From patchwork Fri Jul 28 15:55:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13332095 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AB50AC41513 for ; Fri, 28 Jul 2023 15:55:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236619AbjG1Pzj (ORCPT ); Fri, 28 Jul 2023 11:55:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43068 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236571AbjG1Pzb (ORCPT ); Fri, 28 Jul 2023 11:55:31 -0400 Received: from mail-ej1-x62a.google.com (mail-ej1-x62a.google.com [IPv6:2a00:1450:4864:20::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 07D6E4234; Fri, 28 Jul 2023 08:55:23 -0700 (PDT) Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-99b9161b94aso323167466b.1; Fri, 28 Jul 2023 08:55:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559721; x=1691164521; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=oM73crZF1OwWubA/9TVH96k0bOHmyZqLxxUUVrKWtrg=; b=Kxm0yG8GrQIAOwdCghPWFu9NE7HCyOp2/7S3KYraAgWsVamTJTs8yrb6UmSC4Y+3eL QciifPH+BKENmagZUkl8AJSqhlGp9C+Ub2xjyP+0BywPWPFD8c3rJFvzsdQK82DeIvVf lyZjgZqTEYlrhtdXdEIV7HiXZBFnH6cId6EBCmgxqPupNt7SJ4ADRX13UAKyrwijDtc6 8p8ecUECJOlnbnLTog1hXCH2gAN4wGNx554OsvbmOyaFRZAi6pR+mtUeT4TqK7nYctFS dBQDaWQ6IqpLMExlWDZqsaQ1VeSHhZSB3o2VmnIyA/DFPaaDQUPQBjSiGUWnHN4LV1l5 M3YA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559721; x=1691164521; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=oM73crZF1OwWubA/9TVH96k0bOHmyZqLxxUUVrKWtrg=; b=PDnAaynW8c/PStL4trfXb3DFizvEgGSKkLyUHuojAtTePuQ1ysfph4qe2mRYPgzFlI ase6Cd4BZ2X7KU80fYGk3S2aTNTGC2u7dHqwWpfO7iqrzf/iTIYrj90ML8+4CN8hIXOE /TlOHBk97gQZEBHgeXBDWOCj3RB4ibtlfJ95b7W3CqU9x9R3sSIKF0hhYPoV/gy2jp1E As40Oql53RO+I3LPj0dM0+0q7AfNsifojbsCdUeFJnw17Cyc1+cnMd+ll77+2Btw7nYr YwhkMqWKLGayKX1DmbV41xDoJv0l/vr/Q73/WKkhaOISf9P/Xn8/hLLTZAwPLb6dDFh7 q07Q== X-Gm-Message-State: ABy/qLY28UdnqOdA8HPOblkS4bPOO94ER+G0IMbF32n3Zza/ibPsmG/u 0EGJUnkwAHmWxh/+UHKMvitgcq0xKHsBh+Cg X-Google-Smtp-Source: APBJJlESa5evvEJRFFeV2ks7O4w0ExpJTYfJxKKyTDsNwdPrFIOUeCQ4bhmSB8WPLtir7HHwcWmecA== X-Received: by 2002:a17:906:30c2:b0:982:ab8d:1e08 with SMTP id b2-20020a17090630c200b00982ab8d1e08mr2809259ejb.59.1690559721187; Fri, 28 Jul 2023 08:55:21 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:20 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 1/9] selinux: avoid implicit conversions in avtab code Date: Fri, 28 Jul 2023 17:55:00 +0200 Message-Id: <20230728155501.39632-9-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Return u32 from avtab_hash() instead of int, since the hashing is done on u32 and the result is used as an index on the hash array. Use the type of the limit in for loops. Avoid signed to unsigned conversion of multiplication result in avtab_hash_eval(). Use unsigned loop iterator for index operations, to avoid sign extension. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/ss/avtab.