS2Yx9VlplEHtxbVEuSd3DQ= X-Google-Smtp-Source: ABdhPJxRoFGntd+2I1qMCSEbx2fEBfhD5Oehjo64Ju5zzqgj33uBgNou6xvKcXv9WkEea0IO7URDsQ== X-Received: by 2002:aa7:d9d8:: with SMTP id v24mr25933255eds.15.1623167966620; Tue, 08 Jun 2021 08:59:26 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:26 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 13/23] libsepol: assure string NUL-termination Date: Tue, 8 Jun 2021 17:59:02 +0200 Message-Id: <20210608155912.32047-14-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org ibendport_record.c: In function ‘sepol_ibendport_get_ibdev_name’: ibendport_record.c:169:2: error: ‘strncpy’ specified bound 64 equals destination size [-Werror=stringop-truncation] 169 | strncpy(tmp_ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ibendport_record.c: In function ‘sepol_ibendport_set_ibdev_name’: ibendport_record.c:189:2: error: ‘strncpy’ specified bound 64 equals destination size [-Werror=stringop-truncation] 189 | strncpy(tmp, ibdev_name, IB_DEVICE_NAME_MAX); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ strncpy(3) does not NUL-terminate the destination if the source is of the same length or longer then the specified size. Reduce the size to copy by 1. Found by Clang Signed-off-by: Christian Göttsche --- libsepol/src/ibendport_record.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libsepol/src/ibendport_record.c b/libsepol/src/ibendport_record.c index adf67161..2eb8ca18 100644 --- a/libsepol/src/ibendport_record.c +++ b/libsepol/src/ibendport_record.c @@ -166,7 +166,7 @@ int sepol_ibendport_get_ibdev_name(sepol_handle_t *handle, if (sepol_ibendport_alloc_ibdev_name(handle, &tmp_ibdev_name) < 0) goto err; - strncpy(tmp_ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX); + strncpy(tmp_ibdev_name, ibendport->ibdev_name, IB_DEVICE_NAME_MAX - 1); *ibdev_name = tmp_ibdev_name; return STATUS_SUCCESS; @@ -186,7 +186,7 @@ int sepol_ibendport_set_ibdev_name(sepol_handle_t *handle, if (sepol_ibendport_alloc_ibdev_name(handle, &tmp) < 0) goto err; - strncpy(tmp, ibdev_name, IB_DEVICE_NAME_MAX); + strncpy(tmp, ibdev_name, IB_DEVICE_NAME_MAX - 1); free(ibendport->ibdev_name); ibendport->ibdev_name = tmp; return STATUS_SUCCESS; From patchwork Tue Jun 8 15:59:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307331 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6232DC47082 for ; Tue, 8 Jun 2021 16:00:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4BA8660FEA for ; Tue, 8 Jun 2021 16:00:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233318AbhFHQCV (ORCPT ); Tue, 8 Jun 2021 12:02:21 -0400 Received: from mail-ed1-f41.google.com ([209.85.208.41]:40682 "EHLO mail-ed1-f41.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231243AbhFHQCV (ORCPT ); Tue, 8 Jun 2021 12:02:21 -0400 Received: by mail-ed1-f41.google.com with SMTP id t3so25124655edc.7 for ; Tue, 08 Jun 2021 09:00:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=joqlWyuVuRzoK9LnXmpJPpMXmgmXxXY6SsPtXPQlpbg=; b=Si92Sj6LbaHvuOPoOFIpxZqfBbOUzPAhKhDWh/qIPSiI7m8WnreJRVnuk2DRpUl3yJ k+xJkT3N0gTbVEA++2Hf03G/ZPfoJ00yWOZSu1RhrQuax0SPIXL8+HmT7kGaZBeYH5J2 r0Sh0Y173wZLfB8IJzivEXN486i/ohuBQeYa8XheGoLLBkg3hhWotu+JjZ1/+vEj14rQ ugTDduKT9yAZpEQDcHdUZ+Sr9XbCgdiYf9N91h1l+bpNVc+5up8p6U9Jucy/0/s4BwL0 ehYS5AIiDjY+uJMH5kjHzbs1NU+K3vBDoVJegp15jCJI6kOKfSjZ+W359dT2n4XuiJwn msdA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=joqlWyuVuRzoK9LnXmpJPpMXmgmXxXY6SsPtXPQlpbg=; b=OLgKd2p56n+olIpeIzBOCFJHodBFxM8L8MmesaIs1AA+aL+1GPPojq9W53cz4RAleQ XeNN5cGYdSXmh32/JZD0O1VwdsYxV9Q/u0/EPULWFIdxtC8sBfTipUPGfbhDb7O1uafN xwg5bgvkJcelAhAgpveRBG6X3DXm6dwTrqKcnOH9LWcRmkUPcwO8HqM5u3056UQQq+y3 WVJzv65Z2OCLkLzEHM9YO1sEFJ0Xj2nM0jgbbFPiI35aLZeos9WC6TmC3xywol6q1UJN 7fxrUVp62dQBBi5qKoMXK9KRxzUlRMuGAQWbaXjvC4R8HeBCsIaZNMIFQy1PreLU3PcI 9IeQ== X-Gm-Message-State: AOAM530UdzOYHjCnozl2fR4qLcKxhE/Uu0EM3IZu4gNnXBB0U6e7zlbM AwjgjYHSGHNYxYdZLEaDhR33iSCOXD4= X-Google-Smtp-Source: ABdhPJxijEAqxphepmvhl2En8ExfCQOK5REODWfcomzJcg+0Z8e8MqNeJDysNlLNGfNDmeSoCc1GiA== X-Received: by 2002:aa7:db94:: with SMTP id u20mr25955460edt.381.1623167967202; Tue, 08 Jun 2021 08:59:27 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:26 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 14/23] libsepol: remove dead stores Date: Tue, 8 Jun 2021 17:59:03 +0200 Message-Id: <20210608155912.32047-15-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Found by Infer Signed-off-by: Christian Göttsche --- libsepol/src/services.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libsepol/src/services.c b/libsepol/src/services.c index c34bb966..f7c31d80 100644 --- a/libsepol/src/services.c +++ b/libsepol/src/services.c @@ -175,7 +175,7 @@ static int expr_buf_len; static void cat_expr_buf(char *e_buf, const char *string) { int len, new_buf_len; - char *p, *new_buf = e_buf; + char *p, *new_buf; while (1) { p = e_buf + expr_buf_used; @@ -406,7 +406,7 @@ static int constraint_expr_eval_reason(context_struct_t *scontext, #define TARGET 2 #define XTARGET 3 - int s_t_x_num = SOURCE; + int s_t_x_num; /* Set 0 = fail, u = CEXPR_USER, r = CEXPR_ROLE, t = CEXPR_TYPE */ int u_r_t = 0; From patchwork Tue Jun 8 15:59:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307323 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E5C4FC47082 for ; Tue, 8 Jun 2021 15:59:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id