From patchwork Tue Jan 25 14:14:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12723849 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 95076C433FE for ; Tue, 25 Jan 2022 14:19:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1578364AbiAYOS6 (ORCPT ); Tue, 25 Jan 2022 09:18:58 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34438 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1578159AbiAYOPF (ORCPT ); Tue, 25 Jan 2022 09:15:05 -0500 Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 28417C06176F; Tue, 25 Jan 2022 06:15:05 -0800 (PST) Received: by mail-ed1-x536.google.com with SMTP id m11so63056614edi.13; Tue, 25 Jan 2022 06:15:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4+R74cF3PNyNmzK5lZ+KVOoV8dO4stgyK6i+ACgdHuY=; b=nW3kSEoKjAegBSj/tKBNPyr/I7rHTyjQAB1EXidLRV+VvXS9TDUvFHuRCqIiPLQVw9 T6JiCi1jAvgT0S4eNWkq8uTqQYXBjenKL1lqYYUWzsVNrXTitKjTcj5FX0GgyEyFp01o VD7l9uF/FCjFQJ1RTKKpQzYobpFcHEDWR2+FfporyoprCIYsG0iioS9jkPFIKZoLrhzR mhdRABM0JMguoWT9aSA+FmPoutW2vrWalJgCGEKHbi8nnEi5C89fGm1UxlYb/wfIlfxc uARigW8ZtjTnAee65n87/qd+qdHS3pRN4+Nd28i52OnYz7PlhcLaONl4URN/ufp+9P7x y1uw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4+R74cF3PNyNmzK5lZ+KVOoV8dO4stgyK6i+ACgdHuY=; b=yRFJ+qNEot9qHMjxxoueo6DQzHh+4WBkav8PBOnL+YWO4tIgbLapwDuYhd78S+CILU RTtJHp7yE8ly6L6cSuaZzNZwBJ/K0h81O3ywKt8aB9mtR3z3zQPKPeNa4LOOJIWYtuRv OUA9WKbSxKMhIYxQkbT/HNDtvrFME3ifsEThPHT3ckv4fBqOgmepIUJUkpWoYtGKFHP+ bg9xgeB5pWkI0PjG9U94umuK0uRt0u/C4tDiWQQvhvFqExwSD456c9nClFIJw62pPIzl 3O64D1I1Ro0lITUPSKYjztbu0k548apFMl1cvNpSWgzkaJyF9k9fvnq3Sd02C4RlqlMd n41w== X-Gm-Message-State: AOAM533gFCbCn0LHdQgtHVovMG03hzIbpAaJT7njUwq56U2KHW2VHdYl L+VDFv+O//ZTlA1KPJIQXvgKHI068d7RSQ== X-Google-Smtp-Source: ABdhPJwG4lgvewAKWyiyXxm/wo0J9DWS5+QwQuyJwfNzJpI15e32o+RlpJ65tOnVDfqQaVwy/gMpng== X-Received: by 2002:a17:906:4e16:: with SMTP id z22mr16359875eju.338.1643120103653; Tue, 25 Jan 2022 06:15:03 -0800 (PST) Received: from debianHome.localdomain (dynamic-077-010-144-044.77.10.pool.telefonica.de. [77.10.144.44]) by smtp.gmail.com with ESMTPSA id lu44sm6292929ejb.145.2022.01.25.06.15.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 06:15:03 -0800 (PST) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Jeff Vander Stoep , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 1/9] selinux: check return value of sel_make_avc_files Date: Tue, 25 Jan 2022 15:14:20 +0100 Message-Id: <20220125141422.32655-9-cgzones@googlemail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220125141422.32655-1-cgzones@googlemail.com> References: <20220125141422.32655-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org sel_make_avc_files() might fail and return a negative errno value on memory allocation failures. Re-add the check of the return value, dropped in 66f8e2f03c02. Reported by clang-analyzer: security/selinux/selinuxfs.c:2129:2: warning: Value stored to 'ret' is never read [deadcode.DeadStores] ret = sel_make_avc_files(dentry); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~ Fixes: 66f8e2f03c02 ("selinux: sidtab reverse lookup hash table") Signed-off-by: Christian Göttsche Reviewed-by: Nick Desaulniers --- security/selinux/selinuxfs.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index e4cd7cb856f3..f2f6203e0fff 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -2127,6 +2127,8 @@ static int sel_fill_super(struct super_block *sb, struct fs_context *fc) } ret = sel_make_avc_files(dentry); + if (ret) + goto err; dentry = sel_make_dir(sb->s_root, "ss", &fsi->last_ino); if (IS_ERR(dentry)) { From patchwork Tue Jan 25 14:14:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12723821 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 30F55C433EF for ; Tue, 25 Jan 2022 14:17:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1385482AbiAYORA (ORCPT ); Tue, 25 Jan 2022 09:17:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34372 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1386528AbiAYOOw (ORCPT ); Tue, 25 Jan 2022 09:14:52 -0500 Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73A5EC061751; Tue, 25 Jan 2022 06:14:51 -0800 (PST) Received: by mail-ed1-x534.google.com with SMTP id a18so62988487edj.7; Tue, 25 Jan 2022 06:14:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Pip/ynndQDsKYwfFpC0FwgQbF11giMSuPMZqW57FgsY=; b=JhfKOo/i4Fe29ouAHZzU4+psdXV+0xA48c4c0lvpjN5WMKYJJ1LcpUFH5mRwD/ZRvQ wvE6vzkVnOsGWq9JOsLOIXLLrFDFT3hkyQgl+JIlgo3AZNqeHOopkcKOVkJ5PnE6XuXf teiZd1ZKMEQ3XJoMu9QBD6j0jXIo2OsJ9S/MofgHPhH6/kuNOjumhQ5eDMh3feiGa96L DpyGP3sdFR2cNlxbUO/fNEt4GTJz5QU4HJw19lRM0hAH990jvl5YspsZW5KtAHdE14TG PjxBFZReLu0F+gs/kY0nBnlCLMiq6tu5jXp5k9TqI0+aDv6p7AEK5U1yK+PnF1IkFulQ ofTQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=Pip/ynndQDsKYwfFpC0FwgQbF11giMSuPMZqW57FgsY=; b=C1uTw/8FJUgEr3xp5xbi+pugCwWhOXqTVaidimx5rmPkDk7+puZZHrSdiX76nc/Rgb J/wYtWs7FQrvjLHxQAx6IP+Kux/Mef19IpRbD24ktcgXM/S9wTkNI3sIAUsezo07tIaT ftiaSfmNjihyY5hcnJNjl+gSOCuUZhv+iqHgiN2ob6dGg2clqC7FdstUEwN5v63JhkYm NzeHUeJ7nzM6aV54pvxQfc8lrH7APZzdkLm0YUXv5yHZjEvV204udJ2vkcQ7OCNy9tew GK/5W13aVUPiaCA79Q9oyqpfCl1rCnsLrHpUmWueu2DVg4c4pE8MssgYD5C5BBMwFE2O cM7Q== X-Gm-Message-State: AOAM5335kLDq+30JwUa55gJ3sj93K7CoYk0gTMfQNrlBT2icFACPMqUi NtTB6GCs57As+H5jpQdC7EP/vkemWlEgWA== X-Google-Smtp-Source: ABdhPJz2vAlFtIVwKW+yQfoJzKfPoR9YkgY+Wx8tpFHbshf2R4FZ/56EvcY6WDsY3muCdewvaf0v/g== X-Received: by 2002:a17:906:7c4:: with SMTP id m4mr16557083ejc.655.1643120089679; Tue, 25 Jan 2022 06:14:49 -0800 (PST) Received: from debianHome.localdomain (dynamic-077-010-144-044.77.10.pool.telefonica.de. [77.10.144.44]) by smtp.gmail.com with ESMTPSA id lu44sm6292929ejb.145.2022.01.25.06.14.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 06:14:48 -0800 (PST) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Ondrej Mosnacek , Xiong Zhenwu , Tyler Hicks , Serge Hallyn , Austin Kim , Yang Li , Lakshmi Ramasubramanian , Jeff Vander Stoep , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 2/9] selinux: declare path parameters of _genfs_sid const Date: Tue, 25 Jan 2022 15:14:12 +0100 Message-Id: <20220125141422.32655-1-cgzones@googlemail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org The path parameter is only read from in security_genfs_sid(), selinux_policy_genfs_sid() and __security_genfs_sid(). Since a string literal is passed as argument, declare the parameter const. Also align the parameter names in the declaration and definition. Reported by clang [-Wwrite-strings]: security/selinux/hooks.c:553:60: error: passing 'const char [2]' to parameter of type 'char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers] rc = security_genfs_sid(&selinux_state, sb->s_type->name, /, ^~~ ./security/selinux/include/security.h:389:36: note: passing argument to parameter 'name' here const char *fstype, char *name, u16 sclass, ^ Signed-off-by: Christian Göttsche --- security/selinux/include/security.h | 4 ++-- security/selinux/ss/services.c | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index ac0ece01305a..6482e0efb368 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -386,11 +386,11 @@ int security_get_allow_unknown(struct selinux_state *state); int security_fs_use(struct selinux_state *state, struct super_block *sb); int security_genfs_sid(struct selinux_state *state, - const char *fstype, char *name, u16 sclass, + const char *fstype, const char *path, u16 sclass, u32 *sid); int selinux_policy_genfs_sid(struct selinux_policy *policy, - const char *fstype, char *name, u16 sclass, + const char *fstype, const char *path, u16 sclass, u32 *sid); #ifdef CONFIG_NETLABEL diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 8e92af7dd284..5a7df45bdab1 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -2875,7 +2875,7 @@ int security_get_user_sids(struct selinux_state *state, */ static inline int __security_genfs_sid(struct selinux_policy *policy, const char *fstype, - char *path, + const char *path, u16 orig_sclass, u32 *sid) { @@ -2928,7 +2928,7 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, */ int security_genfs_sid(struct selinux_state *state, const char *fstype, - char *path, + const char *path, u16 orig_sclass, u32 *sid) { @@ -2952,7 +2952,7 @@ int security_genfs_sid(struct selinux_state *state, int selinux_policy_genfs_sid(struct selinux_policy *policy, const char *fstype, - char *path, + const char *path, u16 orig_sclass, u32 *sid) { From patchwork Tue Jan 25 14:14:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12723822 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8A580C433EF for ; Tue, 25 Jan 2022 14:17:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1386518AbiAYORF (ORCPT ); Tue, 25 Jan 2022 