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 32f92da00b0e..8a508018e696 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -29,7 +29,7 @@ static struct kmem_cache *avtab_xperms_cachep __ro_after_init; /* Based on MurmurHash3, written by Austin Appleby and placed in the * public domain. */ -static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) +static inline u32 avtab_hash(const struct avtab_key *keyp, u32 mask) { static const u32 c1 = 0xcc9e2d51; static const u32 c2 = 0x1b873593; @@ -66,7 +66,7 @@ static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) } static struct avtab_node* -avtab_insert_node(struct avtab *h, int hvalue, +avtab_insert_node(struct avtab *h, u32 hvalue, struct avtab_node *prev, const struct avtab_key *key, const struct avtab_datum *datum) { @@ -106,7 +106,7 @@ avtab_insert_node(struct avtab *h, int hvalue, static int avtab_insert(struct avtab *h, const struct avtab_key *key, const struct avtab_datum *datum) { - int hvalue; + u32 hvalue; struct avtab_node *prev, *cur, *newnode; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -152,7 +152,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, const struct avtab_key *key, const struct avtab_datum *datum) { - int hvalue; + u32 hvalue; struct avtab_node *prev, *cur; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -186,7 +186,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, struct avtab_node *avtab_search_node(struct avtab *h, const struct avtab_key *key) { - int hvalue; + u32 hvalue; struct avtab_node *cur; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -246,7 +246,7 @@ avtab_search_node_next(struct avtab_node *node, u16 specified) void avtab_destroy(struct avtab *h) { - int i; + u32 i; struct avtab_node *cur, *temp; if (!h) @@ -324,7 +324,8 @@ int avtab_alloc_dup(struct avtab *new, const struct avtab *orig) void avtab_hash_eval(struct avtab *h, const char *tag) { - int i, chain_len, slots_used, max_chain_len; + u32 i; + unsigned int chain_len, slots_used, max_chain_len; unsigned long long chain2_len_sum; struct avtab_node *cur; @@ -372,13 +373,13 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol, { __le16 buf16[4]; u16 enabled; - u32 items, items2, val, vers = pol->policyvers; + u32 items, items2, val, i; struct avtab_key key; struct avtab_datum datum; struct avtab_extended_perms xperms; __le32 buf32[ARRAY_SIZE(xperms.perms.p)]; - int i, rc; - unsigned set; + int rc; + unsigned int set, vers = pol->policyvers; memset(&key, 0, sizeof(struct avtab_key)); memset(&datum, 0, sizeof(struct avtab_datum)); @@ -614,7 +615,7 @@ int avtab_write_item(struct policydb *p, const struct avtab_node *cur, void *fp) int avtab_write(struct policydb *p, struct avtab *a, void *fp) { - unsigned int i; + u32 i; int rc = 0; struct avtab_node *cur; __le32 buf[1]; From patchwork Fri Jul 28 15:54:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13332088 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AB90EC001DE for ; Fri, 28 Jul 2023 15:55:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235765AbjG1Pze (ORCPT ); Fri, 28 Jul 2023 11:55:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42990 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236777AbjG1Pz2 (ORCPT ); Fri, 28 Jul 2023 11:55:28 -0400 Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9BCBB448E; Fri, 28 Jul 2023 08:55:11 -0700 (PDT) Received: by mail-ej1-x62e.google.com with SMTP id a640c23a62f3a-99b9161b94aso323144966b.1; Fri, 28 Jul 2023 08:55:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559710; x=1691164510; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=ZU6NqYmf75Sa1ZICmlv0pPjToOhjN4w32UwWXbMha+w=; b=XyIzLnHZZ0z0nFrbb208piVfGJhxlXNzbRzbdgVXvwjoHky49mFZVlWqz5kCH9WDI2 IAHeRtVgTir7nHClp+sKIxIbX3UwAThMXYXFjDOvkWxywXa/m/qtndcr04MtKx/VHlT7 9RaPl0cDb8p5VOJeW/lVFy2utSXX7ufGNH/i3Yt9jxsJxwR33Wwao3t0CAVBaAVS/o+9 n8ikmOYn9ba/XrXsj3ULaHhwT0V7iVTecUkuYVqUozO6YlysPAqCu1DUSFFcwRg8wqHy /9ZGrJ6gc8n1iz4IKf6Ug/Vwjw0amaRV3+0iZvhhPquETT+escBD72TM7OubwCKQcOWf Jojw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559710; x=1691164510; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZU6NqYmf75Sa1ZICmlv0pPjToOhjN4w32UwWXbMha+w=; b=ICNKz96/gOwoybfCN/079S8MOjRCIEOfypN1QXQDCefLAl0iObRAjBSU7vWC7NqQel D3eO0bQkiFdUbTwKUmEx57VZnnWc9PhUS9HtkDmfWsG93vGEP293l+h4BGcOWha1MQCx Ea6CRLDgua9+WMi9Ref8JzvGFflQ5AU3xQRt3w+H2G1BnisMdZYEYrwu8CvQmmW0u8xh 989CdX0282vpik+cXeJW/USwCjdciuRrSnFSUxgrp+iA08e1Nh1cnSDa08mDziiWfVSn 1kHp/a+Oda2DiELa80zbaGmODbByaL0Z8QVFQW/KrGcIbZJauwdzSvsbM3ej9zzcIs6g ilEg== X-Gm-Message-State: ABy/qLbgI5k2h/AdI4PLkDlwJlIzUDK7GKqqeXtASjOLvMh75R4e5i+G mMyyo5aX+t6fgpcn/WlJbV62mrJeH8247eYj X-Google-Smtp-Source: APBJJlGSwSAqGlB8bH+TmSJ8To6LJJuqZtKol4H7/VLn19ZerBB4AuS4D2FjJmjCowitON/ZUqzE9g== X-Received: by 2002:a17:907:2cc8:b0:989:450:e56a with SMTP id hg8-20020a1709072cc800b009890450e56amr2869347ejc.76.1690559709787; Fri, 28 Jul 2023 08:55:09 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:09 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 2/9] selinux: use u32 as bit type in ebitmap code Date: Fri, 28 Jul 2023 17:54:52 +0200 Message-Id: <20230728155501.39632-1-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org The extensible bitmap supports bit positions up to U32_MAX due to the type of the member highbit being u32. Use u32 consistently as the type for bit positions to announce to callers what range of values is supported. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/ss/ebitmap.c | 32 ++++++++++++++++---------------- security/selinux/ss/ebitmap.h | 32 ++++++++++++++++---------------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c index 77875ad355f7..6ab2baf4cfb5 100644 --- a/security/selinux/ss/ebitmap.c +++ b/security/selinux/ss/ebitmap.c @@ -24,7 +24,7 @@ #include "ebitmap.h" #include "policydb.h" -#define BITS_PER_U64 (sizeof(u64) * 8) +#define BITS_PER_U64 ((u32)(sizeof(u64) * 8)) static struct kmem_cache *ebitmap_node_cachep __ro_after_init; @@ -82,7 +82,8 @@ int ebitmap_cpy(struct ebitmap *dst, const struct ebitmap *src) int ebitmap_and(struct ebitmap *dst, const struct ebitmap *e1, const struct ebitmap *e2) { struct ebitmap_node *n; - int bit, rc; + u32 bit; + int rc; ebitmap_init(dst); @@ -113,8 +114,7 @@ int ebitmap_netlbl_export(struct ebitmap *ebmap, { struct ebitmap_node *e_iter = ebmap->node; unsigned long e_map; - u32 offset; - unsigned int iter; + u32 offset, iter; int rc; if (e_iter == NULL) { @@ -259,7 +259,7 @@ int ebitmap_contains(const struct