CA039610A2 for ; Tue, 8 Jun 2021 15:59:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232726AbhFHQBf (ORCPT ); Tue, 8 Jun 2021 12:01:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51326 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232377AbhFHQBe (ORCPT ); Tue, 8 Jun 2021 12:01:34 -0400 Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 25C14C06178B for ; Tue, 8 Jun 2021 08:59:29 -0700 (PDT) Received: by mail-ej1-x631.google.com with SMTP id he7so14013271ejc.13 for ; Tue, 08 Jun 2021 08:59:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=ZNL7eoQ/PjxieWjq9/S1rDUWVNOOXlM1562neStOc/k=; b=rL0f416Ku1zsM8BxZigeotBCbGwz4lAnSBGv6rWOhiE7HbrJgoy73Gmc4pnAFYSAck xyDcRGF0uOFiK7nOWnut0GYzPzabOKfEQLXCD7Urb11VWFAfAqIimWNQUdaEqbFakkWw K5k+cLa6zoXJVk/PfFo11EkkxLyzUgnvK679a2YapkpaHkIESW4FJ7XymlMvDvkHyaZs 69KnEJu422MOyaEZ2rQRLrO9rsFeugNHFbPRkTt+MXdzVYLoQVbC4Te5ZFKrA54cryoM doyOOAl6ahDuIJktY7XNIH+ond9vG1jxrDgm8/fWDy5YICdL3WdzDe0H6JvC1eJQe2Ce fL7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ZNL7eoQ/PjxieWjq9/S1rDUWVNOOXlM1562neStOc/k=; b=XHMsYP6ocY7LNmBdfSpyGXZORRXFggEvt5hzsMasnfcgONEEbOp4GkqJH/oJCrX3QJ g3FDuq/QGLiUJ5cADAdr8/sH6FnEg1/w5dhu/Xj9qPZ866AAk6NN3F0gRmAJrqex9F6n OLprzKrVUpDKvRVzGL/gtE62wS+LnHSyTTZW1wKCW5ovrCS1KaxeFzcl4gpiGm8fil/p zpcBVnNq3L+H68yzRg6vnXzlJ6l8aGz3oCQgwxbg2l5XQvzrHQXtHbuk2Z04s4+G6Dh2 JpwtB03Q0B/LwV120dvgOqRgAcrDcGFKce7BRzRl8JQvTEufgooR/qFvZVrA/gnjRW0Z /LZg== X-Gm-Message-State: AOAM530LEipwxcvvUZdLpb3U2ICpTPHLbWqRAIfncASMuIV00gaBT+2/ fHYDIZOFTvhgOo3/iCCDMqEFSn2AmHs= X-Google-Smtp-Source: ABdhPJwl/77NeZMmnPkY1gzZEoVhyVbB5/c0YqyVVqdYHcLFw6JJ4Udz/CdWNdYgfEZxSZleK2uXJQ== X-Received: by 2002:a17:906:8a55:: with SMTP id gx21mr24513108ejc.179.1623167967735; Tue, 08 Jun 2021 08:59:27 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:27 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 15/23] libsepol/cil: silence cast warning Date: Tue, 8 Jun 2021 17:59:04 +0200 Message-Id: <20210608155912.32047-16-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org ../cil/src/cil_write_ast.c:86:32: error: cast to smaller integer type 'enum cil_flavor' from 'void *' [-Werror,-Wvoid-pointer-to-enum-cast] enum cil_flavor op_flavor = (enum cil_flavor)curr->data; ^~~~~~~~~~~~~~~~~~~~~~~~~~~ ../cil/src/cil_write_ast.c:130:37: error: cast to smaller integer type 'enum cil_flavor' from 'void *' [-Werror,-Wvoid-pointer-to-enum-cast] enum cil_flavor operand_flavor = (enum cil_flavor)curr->data; ^~~~~~~~~~~~~~~~~~~~~~~~~~~ Silence this warning by casting the pointer to an integer the cast to enum cil_flavor. See 32f8ed3d6b0b ("libsepol/cil: introduce intermediate cast to silence -Wvoid-pointer-to-enum-cast") Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/cil/src/cil_write_ast.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libsepol/cil/src/cil_write_ast.c b/libsepol/cil/src/cil_write_ast.c index 4871f704..186070c1 100644 --- a/libsepol/cil/src/cil_write_ast.c +++ b/libsepol/cil/src/cil_write_ast.c @@ -83,7 +83,7 @@ static void write_expr(FILE *out, struct cil_list *expr) break; case CIL_OP: { const char *op_str; - enum cil_flavor op_flavor = (enum cil_flavor)curr->data; + enum cil_flavor op_flavor = (enum cil_flavor)(uintptr_t)curr->data; switch (op_flavor) { case CIL_AND: op_str = CIL_KEY_AND; @@ -127,7 +127,7 @@ static void write_expr(FILE *out, struct cil_list *expr) } case CIL_CONS_OPERAND: { const char *operand_str; - enum cil_flavor operand_flavor = (enum cil_flavor)curr->data; + enum cil_flavor operand_flavor = (enum cil_flavor)(uintptr_t)curr->data; switch (operand_flavor) { case CIL_CONS_U1: operand_str = CIL_KEY_CONS_U1; From patchwork Tue Jun 8 15:59:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307345 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AC3CCC47082 for ; Tue, 8 Jun 2021 16:00:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8C75960FEA for ; Tue, 8 Jun 2021 16:00:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233574AbhFHQCe (ORCPT ); Tue, 8 Jun 2021 12:02:34 -0400 Received: from mail-ed1-f50.google.com ([209.85.208.50]:44916 "EHLO mail-ed1-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232973AbhFHQCe (ORCPT ); Tue, 8 Jun 2021 12:02:34 -0400 Received: by mail-ed1-f50.google.com with SMTP id u24so25098300edy.11 for ; Tue, 08 Jun 2021 09:00:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=KzBiANLi9j4qRw+7ZE0bvUDI/R5Cy+21s3DcO2hhTog=; b=c9/nKfGD/g7bJcrs2n/FTksLofC1WsAzYWyns6HgzgUbaIaYEa4E1QJSOQijaXiqdK vydDwJefSR8COecJKyiUFAS7QValLY/ExW3zYEtACWFImnW4YUOfb+F0e8LOszDm7gIO duEJ592klP2P39oo83bXUo4QPmyrMaYJb1osJT5LcENXHT2TOYD/XjutVtlTVm9fw9KG v4gDSUGAym9GlHGbIGXZQQSy2P8wHw0Yw+ZnH6s8vw4nBsuB/d1XMsY/0S+ZLBU9UlwA boiz1T/BcM6clm3oeqhrq5wqrHdkRWQ0w7eHkMVkL+Giz/E0Ktav7D+bRevCrA5VQZSe bh3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KzBiANLi9j4qRw+7ZE0bvUDI/R5Cy+21s3DcO2hhTog=; b=qCVZnUBWMaGVDYRt4uHwT/mSXvsv36bq9myYkvfHXksberrZwY1pbJTIQXsKnXAJ3F vSxOOr3upIPbgTDH+VZGWjlrvDgjhhldtWDWqPirsVO0uLAK0krPEh6YSRlfBkw8Gojx 1B1wpQbiQ8UTrZ5u5QGdp/pPsWMaFpsmt9rcm4puQThGYzULS7EOpAb2PYD+f93og5ou /x4FkrU4zSVmCJlC+uukv+JLRiwfkmA+oH1YxlkrKB69OPrl0YERIs/AsC6JgwO0JJny uwl6UIIiVeX4OhGQQQ6UECLEFdFGMnHXixdsOFpxQUgdR/nOQbaD7TPPCNHAdInEbwl7 QDQA== X-Gm-Message-State: AOAM531FKBN+ekAwq+L4YVoOXdXByYFFTJV87j+anll30S7D0tXLqksV jOSpig2mFU5Gz12rzWwCIBVxFvZLzNo= X-Google-Smtp-Source: ABdhPJwM8qZ3jKQ11i1V03Ea1bc8V1atZOhXNVAdtWSiZP1bB4oypjP2a2G1AFoQP6Di0a1NgNuonA== X-Received: by 2002:a05:6402:14d5:: with SMTP id f21mr27077879edx.307.1623167968276; Tue, 08 Jun 2021 08:59:28 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:28 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 16/23] libsepol/cil: drop extra semicolon Date: Tue, 8 Jun 2021 17:59:05 +0200 Message-Id: <20210608155912.32047-17-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/cil/src/cil_build_ast.