09:17:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33906 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1387944AbiAYOOx (ORCPT ); Tue, 25 Jan 2022 09:14:53 -0500 Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D83F2C06173B; Tue, 25 Jan 2022 06:14:52 -0800 (PST) Received: by mail-ed1-x534.google.com with SMTP id z22so62892277edd.12; Tue, 25 Jan 2022 06:14:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=NRMo8oBZ8+mVDMCIjAmqszLdgAaOe0du5QVx8CbR6LU=; b=Keg/CfUa7pgzGJokONpw5J5CoQdeJfQqPtdVD6pzALAt/5u/vrr/8n8G8ue+OvxStH x8obD8gvX1gNPUmXJ5C8lBmA05Px0E+0bak7zTXR1xCy30MR/t14N5WJaOSdD416v8Aq Tmwt6y0Orx8j4kkOIw2agGeErFRRPB3zTXEJSpNkaeTbmy70JrdSfGQ4ErcciKmP4WNN l3eS+LOGgfQtD/vA3IUTkX0BeDihIgKSxkIfZi4AcjOZtb8aQt/o48/zhlg4Y63aOYU+ 0sbBtjJVjUBzrIt7Jf/L9pUxZbtmPrwPnM4Iag8Bw9nLcmIanFTMsIqPfpx/cjoLtPUB q1/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=NRMo8oBZ8+mVDMCIjAmqszLdgAaOe0du5QVx8CbR6LU=; b=LqWeb7g7eK1gS2VFleRrNHKUZ4r8LSOIAUKroCRkau663+nVdjEP8BUDJKBalWX48w D4m/Mc91xJC1J43zF31cUxbqCbV/GXlm/EJ1zO+IVKhtUvF7KFjrQbkSMrKk+penYR/J +tKJ0OqPbaQsd26z+GfQU8tQbjbgeY3pbW4ORyuyf21BkINdCBDncm5GsFRSZbfKmOiK QOLOyQfq8TW6VQtujUy67ur7Ao8bSvZ1BwQkoaAgcYqN5L8LTB5iK2jgZFLK2fCHcMxK cg3rDS9rIqmQClsweMr60CRzoqDj6WMR6P5Sryd9J3Eo3kx3IIg9buly0gtWnGIy3DIh UPMA== X-Gm-Message-State: AOAM53320OoAY+JF87Jp5v1WXjaF/vIiSu9Kjn1EdjQ8PgDELxnDK2Py efzW2WZXuFAOeu2VjFmBJ/v0WzqGLvnj2A== X-Google-Smtp-Source: ABdhPJxzNTfugb/8TN28oCuJEKaHituBsPLKKjb+mWflGgyqXKjhjIHzmLU75UQmOIYSLm9pI2z8Fw== X-Received: by 2002:a05:6402:c8c:: with SMTP id cm12mr20320905edb.78.1643120091453; Tue, 25 Jan 2022 06:14:51 -0800 (PST) Received: from debianHome.localdomain (dynamic-077-010-144-044.77.10.pool.telefonica.de. [77.10.144.44]) by smtp.gmail.com with ESMTPSA id lu44sm6292929ejb.145.2022.01.25.06.14.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 06:14:51 -0800 (PST) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Jiapeng Chong , Xiu Jianfeng , Jeff Vander Stoep , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 3/9] selinux: declare name parameter of hash_eval const Date: Tue, 25 Jan 2022 15:14:13 +0100 Message-Id: <20220125141422.32655-2-cgzones@googlemail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220125141422.32655-1-cgzones@googlemail.com> References: <20220125141422.32655-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org String literals are passed as second argument to hash_eval(). Also the parameter is already declared const in the DEBUG_HASHES configuration. Reported by clang [-Wwrite-strings]: security/selinux/ss/policydb.c:1881:26: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] hash_eval(&p->range_tr, rangetr); ^~~~~~~~~ security/selinux/ss/policydb.c:707:55: note: passing argument to parameter 'hash_name' here static inline void hash_eval(struct hashtab *h, char *hash_name) ^ security/selinux/ss/policydb.c:2099:32: error: passing 'const char [11]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] hash_eval(&p->filename_trans, filenametr); ^~~~~~~~~~~~ security/selinux/ss/policydb.c:707:55: note: passing argument to parameter 'hash_name' here static inline void hash_eval(struct hashtab *h, char *hash_name) ^ Signed-off-by: Christian Göttsche --- security/selinux/ss/policydb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 0ae1b718194a..67e03f6e8966 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -704,7 +704,7 @@ static void symtab_hash_eval(struct symtab *s) } #else -static inline void hash_eval(struct hashtab *h, char *hash_name) +static inline void hash_eval(struct hashtab *h, const char *hash_name) { } #endif From patchwork Tue Jan 25 14:14:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12723847 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8646FC433F5 for ; Tue, 25 Jan 2022 14:19:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1578138AbiAYOSs (ORCPT ); Tue, 25 Jan 2022 09:18:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34388 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1387998AbiAYOO5 (ORCPT ); Tue, 25 Jan 2022 09:14:57 -0500 Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2BD9BC061744; Tue, 25 Jan 2022 06:14:56 -0800 (PST) Received: by mail-ed1-x533.google.com with SMTP id l5so46051922edv.3; Tue, 25 Jan 2022 06:14:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=k+CgfQJbyed6dtUDLhZo4uiteDWSo0FQKuqRzl0IeVw=; b=bYATyVvaBSeEE52mObJNrtCyRpMGqOMNkUxMHfHFsdMbJx+GFlcDZFawVTpRb2M6jd