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c index 9a9bc598..da298311 100644 --- a/libsepol/cil/src/cil_build_ast.c +++ b/libsepol/cil/src/cil_build_ast.c @@ -4153,7 +4153,7 @@ void cil_destroy_context(struct cil_context *context) return; } - cil_symtab_datum_destroy(&context->datum);; + cil_symtab_datum_destroy(&context->datum); if (context->range_str == NULL && context->range != NULL) { cil_destroy_levelrange(context->range); From patchwork Tue Jun 8 15:59:06 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307327 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6A6DC4743E for ; Tue, 8 Jun 2021 15:59:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B1F9461359 for ; Tue, 8 Jun 2021 15:59:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232377AbhFHQBh (ORCPT ); Tue, 8 Jun 2021 12:01:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51342 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232736AbhFHQBg (ORCPT ); Tue, 8 Jun 2021 12:01:36 -0400 Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 38FB9C061795 for ; Tue, 8 Jun 2021 08:59:30 -0700 (PDT) Received: by mail-ed1-x535.google.com with SMTP id s6so25101701edu.10 for ; Tue, 08 Jun 2021 08:59:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=ajv1hM5YLUTNdAQtkPwqq/cIlRV37J5hP+Mm8XMZO6g=; b=YSMBP7zDzWuZSS4gDKOZmcagXykyzZ0TFvFtq/S0iqxx3r3ub5tpcuSvO9b0Ks4wtN p++7zH6COHC5/fmYG0CDPjPVcMdweV2BKHGuR36I81z6T7w1J9ZPCW8dEYaur4Q7VvUl Xft5LhJZCoDXBUYkdFVfnbiPz9mpB01w+kdXHHmkLQSvCEZryU865f5bHkKDJ0H0yuxr PJS5/cr51BvWfEZBPqEzXSKig87hx5Hv5f2wSfTSUigUXJ4TwrdPHI97poK5ciGPP4DW ryjkZKag+4jW63dJtFNzg71t/jhCR8KNzl1//az9uMxzPhkwbrixWWm7N+PjBJWCuyyU cthw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ajv1hM5YLUTNdAQtkPwqq/cIlRV37J5hP+Mm8XMZO6g=; b=cXun2UwD8nVlU7o7FH3pgVUuo1oT8vqdMTsPSlrdDiUqy3QKyUF6yK0fLkeo72565g FkVSQtl3DOrc9G2EifN7vfZJ9VQy8rts22VyJR58uE2bha5Vkt+YY9ffr14SUviD1qC7 LuOgMaHpok0qdnXZdM/uCtbe0lVoGKYYgJ0Q6TJxVSLzBBz7n2iRD7iHnVkKdHfUwvo0 LWL1IHo8Oq8ymKWtXVG5V5YwqS6q0OHOXrumFmEgxcLyJmVKNRorK2ikduuvUknE+5dA ch+RzKLFEamALKQ2AwcsGLDCZKN1OUuyBSa/T7QJGEnfF0b9Grb+Yi1zenY0nk5HeNbX Ufnw== X-Gm-Message-State: AOAM5336CaDhKxEajpdWD14qODFbbxZjwCDUUFvQpPCDyb6PuIz0CRls hxsf0hSJaGiJxG+Q2/dGQ/94j4DkwL8= X-Google-Smtp-Source: ABdhPJzsWbwv/QSIDghRBEfjXE0G+b2s+SB/pSr4gLfNgIU9t8Ao7X7Koo/+x8zUUfaI+hAcgc3Jsw== X-Received: by 2002:aa7:da58:: with SMTP id w24mr17896733eds.127.1623167968803; Tue, 08 Jun 2021 08:59:28 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:28 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 17/23] libsepol/cil: drop dead store Date: Tue, 8 Jun 2021 17:59:06 +0200 Message-Id: <20210608155912.32047-18-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org ../cil/src/cil_binary.c:2230:24: warning: Value stored to 'cb_node' during its initialization is never read [deadcode.DeadStores] struct cil_tree_node *cb_node = node->cl_head; ^~~~~~~ ~~~~~~~~~~~~~ Found by clang-analyzer Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/cil/src/cil_binary.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsepol/cil/src/cil_binary.c b/libsepol/cil/src/cil_binary.c index 85094b01..601fe8d1 100644 --- a/libsepol/cil/src/cil_binary.c +++ b/libsepol/cil/src/cil_binary.c @@ -2227,7 +2227,7 @@ int cil_booleanif_to_policydb(policydb_t *pdb, const struct cil_db *db, struct c int rc = SEPOL_ERR; struct cil_args_booleanif bool_args; struct cil_booleanif *cil_boolif = (struct cil_booleanif*)node->data; - struct cil_tree_node *cb_node = node->cl_head; + struct cil_tree_node *cb_node; struct cil_tree_node *true_node = NULL; struct cil_tree_node *false_node = NULL; struct cil_tree_node *tmp_node = NULL; From patchwork Tue Jun 8 15:59:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307325 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A6E4DC48BCD for ; Tue, 8 Jun 2021 15:59:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 88F836136D for ; Tue, 8 Jun 2021 15:59:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232792AbhFHQBh (ORCPT ); Tue, 8 Jun 2021 12:01:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51344 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232377AbhFHQBg (ORCPT ); Tue, 8 Jun 2021 12:01:36 -0400 Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B452FC0617A6 for ; Tue, 8 Jun 2021 08:59:30 -0700 (PDT) Received: by mail-ed1-x536.google.com with SMTP id r7so10720993edv.12 for ; Tue, 08 Jun 2021 08:59:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=w+yWMlseXgD5XDTMV2cty4djn46QT1tcPhKURFHDH8Y=; b=Wn//gpbahlOBQGdJ6UfeZ51hnmX37NG14w+FHrWWcpZYRSguIzW7mVqUkSCSKp8e3U ZwPSDQnidyOjxtP7v7CP0YRfmvKYtEA1JLj/vJRzcS6zpC6nYh2SSV4XYyiWQU4LLBP0 Pr9BIiKl11Ur3k0HirklBgQQKjk/RpeFDHdYP7PALwXRbiR6gK047I6bNRW7H74DihkP ZM98yNWZNu8kYTfrJGiKtLVqySBNlF7i9ry72/Sotrc9fDmGROJknd4/rphoxng2JCx1 yL900lttjW76LiE0IuuVscCFNbhx3epEh0S9vACdifwqO7MoYF1Z0+7QRUx0GC+xDJNZ dXKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=w+yWMlseXgD5XDTMV2cty4djn46QT1tcPhKURFHDH8Y=; b=krqCBLdHkYv7W9E0fJWgOGPAVQH0QQxPwdMsquSIg/B8umTl6PHSXhqTzdnoMBV0mQ bySNec+UDs3UEV7FeXtgV64nH+qIx+5CeW7Eu+u0QcIveg9HHqiTV3AUPsR6X82rLFNA TtNssGbolifnQwhl1GXiE3W3pfov9dYmaBCbVqNjVnigHTE52KWaQ/J8fULE2FNGbTec Kv8q37peYgsKGqRY5Sv6+xy6tUVlXWyfxJ4Qpcvc7no2RO5RwsP2yh43n6x8rDCA0RCB hFb+9seCiQVskSdsnKxYlIXteCcMCv+nZQPJ1RUIwt196ioPggiZy73p/8EKSFkDwB2F 96bg== X-Gm-Message-State: AOAM531roJOCo8+gIOr4Ex4yJ+c8lTW6AhivfsH7YHgmDlU+1enU2oHH JdRlJYQnfYatJzcZIDi5PmCFb+HXkuY= X-Google-Smtp-Source: ABdhPJzXjUu8jBuhd3rXZHBPhaM/Zj6GjqYr3Mz0oQ8pASNK1VIlX6SBoPhGP6z9UnO/0AVioP2h4Q== X-Received: by 2002:a50:9d8d:: with SMTP id w13mr26189090ede.94.1623167969334; Tue, 08 Jun 2021 08:59:29 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:29 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 18/23] libsepol/cil: drop unnecessary casts Date: Tue, 8 Jun 2021 17:59:07 +0200 Message-Id: <20210608155912.32047-19-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org `const_hashtab_key_t` is a typedef of `const char *`, so these casts are not needed. Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/cil/src/cil_strpool.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/libsepol/cil/src/cil_strpool.c b/libsepol/cil/src/cil_strpool.c index 70bca363..e32ee4e9 100644 --- a/libsepol/cil/src/cil_strpool.c +++ b/libsepol/cil/src/cil_strpool.c @@ -47,14 +47,13 @@ static hashtab_t cil_strpool_tab = NULL; static unsigned int cil_strpool_hash(hashtab_t h, const_hashtab_key_t key) { - const char *p, *keyp; + const char *p; size_t size; unsigned int val; val = 0; - keyp = (const char*)key; - size = strlen(keyp); - for (p = keyp; ((size_t) (p - keyp)) < size; p++) + size = strlen(key); + for (p = key; ((size_t) (p - key)) < size; p++) val = (val << 4 | (val >> (8 * sizeof(unsigned int) - 4))) ^ (*p); return val & (h->size - 1); @@ -62,9 +61,7 @@ static unsigned int cil_strpool_hash(hashtab_t h, const_hashtab_key_t key) static int cil_strpool_compare(hashtab_t h __attribute__ ((unused)), const_hashtab_key_t key1, const_hashtab_key_t key2) { - const char *keyp1 = (const char*)key1; - const char *keyp2 = (const char*)key2; - return strcmp(keyp1, keyp2); + return strcmp(key1, key2); } char *cil_strpool_add(const char *str) @@ -73,12 +70,12 @@ char *cil_strpool_add(const char *str) pthread_mutex_lock(&cil_strpool_mutex); - strpool_ref = hashtab_search(cil_strpool_tab, (hashtab_key_t)str); + strpool_ref = hashtab_search(cil_strpool_tab, str); if (strpool_ref == NULL) { int rc; strpool_ref = cil_malloc(sizeof(*strpool_ref)); strpool_ref->str = cil_strdup(str); - rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref); + rc = hashtab_insert(cil_strpool_tab, strpool_ref->str, strpool_ref); if (rc != SEPOL_OK) { pthread_mutex_unlock(&cil_strpool_mutex); cil_log(CIL_ERR, "Failed to allocate memory\n"); From patchwork Tue Jun 8 15:59:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307347 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.9 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,UNWANTED_LANGUAGE_BODY, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 24925C47082 for ; Tue, 8 Jun 2021 16:00:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0FCAE610A2 for ; Tue, 8 Jun 2021 16:00:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233586AbhFHQCh (ORCPT ); Tue, 8 Jun 2021 12:02:37 -0400 Received: from mail-ej1-f49.google.com ([209.85.218.49]:43589 "EHLO mail-ej1-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232973AbhFHQCh (ORCPT ); Tue, 8 Jun 2021 12:02:37 -0400 Received: by mail-ej1-f49.google.com with SMTP id ci15so33423926ejc.10 for ; Tue, 08 Jun 2021 09:00:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=wt8tV6cOAtQf7ullP506otx0rkyraYe9/a8/Bp/vNP4=; b=ml3Oz41pqseqQB78yRju3Hw8hSXgfjsw8dR3EyTjmgV7xxwOUA0I1bzx6N8Ns1iCaE B/Ds+yg5bJcIbnG4ytYjCi9dn0q6vaLdxqQwupzeWBmd9iR/3LUWeA+LfWRRm6fdchxw qa/p86ebPs3X/N86KWhyHt2RB3hNnVkpWg78lNNTF5ZFcidij9+Uz+DGRwmsV7aB4LSY Synuf7snejJmp5pzX3zsTkWbJpP9TStEhlsZkwkTny7n+e/UbclUBeeHN45zUMpNiBId PzM1d8pAKbFSEz/B/O4hSFfaW2vFuEVzKG8ahwyjM1LLfXySPa1Oh6XdxkKm7cDktKWn Zoog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=wt8tV6cOAtQf7ullP506otx0rkyraYe9/a8/Bp/vNP4=; b=LT2tvKw7IOCXnzj5x82RsW1TDkrWKmR/COMLMWFa+5vNT7bZwbMo2pBA3XO3Wf8Y+8 p2iifhDbgb/lTnwwnosubdKZumPC4L1mK+yfysDm4HjTL4iQqrcXcO/veLW5EfRVTnZW KOmuhyhWZrATm+3VJnXaOBw6uszc+IDRCiuW+c6GUPbg0jTqbuZds2y/2bAx6H5C2TVD qf9fV/bDRBLDKhVzrEthUNjmrJttguxcroNPqF3a8jJddb3V5d4cqdS6ymBx3Du/cUsr wV/QUbQWJJvhQBIQYAuqOpnKlnpgNuGHLvFv3rsW07Q0MPvZz9AmTeAattPc1M+TfXaj 9IWQ== X-Gm-Message-State: AOAM532Fp4GPk9PJCB1HJ1RFUgUNwh+tmkm8DHlw9P2gdQzEP03S9x+7 qKdcGVXL3TeVQizu4FKZwbHubt/MDZs= X-Google-Smtp-Source: ABdhPJxr06kftxrDONkYwl9oHB87ZtiXrwmbPhP9AuMW7TwV0XkstNGXHgCAXqmHK+GL/tb/GCNarA== X-Received: by 2002:a17:907:7808:: with SMTP id la8mr22170600ejc.13.1623167969889; Tue, 08 Jun 2021 08:59:29 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:29 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 19/23] libsepol/cil: avoid using maybe uninitialized variables Date: Tue, 8 Jun 2021 17:59:08 +0200 Message-Id: <20210608155912.32047-20-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Initialize variables, as they are set after goto statements, which jump to cleanup code using them. Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/cil/src/cil_binary.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/libsepol/cil/src/cil_binary.c b/libsepol/cil/src/cil_binary.c index 601fe8d1..54d13f2f 100644 --- a/libsepol/cil/src/cil_binary.c +++ b/libsepol/cil/src/cil_binary.c @@ -1073,7 +1073,7 @@ int __cil_type_rule_to_avtab(policydb_t *pdb, const struct cil_db *db, struct ci type_datum_t *sepol_src = NULL; type_datum_t *sepol_tgt = NULL; class_datum_t *sepol_obj = NULL; - struct cil_list *class_list; + struct cil_list *class_list = NULL; type_datum_t *sepol_result = NULL; ebitmap_t src_bitmap, tgt_bitmap; ebitmap_node_t *node1, *node2; @@ -1129,7 +1129,7 @@ int __cil_typetransition_to_avtab(policydb_t *pdb, const struct cil_db *db, stru type_datum_t *sepol_src = NULL; type_datum_t *sepol_tgt = NULL; class_datum_t *sepol_obj = NULL; - struct cil_list *class_list; + struct cil_list *class_list = NULL; type_datum_t *sepol_result = NULL; ebitmap_t src_bitmap, tgt_bitmap; ebitmap_node_t *node1, *node2; @@ -2338,7 +2338,7 @@ int cil_roletrans_to_policydb(policydb_t *pdb, const struct cil_db *db, struct c role_datum_t *sepol_src = NULL; type_datum_t *sepol_tgt = NULL; class_datum_t *sepol_obj = NULL; - struct cil_list *class_list; + struct cil_list *class_list = NULL; role_datum_t *sepol_result = NULL; role_trans_t *new = NULL; uint32_t *new_role = NULL; @@ -3166,7 +3166,7 @@ int cil_rangetransition_to_policydb(policydb_t *pdb, const struct cil_db *db, st type_datum_t *sepol_src = NULL; type_datum_t *sepol_tgt = NULL; class_datum_t *sepol_class = NULL; - struct cil_list *class_list; + struct cil_list *class_list = NULL; range_trans_t *newkey = NULL; struct mls_range *newdatum = NULL; ebitmap_t src_bitmap, tgt_bitmap; @@ -3603,7 +3603,7 @@ int cil_default_to_policydb(policydb_t *pdb, struct cil_default *def) { struct cil_list_item *curr; class_datum_t *sepol_class; - struct cil_list *class_list; + struct cil_list *class_list = NULL; cil_list_for_each(curr, def->class_datums) { struct cil_list_item *c; @@ -3658,7 +3658,7 @@ int cil_defaultrange_to_policydb(policydb_t *pdb, struct cil_defaultrange *def) { struct cil_list_item *curr; class_datum_t *sepol_class; - struct cil_list *class_list; + struct cil_list *class_list = NULL; cil_list_for_each(curr, def->class_datums) { struct cil_list_item *c; From patchwork Tue Jun 8 15:59:09 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307315 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0B2C1C47082 for ; Tue, 8 Jun 2021 15:59:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E0BEB60FEA for ; Tue, 8 Jun 2021 15:59:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231712AbhFHQB2 (ORCPT ); Tue, 8 Jun 2021 12:01:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51358 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230460AbhFHQB0 (ORCPT ); Tue, 8 Jun 2021 12:01:26 -0400 Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DC1E6C0617A8 for ; Tue, 8 Jun 2021 08:59:31 -0700 (PDT) Received: by mail-ed1-x52b.google.com with SMTP id b11so25137412edy.4 for ; Tue, 08 Jun 2021 08:59:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=+MrgmO26Q2rR1FpHG+RRPK4CImGFKiyb1+bEKe3ioy4=; b=TZXEnQ6dsDnjn28880yMRH8PxybumNGiIG0kY2LpE9bSPegenNK/qkEgHJWepUv2U0 nSjDu/zG40rsSQ0c+7M4lKXVEidTAqQzPl/A81rVbRdH28MuXV99Kg1lkAvc2NO+7ydq p20bbC3p8U79bevoI3kOEdUKVb/fHe2zC3nuPbkYuFtlwtv0uyTkQvpS/tIcU+vJjSeB ywzmITqDaSRrNyg5JyTsLQVWlVuCU2JPXk88vupguSby8X/AImH4hkruCBnh+ut5PnfJ 70XJrMNO55hpX4u7mlimuqbwKAW10f/ko4a6JRrraCo+/LDjhw9ubNrzc28UZ92sEiJG LoDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+MrgmO26Q2rR1FpHG+RRPK4CImGFKiyb1+bEKe3ioy4=; b=qqrKgZjAMSAD2GJs4kGLDLXmcGDzVpaIMViSr+JjoxecNzZWJNHB7XFWM35IFNIKlo YjJbgllVsQtw/8BRjVAyoX4s4l6Jc0sMIowRGnJ6IhWn5TpFrw0SK8ZXUKeo1HeZS4hH 28zh9TlFnG/CvXYVr9c6ZBrjZzaUTf6TLia5WKzoUE62jRJ27ycAAtQKL+79Q2EnjmLZ K+C5ZyeS4P7uRSSlxZpj1Hbnj4f+/AAd1OzaDgy4aC0kqoBqRxGTSbycFl0kis6UJPZl xGsXtgMVG3GMs+w3BHEg3Ud0ikxDxHbfYpQrlPE/0B+EzMYJwGx7RqHyywpO3lDE8C3Q Mthw== X-Gm-Message-State: AOAM531x6fPN1Mi6Gr2eRCiJpSpoH+0nDazvVni6KA5/NMC8EPNM6ewb s5KprJnaf9aMatKDd3jNinPucWhGq60= X-Google-Smtp-Source: ABdhPJxAs9NnF89Cnq/KMNKeiU/vfdEt2inf1vOOs+J3XG2/3k6H2NJ5A+6+Hpm6y3hMob2WvOgPEA== X-Received: by 2002:a05:6402:1648:: with SMTP id s8mr26625218edx.256.1623167970457; Tue, 08 Jun 2021 08:59:30 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:30 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 20/23] libsepol: drop repeated semicolons Date: Tue, 8 Jun 2021 17:59:09 +0200 Message-Id: <20210608155912.32047-21-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/kernel_to_cil.c | 2 +- libsepol/src/module.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index 17b5ebf0..238a2483 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -1050,7 +1050,7 @@ static char *cats_ebitmap_to_str(struct ebitmap *cats, char **val_to_name) p = catsbuf; *p++ = '('; - remaining--;; + remaining--; range = 0; ebitmap_for_each_positive_bit(cats, node, i) { diff --git a/libsepol/src/module.c b/libsepol/src/module.c index 836da308..9b53bc47 100644 --- a/libsepol/src/module.c +++ b/libsepol/src/module.c @@ -82,7 +82,7 @@ static int policy_file_length(struct policy_file *fp, size_t *out) break; case PF_USE_MEMORY: *out = fp->size; - break;; + break; default: *out = 0; break; From patchwork Tue Jun 8 15:59:10 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307349 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CECD3C4743E for ; Tue, 8 Jun 2021 16:00:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BC050610A2 for ; Tue, 8 Jun 2021 16:00:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233618AbhFHQCi (ORCPT ); Tue, 8 Jun 2021 12:02:38 -0400 Received: from mail-ej1-f43.google.com ([209.85.218.43]:45604 "EHLO mail-ej1-f43.