QqfkVSweYUIfdBzBjJ8nEemJGbV9to/5C0YnLh75J0TrV0ebCuo44+s9sg6gIEVmhDCA LNG5kq7ZMCCjeie8XRa0m4CTegkPxlw4sj7pe/XZbnV2/Hl+qsKTSwlzlJz7UnOL4VSE L/V4K5WqXQ4z/QUTmpOzSHauq6rS7JO+Btez9ZMmxTONP6XxEW864IixNECdXo9+BMwv VjB8IU/iZHiQkMYruhiU73gwKcryJb7It7J5ay/KEt+MNhu44YtTmXHgJI8EuxXzWkNZ H11w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=k+CgfQJbyed6dtUDLhZo4uiteDWSo0FQKuqRzl0IeVw=; b=gphnAPgL5r7OvJJkyp6+TxHrLruQUAc7gUiJpmsf8v3P9LGEd9+4X3Zrcephpx8f/T mSQQye4XQuItOMc7g5X2MvpZmV87fAa32J2ukqPAKQ5d5PUM6gT1PeP6n4sFYqfzkcy/ ZM4Zs2RHHUztbkBcJ+BhiptNkJPpxun8BCNFPbZgtYdSwUCCU8h72bl2+w7ty5W9TCI2 1Etj3nuAz5LC2TBcgrzG7sqtczSKJ7XQO6RfY0h7k4RWugn+zjY13y4Fw5VbRHX9ei8U TF0TZuQyZ5M/lpb6FIplEi3rUNizFkxRZ6PwfzJcbsumpdmGYqlzAamZYh8AACy7Tuc7 JEsg== X-Gm-Message-State: AOAM531LXTPMQYjVpiozgpsVcgRxIKXKHxVQKnC+gF5XBPPBJuPRLJ46 KgD2a2pTAzrdGIgn5d+IdT5EKyT2f6PQsw== X-Google-Smtp-Source: ABdhPJxR4z1J9aUIgzhuPP3EwJYNQiMKrZpekbZb9uwX2w62yIB0i7WedFAVwCDGuJXWuIi7OqrJsg== X-Received: by 2002:a17:907:9495:: with SMTP id dm21mr16065429ejc.467.1643120094730; Tue, 25 Jan 2022 06:14:54 -0800 (PST) Received: from debianHome.localdomain (dynamic-077-010-144-044.77.10.pool.telefonica.de. [77.10.144.44]) by smtp.gmail.com with ESMTPSA id lu44sm6292929ejb.145.2022.01.25.06.14.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 06:14:54 -0800 (PST) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Xiong Zhenwu , Tyler Hicks , Ondrej Mosnacek , Xiu Jianfeng , Jeff Vander Stoep , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 4/9] selinux: enclose macro arguments in parenthesis Date: Tue, 25 Jan 2022 15:14:14 +0100 Message-Id: <20220125141422.32655-3-cgzones@googlemail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220125141422.32655-1-cgzones@googlemail.com> References: <20220125141422.32655-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Enclose the macro arguments in parenthesis to avoid potential evaluation order issues. Note the xperm and ebitmap macros are still not side-effect safe due to double evaluation. Reported by clang-tidy [bugprone-macro-parentheses] Signed-off-by: Christian Göttsche Reviewed-by: Nick Desaulniers --- security/selinux/include/security.h | 4 ++-- security/selinux/ss/ebitmap.h | 6 +++--- security/selinux/ss/sidtab.c | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 6482e0efb368..d91a5672de99 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -254,8 +254,8 @@ struct av_decision { #define XPERMS_AUDITALLOW 2 #define XPERMS_DONTAUDIT 4 -#define security_xperm_set(perms, x) (perms[x >> 5] |= 1 << (x & 0x1f)) -#define security_xperm_test(perms, x) (1 & (perms[x >> 5] >> (x & 0x1f))) +#define security_xperm_set(perms, x) ((perms)[(x) >> 5] |= 1 << ((x) & 0x1f)) +#define security_xperm_test(perms, x) (1 & ((perms)[(x) >> 5] >> ((x) & 0x1f))) struct extended_perms_data { u32 p[8]; }; diff --git a/security/selinux/ss/ebitmap.h b/security/selinux/ss/ebitmap.h index 9eb2d0af2805..58eb822f11ee 100644 --- a/security/selinux/ss/ebitmap.h +++ b/security/selinux/ss/ebitmap.h @@ -118,9 +118,9 @@ static inline void ebitmap_node_clr_bit(struct ebitmap_node *n, } #define ebitmap_for_each_positive_bit(e, n, bit) \ - for (bit = ebitmap_start_positive(e, &n); \ - bit < ebitmap_length(e); \ - bit = ebitmap_next_positive(e, &n, bit)) \ + for ((bit) = ebitmap_start_positive(e, &(n)); \ + (bit) < ebitmap_length(e); \ + (bit) = ebitmap_next_positive(e, &(n), bit)) \ int ebitmap_cmp(struct ebitmap *e1, struct ebitmap *e2); int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src); diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c index 293ec048af08..a54b8652bfb5 100644 --- a/security/selinux/ss/sidtab.c +++ b/security/selinux/ss/sidtab.c @@ -27,8 +27,8 @@ struct sidtab_str_cache { char str[]; }; -#define index_to_sid(index) (index + SECINITSID_NUM + 1) -#define sid_to_index(sid) (sid - (SECINITSID_NUM + 1)) +#define index_to_sid(index) ((index) + SECINITSID_NUM + 1) +#define sid_to_index(sid) ((sid) - (SECINITSID_NUM + 1)) int sidtab_init(struct sidtab *s) { From patchwork Tue Jan 25 14:14:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12723848 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D02B9C433EF for ; Tue, 25 Jan 2022 14:19:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1578344AbiAYOSt (ORCPT ); Tue, 25 Jan 2022 09:18:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33960 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1578086AbiAYOO6 (ORCPT ); Tue, 25 Jan 2022 09:14:58 -0500 Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 26AE1C061753; Tue, 25 Jan 2022 06:14:58 -0800 (PST) Received: by mail-ed1-x52b.google.com with SMTP id n10so47531977edv.2; Tue, 25 Jan 2022 06:14:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=aiRyUdK+Th3jYryTsLsyc7X3KP1ePUO9wmCn+4PrUBo=; b=Z+8iOa0upC3i/zyphaOtyFRqvXOAh4xIReWOwanfDLcuBAi9U1bHB31LDIKeD9OPGu gq2oeKrW+7VQK8NmgvhpZuhu3XPitQYBpLWY4ibNBPlcaw6bK15M2x6buZZOEHDi0oUc 4ZV0//Q4kqfuFm5ZNq0f+FTRS4JsnPBjCCdrOpJ6GU3zL2FsD2fR0Yqgq2mAx3hnVPac tq4K8ItBgto3JVoG9jk6nnK8w6e1zRoNMC8k9l71Pe6BzcHwe3x0ftMQry6DVles3tzc YFdCl2ynVfEE/R+ZzlaMRgi3gZVBBXSmEKqYYZbtCXWlyFyxotNLpRhS6/PJIOjlNT8J t3qQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=aiRyUdK+Th3jYryTsLsyc7X3KP1ePUO9wmCn+4PrUBo=; b=cbCJNN4anKhJbdXwQMNZqPkZJ0aM71mXlwsWNf/35g3rreGbgGally4AjWHGaf9+w7 UkwErVuHjo9p7OLow1vsFT3yC0EGpVaa59RozHDDSNUlSSMORwF4x3hAkYhMmDHFIJvy 0SB3EmRrdr79yL5eMr3NYhcIS97bYfUDphYndodMKrELouj0VQg8Nnp1chHA8bSmXaR4 wgbSLpdsaI0McqlNwqhcOMO76aQYK43MqXg8nI0GZ8BhSIH0/7dJzU8vQZYUQ1WVse+w ZQXhXN3dwQxAcZAttG8KMXYWOzMV9PR0puDGe7y48r30nxY4N6CguZkvDUXbd/p5c868 HiNw== X-Gm-Message-State: AOAM530mvMQbt77htpE4PHjSqYzbl+r9Ww3xb1IElxZd2rzooQC3Wh9M cSvlEVmGlpfjn4qExcNr1Gf8pYeIKlnm2A== X-Google-Smtp-Source: ABdhPJzS+btJYf02Pr9DsYD4BhgRElcRbIqG+uBOD9x2GfMkuiaz6UX+pzcgEH7AEyad2bdXwMQO7A== X-Received: by 2002:a17:906:f85:: with SMTP id q5mr17103251ejj.232.1643120096662; Tue, 25 Jan 2022 06:14:56 -0800 (PST) Received: from debianHome.localdomain (dynamic-077-010-144-044.77.10.pool.telefonica.de. [77.10.144.44]) by smtp.gmail.com with ESMTPSA id lu44sm6292929ejb.145.2022.01.25.06.14.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 06:14:56 -0800 (PST) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Ondrej Mosnacek , =?utf-8?q?Micka=C3=ABl_Sala=C3=BCn?= , Serge Hallyn , Yang Li , Casey Schaufler , Lakshmi Ramasubramanian , Jeff Vander Stoep , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 5/9] selinux: drop cast to same type Date: Tue, 25 Jan 2022 15:14:15 +0100 Message-Id: <20220125141422.32655-4-cgzones@googlemail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220125141422.32655-1-cgzones@googlemail.com> References: <20220125141422.32655-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Both the lvalue scontextp and rvalue scontext are of the type char*. Drop the redundant explicit cast not needed since commit 9a59daa03df7 ("SELinux: fix sleeping allocation in security_context_to_sid"), where the type of scontext changed from const char* to char*. Signed-off-by: Christian Göttsche --- security/selinux/ss/services.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 5a7df45bdab1..2f8db93e53b2 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1452,7 +1452,7 @@ static int string_to_context_struct(struct policydb *pol, /* Parse the security context. */ rc = -EINVAL; - scontextp = (char *) scontext; + scontextp = scontext; /* Extract the user. */ p = scontextp; From patchwork Tue Jan 25 14:14:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12723850 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EA9C6C4332F for ; Tue, 25 Jan 2022 14:19:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1578350AbiAYOSv (ORCPT ); Tue, 25 Jan 2022 09:18:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34060 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1578153AbiAYOPA (ORCPT ); Tue, 25 Jan 2022 09:15:00 -0500 Received: from mail-ed1-x531.google.com (mail-ed1-x531.google.com [IPv6:2a00:1450:4864:20::531]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 067CCC06175A; Tue, 25 Jan 2022 06:15:00 -0800 (PST) Received: by mail-ed1-x531.google.com with SMTP id r10so32140653edt.1; Tue, 25 Jan 2022 06:14:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=dSHVxcncpgTGJZyBI5FvlHJ6cEG9uXtzEUOqQoM02ug=; b=PxsjEzW+UVDQD5fk/HYoaJgllSqCsZiWEeBROCkyrFIeQxjgXAJRnMvVk9PNmjM4Qv u8P4/4oJP3HZKVd9KOHEDnc0s+2+gC7pDR9VsRBpMl9ACdbSeFpzg0OKW+V/fNqRkL6l FPvoQmdo5KDTNT9Qcv1/Bk1MsSgjseHFX3ER6jes4lamNZmuHxFlOrcSkygSWoIUSpFD ZLxssmqT6mqFm1k4lvlGsS+hMmqsCb2DOyAsH6o2jk9YP4TSpRqp6unvLX3uhXCAH3oR 