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233614AbhFHQCi (ORCPT ); Tue, 8 Jun 2021 12:02:38 -0400 Received: by mail-ej1-f43.google.com with SMTP id k7so33378654ejv.12 for ; Tue, 08 Jun 2021 09:00:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=uD6bk0/nI/HRTwKq9nevppFxCTn5qcRA6NT6yLc3prk=; b=BQRLV7uD1FJI7CTgdUqLIj2wBgJWuESElzR+myaOJYCTdBV/RTDWi4U70Wd8Eq57Lo AdUmj52kH5RTgdka79GwC1aufom4egYuWMDE8yWcnIbPA46rhEK6M5O1ZKE8c+Ofzmn1 mGu2pQX8Tg0wCMWZrGFeO/ZZoq6rw2rSk4GZAzzZt9WuEgWRpE7l99C3pmSHfZ3mtKUt 8fCrDA5PA6FWenb4ilcuRD0MRrUZYiMiLkEL6TIWiA6ygP0Zpm7ERKHOiFctkqm99YHF kw/qfmvdtGU4WpJbe7KWvhpmbQv2dAeKGBEciIkyWE53i1b0GnIRE98dkUPZxmf28/zp oshA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uD6bk0/nI/HRTwKq9nevppFxCTn5qcRA6NT6yLc3prk=; b=VTb9exXUwE4jlcXwygjRJpkkVSHp2iuj4Iqsvyn+vDKvGlK7XY7rYx/yTI/GRhx5fW o26e8h2Um/dtKWj1GaYkE4z3kFtWrBvy4uDUM2ApbrSS2wym1jqZF9NkFSj+Rp65N1oF j81SrO7WADe75DIP0uidSla9E9A1YpokGymC0Hpf27L9jY1OVM+wcGp1GmVqj18mTd7/ 0nCOWpgv5oymmbENnNskYIlYuKtDmKfDlTyu9X8OvYqJ8u8DZjKlFzd5FK3oD0wmD6mn NWkt9SxExF4WPsYvizjAVaDSPvTVt4wjLgMqXX0bWSC8cQpnE/yzz0M1atoOsvUQDXJW t4wA== X-Gm-Message-State: AOAM5313HNVBHtPVl/4a3hIsnMPwkpA7TEnXIdrOS1y83Q4MinO+tFJF w/wbDJvregHkwEv7wk5msFKJO83qutQ= X-Google-Smtp-Source: ABdhPJwSj1MLJgYfylZe3LQUWu/A628uoVhlgfn3l7iGkXq/a6McHKYOtPp9ooSMIHOdLiGTIzXAbQ== X-Received: by 2002:a17:906:7b4f:: with SMTP id n15mr23639989ejo.220.1623167970983; Tue, 08 Jun 2021 08:59:30 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:30 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 21/23] libsepol: drop unnecessary casts Date: Tue, 8 Jun 2021 17:59:10 +0200 Message-Id: <20210608155912.32047-22-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org `hashtab_search()` does take `const_hashtab_key_t` as second parameter, which is a typedef for `const char *`. Drop the unnecessary and const-violating cast. Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/services.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libsepol/src/services.c b/libsepol/src/services.c index f7c31d80..47a3dc14 100644 --- a/libsepol/src/services.c +++ b/libsepol/src/services.c @@ -1182,7 +1182,7 @@ int sepol_string_to_security_class(const char *class_name, class_datum_t *tclass_datum; tclass_datum = hashtab_search(policydb->p_classes.table, - (hashtab_key_t) class_name); + class_name); if (!tclass_datum) { ERR(NULL, "unrecognized class %s", class_name); return STATUS_ERR; @@ -1211,7 +1211,7 @@ int sepol_string_to_av_perm(sepol_security_class_t tclass, /* Check for unique perms then the common ones (if any) */ perm_datum = (perm_datum_t *) hashtab_search(tclass_datum->permissions.table, - (hashtab_key_t)perm_name); + perm_name); if (perm_datum != NULL) { *av = 0x1 << (perm_datum->s.value - 1); return STATUS_SUCCESS; @@ -1222,7 +1222,7 @@ int sepol_string_to_av_perm(sepol_security_class_t tclass, perm_datum = (perm_datum_t *) hashtab_search(tclass_datum->comdatum->permissions.table, - (hashtab_key_t)perm_name); + perm_name); if (perm_datum != NULL) { *av = 0x1 << (perm_datum->s.value - 1); From patchwork Tue Jun 8 15:59:11 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307351 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 30C55C4743D for ; Tue, 8 Jun 2021 16:00:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1CFB560FEA for ; Tue, 8 Jun 2021 16:00:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233614AbhFHQCi (ORCPT ); Tue, 8 Jun 2021 12:02:38 -0400 Received: from mail-ej1-f51.google.com ([209.85.218.51]:37801 "EHLO mail-ej1-f51.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232973AbhFHQCi (ORCPT ); Tue, 8 Jun 2021 12:02:38 -0400 Received: by mail-ej1-f51.google.com with SMTP id ce15so33437718ejb.4 for ; Tue, 08 Jun 2021 09:00:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=nD5lJovil9XnGQKRHbSaMqa7v0oI1yzr4hFIaEC2C1o=; b=OGrT4NIziwGReDyrC2/wc+tWSHicLkzywfh/DZ3pMaVbXcnyGTZAToTXRowuy6DooV RlMSza8SGQmkwsFkvvAXIhKwUozjDUtbtGA8HP6qO8fdY61pmmRkTfC8Aeop7SyKTXYL x/5REDwvyLJ0Nz8jSoU3RFB8A1TgXGSyzWor5gW3DNX5yedO57Dhf07TPuxgY3VztLym zfikKLxGCiUAaAr3+BCajQKuiCulnKm2V+0cmHdjS6+3/E2FXCoXh78PcCTSDMTdOv6u 9Rxs7S6Wj5lffErBB80nbRpIs2o2gDRJ2G3bYOD/0uXIttr5dDL21EtzGBHAZlKtHee9 bdOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nD5lJovil9XnGQKRHbSaMqa7v0oI1yzr4hFIaEC2C1o=; b=MnYBOJdsmDTjxFNR6dx+c9KoGR3GalPM81wz2tZRpsGsHVbxPDmM++oW4KqJaCeocw 3SZ6CxHWgFms5kyqtyNnPxLi4KcvPraGFTPBSIoEmePnfnJ5SpZsPO6xUADdKpYMdkqL oDY4ZSVEA+9McM1gB6iRbfvfrRl6UDFEdM1zsQD7Pgj7lpmKyA7Zo2isZJuidJHZnZjo bSZHNx+VSjOletr5Kz6E7WoUWh8OOc9gxuVD8yL+cD9UZ6V/9UiEjQ0iN7sW1J+g1KVO py4al56PkSd4Tnv7uGGyYyHeHNP7JtkbngPTGamaYVclX7owmDd5vCp3lln73OKpMgU+ hPoQ== X-Gm-Message-State: AOAM532tNE23B5Vyen1K7sAIoknlwZSTU/UKbQczVAxsqk1zMr1T9Wj8 hkFTrzwx2ZHMrqjdnlaU6pg9O9yIOQs= X-Google-Smtp-Source: ABdhPJz6KnhLr3P9NvjoY9q1jroOiP4+Ztpo35ieXJon7Mzn8EU2Ek0ecTYHOMHBt0iiBU3tQ4EjTQ== X-Received: by 2002:a17:906:998c:: with SMTP id af12mr22974695ejc.510.1623167971559; Tue, 08 Jun 2021 08:59:31 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:31 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 22/23] libsepol: declare file local variable static Date: Tue, 8 Jun 2021 17:59:11 +0200 Message-Id: <20210608155912.32047-23-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Clang issues: module_to_cil.c:65:7: warning: no previous extern declaration for non-static variable 'out_file' [-Wmissing-variable-declarations] FILE *out_file; ^ Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/module_to_cil.