2KbiknUfeiQAOHbQ4oakh3U3DdaG74SkGYf83nmsfQC1xb46ltgxtXl6SqSJNStBb5Sp j/TA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=dSHVxcncpgTGJZyBI5FvlHJ6cEG9uXtzEUOqQoM02ug=; b=cXK3qSn/W7jVnJQ7VHauS+GToAoWCkF/ILHA84KkzW/CtNeX4wLrpqcun2mORCuCn+ ty5sMdByRHuneBfcLTUlMI9IM6ipgGpP+K9xQL65TQsh7UTrvAp/xd0KsRnqwjTpDy7Q qyCuaXWoqUuz5HbKC2o9l24Pj9ZIp1WPhLdMV3A/nDWjIIsaixjoFkdyUSHNKKFwif5m uE2zGJdgjVMH59WeZIGQo7dT2He0tcet6Hsp7jAwjMOK332sRwGYWI+qycu/ZqLj1o03 t+BCiM1SkgWzZKy88QVjg4ecgU58pYrfRmXJmi7Igk3ZYgmuY7gAdngVUdDMrasB2F9b d6qg== X-Gm-Message-State: AOAM533fPLayuRBz1NPJfZx+TTqJsgZCj4eaJ0QxchADsGBHgZrwrEw/ j4vCAFAZ4/2iPAG875Pz2GI8qZqJN32Ejw== X-Google-Smtp-Source: ABdhPJw3men/JcrtLRJpXMAI+7sycqVlmWUv4r7PVbiDGE4fcJ2pQpmSwQJ7/V0Y26cltczEp6Fy3Q== X-Received: by 2002:a17:906:9501:: with SMTP id u1mr15654364ejx.511.1643120098486; Tue, 25 Jan 2022 06:14:58 -0800 (PST) Received: from debianHome.localdomain (dynamic-077-010-144-044.77.10.pool.telefonica.de. [77.10.144.44]) by smtp.gmail.com with ESMTPSA id lu44sm6292929ejb.145.2022.01.25.06.14.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 06:14:58 -0800 (PST) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Ondrej Mosnacek , Jeff Vander Stoep , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 6/9] selinux: drop unused parameter of avtab_insert_node Date: Tue, 25 Jan 2022 15:14:16 +0100 Message-Id: <20220125141422.32655-5-cgzones@googlemail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220125141422.32655-1-cgzones@googlemail.com> References: <20220125141422.32655-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org The parameter cur is not used in avtab_insert_node(). Reported by clang [-Wunused-parameter] Signed-off-by: Christian Göttsche --- security/selinux/ss/avtab.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index c97695ae508f..cfdae20792e1 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -67,7 +67,7 @@ static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) static struct avtab_node* avtab_insert_node(struct avtab *h, int hvalue, - struct avtab_node *prev, struct avtab_node *cur, + struct avtab_node *prev, const struct avtab_key *key, const struct avtab_datum *datum) { struct avtab_node *newnode; @@ -137,7 +137,7 @@ static int avtab_insert(struct avtab *h, const struct avtab_key *key, break; } - newnode = avtab_insert_node(h, hvalue, prev, cur, key, datum); + newnode = avtab_insert_node(h, hvalue, prev, key, datum); if (!newnode) return -ENOMEM; @@ -177,7 +177,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, key->target_class < cur->key.target_class) break; } - return avtab_insert_node(h, hvalue, prev, cur, key, datum); + return avtab_insert_node(h, hvalue, prev, key, datum); } struct avtab_datum *avtab_search(struct avtab *h, const struct avtab_key *key) From patchwork Tue Jan 25 14:14:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12723823 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 21FC5C433F5 for ; Tue, 25 Jan 2022 14:17:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1444474AbiAYORM (ORCPT ); Tue, 25 Jan 2022 09:17:12 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34414 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1578154AbiAYOPB (ORCPT ); Tue, 25 Jan 2022 09:15:01 -0500 Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 041D3C06175B; Tue, 25 Jan 2022 06:15:01 -0800 (PST) Received: by mail-ed1-x536.google.com with SMTP id n10so47532544edv.2; Tue, 25 Jan 2022 06:15:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=s0qfbDNJzKPba0DhXnUemGGVEXLf9/4C8NsMtd615sM=; b=jK5IrrVPlyG0wXI7OOjPs/2Yvc2N9yPtJs/Q4+Tt6MtETCsPvR3W7UUpqGHjB/HqYU JN+bFWu6P4SRwCcm0DoquiiZj5wgsQoZCGXo9qkTW28LEICFTZ8B3OD3hQtfz8xrn7T/ J/zkxOOrVn05EfA3DSScssCal4uaOXHKC559mmurk5XRikQB3u+V/TFFQb5DcvLoqgtg q3Dn+TBZ+3rWaVk/CgS2moTrLj35KwTlV7H6xpxHzFHG8JgcRro1djS493tY4k9A73qO /leSfbIIyk/7OwxJbIUKK2US+4LUoE379KbsrQopjJFw+G8mwqqd2LoPH3rIJKr5jQR1 xTcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=s0qfbDNJzKPba0DhXnUemGGVEXLf9/4C8NsMtd615sM=; b=EvB1XzVNqIzHCGQapdxGlBDfYaBD0MTIRIlw6zqaHZqt3HJCYbmCwwZ5mI5k1lbpF3 nPtIejL8KczStHs80Yn8Wo//BHTOkYXx+2vV+77JPHYXoY8NzzH+J8EJvnTHSHZArUPL aHdAXVhSudsfWS6CBz4w9aHA4fLGsgMI0yyywvYS/jomHn19ahAShi4XiKKIr+P+uBxJ PTdm5D0faE686BgjBSE15OIbCXTIwjRtKa1VkmnM/JSGZ2SRMzVt1UgDyD+2du9wB9B5 a6hByWydcC/O5MjPoDq9FAaZWwJajEoJLt4GMZnwA4XppSFoQXrmP9izpdgUZXgtEX+p WeJQ== X-Gm-Message-State: AOAM532omobyoU2gz+IULHV2QmBFTYWG1828Idoqqs1XohP5J9OaL7Jj iRkMmyBLo1gCO20LUNhn0B/ZsraA113TIg== X-Google-Smtp-Source: ABdhPJxODM4AMfMAR8MyMqMnECc4W2O1RzYZCge/y5M0rGpgtJA0z9t5Ye6wRrmObT8KwCd4BKrbcw== X-Received: by 2002:a17:907:7210:: with SMTP id dr16mr5256193ejc.470.1643120099557; Tue, 25 Jan 2022 06:14:59 -0800 (PST) Received: from debianHome.localdomain (dynamic-077-010-144-044.77.10.pool.telefonica.de. [77.10.144.44]) by smtp.gmail.com with ESMTPSA id lu44sm6292929ejb.145.2022.01.25.06.14.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 06:14:59 -0800 (PST) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Jeff Vander Stoep , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 7/9] selinux: do not discard const qualifier in cast Date: Tue, 25 Jan 2022 15:14:17 +0100 Message-Id: <20220125141422.32655-6-cgzones@googlemail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220125141422.32655-1-cgzones@googlemail.com> References: <20220125141422.32655-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Do not discard the const qualifier on the cast from const void* to __be32*; the addressed value is not modified. Reported by clang [-Wcast-qual] Signed-off-by: Christian Göttsche --- security/selinux/netnode.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c index 4a7d2ab5b960..889552db0d31 100644 --- a/security/selinux/netnode.c +++ b/security/selinux/netnode.c @@ -107,7 +107,7 @@ static struct sel_netnode *sel_netnode_find(const void *addr, u16 family) switch (family) { case PF_INET: - idx = sel_netnode_hashfn_ipv4(*(__be32 *)addr); + idx = sel_netnode_hashfn_ipv4(*(const __be32 *)addr); break; case PF_INET6: idx = sel_netnode_hashfn_ipv6(addr); @@ -121,7 +121,7 @@ static struct sel_netnode *sel_netnode_find(const void *addr, u16 family) if (node->nsec.family == family) switch (family) { case PF_INET: - if (node->nsec.addr.ipv4 == *(__be32 *)addr) + if (node->nsec.addr.ipv4 == *(const __be32 *)addr) return node; break; case PF_INET6: From patchwork Tue Jan 25 14:14:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12723824 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B8A2C433EF for ; Tue, 25 Jan 2022 14:17:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1578225AbiAYORQ (ORCPT ); Tue, 25 Jan 2022 09:17:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34420 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1578044AbiAYOPF (ORCPT ); Tue, 25 Jan 2022 09:15:05 -0500 Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 32B79C06176C; Tue, 25 Jan 2022 06:15:02 -0800 (PST) Received: by mail-ed1-x52e.google.com with SMTP id w14so10204405edd.10; Tue, 25 Jan 2022 06:15:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=HkTnPkoYmXA4o33CQwaR2cCpMRcwMTvIA7CjbMtp4X8=; b=liF2Wp/McWZoP3ZShQIpjE5/sIhYMf0uJeg2L1aXhh63bJ3jbC0XABp7fLmb964SK5 lOiJ5X1uXDw3TUO6bDVMIX5MriYFB7YATZZ0tLSPHNXGMJC6bZS9EL4rDa02swbuNdbo DmtoCsEf7K4cjP7y0huxJiA+KfUK4bdTQ42UQKRSLvYFTHN7qR9kSvroeia+Gghe029G ADJCK7nnTtoQFSrVi9QgAASkkemGFfMsogUpqQwAVZEGGdcklOk0W/zc6f/faEVkqC+E genNkQFFKgee8LsMbJycfmPud9Fbky6fk9QADDsjxChs8Na03s4X3XpKwPreRfDEjpF6 h2mQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=HkTnPkoYmXA4o33CQwaR2cCpMRcwMTvIA7CjbMtp4X8=; b=qnGzK6j0EOEdz+7N2c4waFwzcDIrMbkF25M4Vmz8+9pe9bOjTVhrHdEa8OCILJ22JH OmnwpjgQ+mU1SXwip/vuKYV5+cgTqs1nShCrrLSNk4UsGNjU/aqpXAWJbwJ8VkaOJa8L y7475F8riCDOmTdNO6FIjAyiLlI0WQY38DKMOYqvI2Wi6+tWUAoU0xLT9ad1Ys92Wohk lzlg63XoPR06nqp4QNdzpO1flo6b11VLpGzuLbEwyBUQq8AGZmO47q0myuddJ+nYuxw9 aUzHYyHue6fhpKgav2d82KHCXWZWVamt1J2XLzRmOQmbwe3boUk4c5+jk4Pv2kjzPDfv BKLQ== X-Gm-Message-State: AOAM530+Da83xYStTBMq713CwiQuJleZf66OqiUPc5Tqvbp9YHuBTxaz a2fEmNQXxo/5WPMxOYh31B5Y7o+pegv+GQ== X-Google-Smtp-Source: ABdhPJyZ2SzgnylMxkUA8QHSS1c2l+JvdVmhWnUm2eTZkU0KnPQrcjvBrAUgZQADq3t2jU5m3VkPew== X-Received: by 2002:a05:6402:4401:: with SMTP id y1mr5126326eda.215.1643120100734; Tue, 25 Jan 2022 06:15:00 -0800 (PST) Received: from debianHome.localdomain (dynamic-077-010-144-044.77.10.pool.telefonica.de. [77.10.144.44]) by smtp.gmail.com with ESMTPSA id lu44sm6292929ejb.145.2022.01.25.06.14.