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c index 73ec7971..1d724b91 100644 --- a/libsepol/src/module_to_cil.c +++ b/libsepol/src/module_to_cil.c @@ -62,7 +62,7 @@ # define UNUSED(x) UNUSED_ ## x #endif -FILE *out_file; +static FILE *out_file; #define STACK_SIZE 16 #define DEFAULT_LEVEL "systemlow" From patchwork Tue Jun 8 15:59:12 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12307353 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7497C47082 for ; Tue, 8 Jun 2021 16:00:47 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9043260FEA for ; Tue, 8 Jun 2021 16:00:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233634AbhFHQCj (ORCPT ); Tue, 8 Jun 2021 12:02:39 -0400 Received: from mail-ed1-f43.google.com ([209.85.208.43]:39453 "EHLO mail-ed1-f43.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232973AbhFHQCj (ORCPT ); Tue, 8 Jun 2021 12:02:39 -0400 Received: by mail-ed1-f43.google.com with SMTP id dj8so25126955edb.6 for ; Tue, 08 Jun 2021 09:00:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=IEGuYh6G2GIs2dFAWSQU0XFKcYPcG5199/XNsvfhk1Y=; b=YyEV6AM2LPodnAqlCeg/HgKZZ4dgCdcCCcHyEiqE0tCZTXOkCDoY0eJX99uEp3Jj63 XUqgRGkcro27O8GCLUjfiONqzHfHkMzF18uycFMeXvRtZZT2TKqymVNU1Z6rk00dBPTH 92sbpF5Dlru9CM8TCLOhhMLh6am8oZFNyYWRv7H4FIVdOkoOjlwTzXwjlGCBo+TOdsEW oPKQdZ20oxLyNqf5t3EIAMGeta117vLAhS45VLXDj+nz3htW6+QCuCjLSrrUQVN6l5Ms 0me28deJkUI7fvCKITkMhUvv/6yYOZTqkobtFjd98VT8RHuHVaM19LilKg6f55ph+3zt mJ4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=IEGuYh6G2GIs2dFAWSQU0XFKcYPcG5199/XNsvfhk1Y=; b=m5sjGcltKpuHIrdCYfYzYHGBh3IJB6qE5cuQigQEXpDBq3iRkX+b+9XoyMDP61Gq2O ilQa3nthnqtRfhyMJb+b8xJnrmJpB1h6iIBoffPSOMg4IUjPqW2XnVbA7iNrWzQ22CsJ fxq5vcZX0jKUF0qQ1+geQvAwVMxByaKY+L6pRmUlU+7ESA+ikqkqzLwMRUTtzdBgk4Mp idWtDqF1YLNPOekH+kEoxS4jaJWKGZlfXPE/c8HZe4eaBSjJW3blZdqDdg2sRBWu0UXf 96ttL9PxAT7bb+7sYBPRFOSE7drVR+GRPsaw7IAZOySuPKrBhIK+iftMEhP00bsH0QN6 ZAPA== X-Gm-Message-State: AOAM532L0/6WfVJ8FoKZDgpWVTU0gwHbl1MflumZN4CzbBwxBDw6gbBx BMOUvqzOXty7PRMFnfRHXa22iwjSDqM= X-Google-Smtp-Source: ABdhPJzyyA87MakTENXkNsTlMF14TjEgPAe2fCRUMpmtZuSz8newhnimSRKpS+5Dnq7iKn/JwkoRPw== X-Received: by 2002:a50:9346:: with SMTP id n6mr26045739eda.365.1623167972116; Tue, 08 Jun 2021 08:59:32 -0700 (PDT) Received: from debianHome.localdomain (dynamic-095-112-183-231.95.112.pool.telefonica.de. [95.112.183.231]) by smtp.gmail.com with ESMTPSA id n13sm51134ejk.97.2021.06.08.08.59.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Jun 2021 08:59:31 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 23/23] libsepol: declare read-only arrays const Date: Tue, 8 Jun 2021 17:59:12 +0200 Message-Id: <20210608155912.32047-24-cgzones@googlemail.com> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com> References: <20210608155912.32047-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Make it more apparent that those data does not change and enforce it. Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/avrule_block.c | 2 +- libsepol/src/avtab.c | 2 +- libsepol/src/link.c | 2 +- libsepol/src/polcaps.c | 2 +- libsepol/src/policydb.c | 22 +++++++++++----------- libsepol/src/policydb_internal.h | 2 +- libsepol/src/private.h | 6 +++--- libsepol/src/write.c | 8 ++++---- 8 files changed, 23 insertions(+), 23 deletions(-) diff --git a/libsepol/src/avrule_block.c b/libsepol/src/avrule_block.c index a9832d0d..dcfce8b8 100644 --- a/libsepol/src/avrule_block.c +++ b/libsepol/src/avrule_block.c @@ -30,7 +30,7 @@ /* It is anticipated that there be less declarations within an avrule * block than the global policy. Thus the symbol table sizes are * smaller than those listed in policydb.c */ -static unsigned int symtab_sizes[SYM_NUM] = { +static const unsigned int symtab_sizes[SYM_NUM] = { 2, 4, 8, diff --git a/libsepol/src/avtab.c b/libsepol/src/avtab.c index c2ccb005..7b80377c 100644 --- a/libsepol/src/avtab.c +++ b/libsepol/src/avtab.c @@ -424,7 +424,7 @@ void avtab_hash_eval(avtab_t * h, char *tag) } /* Ordering of datums in the original avtab format in the policy file. */ -static uint16_t spec_order[] = { +static const uint16_t spec_order[] = { AVTAB_ALLOWED, AVTAB_AUDITDENY, AVTAB_AUDITALLOW, diff --git a/libsepol/src/link.c b/libsepol/src/link.c index bdc1fcbf..461d2feb 100644 --- a/libsepol/src/link.c +++ b/libsepol/src/link.c @@ -78,7 +78,7 @@ typedef struct missing_requirement { uint32_t perm_value; } missing_requirement_t; -static const char *symtab_names[SYM_NUM] = { +static const char * const symtab_names[SYM_NUM] = { "common", "class", "role", "type/attribute", "user", "bool", "level", "category" }; diff --git a/libsepol/src/polcaps.c b/libsepol/src/polcaps.c index 67ed5786..6a74ec7d 100644 --- a/libsepol/src/polcaps.c +++ b/libsepol/src/polcaps.c @@ -5,7 +5,7 @@ #include #include -static const char *polcap_names[] = { +static const char * const polcap_names[] = { "network_peer_controls", /* POLICYDB_CAPABILITY_NETPEER */ "open_perms", /* POLICYDB_CAPABILITY_OPENPERM */ "extended_socket_class", /* POLICYDB_CAPABILITY_EXTSOCKCLASS */ diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index 7739b0fb..0bc0ead8 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -57,10 +57,10 @@ #include "policydb_validate.h" #define POLICYDB_TARGET_SZ ARRAY_SIZE(policydb_target_strings) -const char *policydb_target_strings[] = { POLICYDB_STRING, POLICYDB_XEN_STRING }; +const char * const policydb_target_strings[] = { POLICYDB_STRING, POLICYDB_XEN_STRING }; /* These need to be updated if SYM_NUM or OCON_NUM changes */ -static struct policydb_compat_info policydb_compat[] = { +static const struct policydb_compat_info policydb_compat[] = { { .type = POLICY_KERN, .version = POLICYDB_VERSION_BOUNDARY, @@ -460,7 +460,7 @@ static char *symtab_name[SYM_NUM] = { }; #endif -static unsigned int symtab_sizes[SYM_NUM] = { +static const unsigned int symtab_sizes[SYM_NUM] = { 2, 32, 16, @@ -471,12 +471,12 @@ static unsigned int symtab_sizes[SYM_NUM] = { 16, }; -struct policydb_compat_info *policydb_lookup_compat(unsigned int version, - unsigned int type, - unsigned int target_platform) +const struct policydb_compat_info *policydb_lookup_compat(unsigned int version, + unsigned int type, + unsigned int target_platform) { unsigned int i; - struct policydb_compat_info *info = NULL; + const struct policydb_compat_info *info = NULL; for (i = 0; i < sizeof(policydb_compat) / sizeof(*info); i++) { if (policydb_compat[i].version == version && @@ -2854,7 +2854,7 @@ static int filename_trans_read(policydb_t *p, struct policy_file *fp) return 0; } -static int ocontext_read_xen(struct policydb_compat_info *info, +static int ocontext_read_xen(const struct policydb_compat_info *info, policydb_t *p, struct policy_file *fp) { unsigned int i, j; @@ -2963,7 +2963,7 @@ static int ocontext_read_xen(struct policydb_compat_info *info, } return 0; } -static int ocontext_read_selinux(struct policydb_compat_info *info, +static int ocontext_read_selinux(const struct policydb_compat_info *info, policydb_t * p, struct policy_file *fp) { unsigned int i, j; @@ -3141,7 +3141,7 @@ static int ocontext_read_selinux(struct policydb_compat_info *info, return 0; } -static int ocontext_read(struct policydb_compat_info *info, +static int ocontext_read(const struct policydb_compat_info *info, policydb_t *p, struct policy_file *fp) { int rc = -1; @@ -4198,7 +4198,7 @@ int policydb_read(policydb_t * p, struct policy_file *fp, unsigned verbose) uint32_t buf[5]; size_t len, nprim, nel; char *policydb_str; - struct policydb_compat_info *info; + const struct policydb_compat_info *info; unsigned int policy_type, bufindex; ebitmap_node_t *tnode; int rc; diff --git a/libsepol/src/policydb_internal.h b/libsepol/src/policydb_internal.h index 06ba5c8b..dd8f25d0 100644 --- a/libsepol/src/policydb_internal.h +++ b/libsepol/src/policydb_internal.h @@ -3,5 +3,5 @@ #include -extern const char *policydb_target_strings[]; +extern const char * const policydb_target_strings[]; #endif diff --git a/libsepol/src/private.h b/libsepol/src/private.h index f5b5277f..72f21262 100644 --- a/libsepol/src/private.h +++ b/libsepol/src/private.h @@ -56,9 +56,9 @@ struct policydb_compat_info { unsigned int target_platform; }; -extern struct policydb_compat_info *policydb_lookup_compat(unsigned int version, - unsigned int type, - unsigned int target_platform); +extern const struct policydb_compat_info *policydb_lookup_compat(unsigned int version, + unsigned int type, + unsigned int target_platform); /* Reading from a policy "file". */ extern int next_entry(void *buf, struct policy_file *fp, size_t bytes); diff --git a/libsepol/src/write.c b/libsepol/src/write.c index 84bcaf3f..3bd034d6 100644 --- a/libsepol/src/write.c +++ b/libsepol/src/write.c @@ -1345,7 +1345,7 @@ static int (*write_f[SYM_NUM]) (hashtab_key_t key, hashtab_datum_t datum, common_write, class_write, role_write, type_write, user_write, cond_write_bool, sens_write, cat_write,}; -static int ocontext_write_xen(struct policydb_compat_info *info, policydb_t *p, +static int ocontext_write_xen(const struct policydb_compat_info *info, policydb_t *p, struct policy_file *fp) { unsigned int i, j; @@ -1453,7 +1453,7 @@ static int ocontext_write_xen(struct policydb_compat_info *info, policydb_t *p, return POLICYDB_SUCCESS; } -static int ocontext_write_selinux(struct policydb_compat_info *info, +static int ocontext_write_selinux(const struct policydb_compat_info *info, policydb_t *p, struct policy_file *fp) { unsigned int i, j; @@ -1583,7 +1583,7 @@ static int ocontext_write_selinux(struct policydb_compat_info *info, return POLICYDB_SUCCESS; } -static int ocontext_write(struct policydb_compat_info *info, policydb_t * p, +static int ocontext_write(const struct policydb_compat_info *info, policydb_t * p, struct policy_file *fp) { int rc = POLICYDB_ERROR; @@ -2179,7 +2179,7 @@ int policydb_write(policydb_t * p, struct policy_file *fp) unsigned int i, num_syms; uint32_t buf[32], config; size_t items, items2, len; - struct policydb_compat_info *info; + const struct policydb_compat_info *info; struct policy_data pd; const char *policydb_str;