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 06:15:00 -0800 (PST) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Jeff Vander Stoep , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 8/9] selinux: simplify cred_init_security Date: Tue, 25 Jan 2022 15:14:18 +0100 Message-Id: <20220125141422.32655-7-cgzones@googlemail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220125141422.32655-1-cgzones@googlemail.com> References: <20220125141422.32655-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org The parameter of selinux_cred() is declared const, so an explicit cast dropping the const qualifier is not necessary. Without the cast the local variable cred serves no purpose. Reported by clang [-Wcast-qual] Signed-off-by: Christian Göttsche --- security/selinux/hooks.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 5b6895e4fc29..a840c8c1ec35 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -211,10 +211,9 @@ static int selinux_lsm_notifier_avc_callback(u32 event) */ static void cred_init_security(void) { - struct cred *cred = (struct cred *) current->real_cred; struct task_security_struct *tsec; - tsec = selinux_cred(cred); + tsec = selinux_cred(current->real_cred); tsec->osid = tsec->sid = SECINITSID_KERNEL; } From patchwork Tue Jan 25 14:14:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12723825 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0D015C433F5 for ; Tue, 25 Jan 2022 14:17:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1578228AbiAYORY (ORCPT ); Tue, 25 Jan 2022 09:17:24 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34428 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1387141AbiAYOPF (ORCPT ); Tue, 25 Jan 2022 09:15:05 -0500 Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1ACC7C06176D; Tue, 25 Jan 2022 06:15:04 -0800 (PST) Received: by mail-ed1-x52d.google.com with SMTP id c24so60972409edy.4; Tue, 25 Jan 2022 06:15:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=H9/P79kiby3ifcGF4ip7/7rtet6erkFjsvjE42zBKRU=; b=g0ZB4NrYFVrd/WYH7ctuevAirrvpwDP6WewyqP8iLA5TJZ9S32T7sJEVeC1/2V/0vm ZXp6ee9KLS6q5LnOkK6DBhFx+CkeABY+t3sR9oTFcpGFD2vxqMJ/rSGJk4YHIhby5yWs +z93ue/wXHT11wg9ngrDU4xe5EMEynkRR3YECFkG5vQPnhdLVET9YL3Xblt8E+Y+Rsl9 J9k8ZyfhARU3vnoqXl4f27OOmRiQswqZOLIC0fem2Lw2lIh3kgmwgV0k/o/YfDZ8327a tvoQLu7L4tMUeTlTVWGkBe4NxIj7TCWkkU2LUS0L7rMyHwCdtMjS2w9ABY4AWqf7HUOx iZZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=H9/P79kiby3ifcGF4ip7/7rtet6erkFjsvjE42zBKRU=; b=zOAPFuMEbf265N9Y+IE1s+OL+wSu1669bQ1IfOSWErQveUA+k9rCVCL9gJzslgijGw 7FAytQmNkxcNNm4XAUxDsdK9z0kUvKiBkU9Ac5hHrBLftYheWS1K4E15436beII76QJx 12g+uSltIlzXjjX0hzUsEOjqAaFtswEz/rjd+yHadipZW0ZRLDp1d6+3Izj2uDZnW+vg oxVZEBvK6Xur/2ukiWO4bzwfXKAb8q4cbHCWWSgDQuCwctOKHQi7gqd/oBekbpPnvoiq 3nbKE30+/jWVrZ+EOfrvxBQX6rpeIOe/EqRPcfotkoTqTlW28mcokiSi5DOu81ZrZVXN RbKw== X-Gm-Message-State: AOAM532VVXLSiIs8S6qnRM+Ns/7Ol5vDe6gLybWnbR1rlPMejKmrkRVz FhFuRFbi8bXM8QNiDIH6OJzsJiBqnm5UYg== X-Google-Smtp-Source: ABdhPJw63jKmaufKwl+6xsqdHxA1qMi+zig//jba8c/9KgLYXmArZdqp6VLdgUybsiJ4IxiYK6ceMg== X-Received: by 2002:a17:906:7953:: with SMTP id l19mr16763178ejo.36.1643120102557; Tue, 25 Jan 2022 06:15:02 -0800 (PST) Received: from debianHome.localdomain (dynamic-077-010-144-044.77.10.pool.telefonica.de. [77.10.144.44]) by smtp.gmail.com with ESMTPSA id lu44sm6292929ejb.145.2022.01.25.06.15.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jan 2022 06:15:02 -0800 (PST) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Jiapeng Chong , Xiu Jianfeng , Jeff Vander Stoep , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Subject: [PATCH 9/9] selinux: drop unused macro Date: Tue, 25 Jan 2022 15:14:19 +0100 Message-Id: <20220125141422.32655-8-cgzones@googlemail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220125141422.32655-1-cgzones@googlemail.com> References: <20220125141422.32655-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org The macro _DEBUG_HASHES is nowhere used. The configuration DEBUG_HASHES enables debugging of the SELinux hash tables, but the with an underscore prefixed macro definition has no direct impact or any documentation. Reported by clang [-Wunused-macros] Signed-off-by: Christian Göttsche Reviewed-by: Nick Desaulniers --- security/selinux/ss/policydb.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 67e03f6e8966..d036e1238e77 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -41,8 +41,6 @@ #include "mls.h" #include "services.h" -#define _DEBUG_HASHES - #ifdef DEBUG_HASHES static const char *symtab_name[SYM_NUM] = { "common prefixes",