ebitmap *e1, const struct ebitmap *e2, u32 las return 1; } -int ebitmap_get_bit(const struct ebitmap *e, unsigned long bit) +int ebitmap_get_bit(const struct ebitmap *e, u32 bit) { const struct ebitmap_node *n; @@ -276,7 +276,7 @@ int ebitmap_get_bit(const struct ebitmap *e, unsigned long bit) return 0; } -int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value) +int ebitmap_set_bit(struct ebitmap *e, u32 bit, int value) { struct ebitmap_node *n, *prev, *new; @@ -287,7 +287,7 @@ int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value) if (value) { ebitmap_node_set_bit(n, bit); } else { - unsigned int s; + u32 s; ebitmap_node_clr_bit(n, bit); @@ -365,12 +365,12 @@ void ebitmap_destroy(struct ebitmap *e) int ebitmap_read(struct ebitmap *e, void *fp) { struct ebitmap_node *n = NULL; - u32 mapunit, count, startbit, index; + u32 mapunit, count, startbit, index, i; __le32 ebitmap_start; u64 map; __le64 mapbits; __le32 buf[3]; - int rc, i; + int rc; ebitmap_init(e); @@ -384,7 +384,7 @@ int ebitmap_read(struct ebitmap *e, void *fp) if (mapunit != BITS_PER_U64) { pr_err("SELinux: ebitmap: map size %u does not " - "match my size %zd (high bit was %d)\n", + "match my size %d (high bit was %d)\n", mapunit, BITS_PER_U64, e->highbit); goto bad; } @@ -471,18 +471,18 @@ int ebitmap_read(struct ebitmap *e, void *fp) int ebitmap_write(const struct ebitmap *e, void *fp) { struct ebitmap_node *n; - u32 count; + u32 bit, count, last_bit, last_startbit; __le32 buf[3]; u64 map; - int bit, last_bit, last_startbit, rc; + int rc; buf[0] = cpu_to_le32(BITS_PER_U64); count = 0; last_bit = 0; - last_startbit = -1; + last_startbit = (u32)-1; ebitmap_for_each_positive_bit(e, n, bit) { - if (rounddown(bit, (int)BITS_PER_U64) > last_startbit) { + if (last_startbit == (u32)-1 || rounddown(bit, BITS_PER_U64) > last_startbit) { count++; last_startbit = rounddown(bit, BITS_PER_U64); } @@ -496,9 +496,9 @@ int ebitmap_write(const struct ebitmap *e, void *fp) return rc; map = 0; - last_startbit = INT_MIN; + last_startbit = (u32)-1; ebitmap_for_each_positive_bit(e, n, bit) { - if (rounddown(bit, (int)BITS_PER_U64) > last_startbit) { + if (last_startbit == (u32)-1 || rounddown(bit, BITS_PER_U64) > last_startbit) { __le64 buf64[1]; /* this is the very first bit */ diff --git a/security/selinux/ss/ebitmap.h b/security/selinux/ss/ebitmap.h index e3c807cfad90..43c32077d483 100644 --- a/security/selinux/ss/ebitmap.h +++ b/security/selinux/ss/ebitmap.h @@ -44,10 +44,10 @@ struct ebitmap { #define ebitmap_length(e) ((e)->highbit) -static inline unsigned int ebitmap_start_positive(const struct ebitmap *e, +static inline u32 ebitmap_start_positive(const struct ebitmap *e, struct ebitmap_node **n) { - unsigned int ofs; + u32 ofs; for (*n = e->node; *n; *n = (*n)->next) { ofs = find_first_bit((*n)->maps, EBITMAP_SIZE); @@ -62,11 +62,11 @@ static inline void ebitmap_init(struct ebitmap *e) memset(e, 0, sizeof(*e)); } -static inline unsigned int ebitmap_next_positive(const struct ebitmap *e, +static inline u32 ebitmap_next_positive(const struct ebitmap *e, struct ebitmap_node **n, - unsigned int bit) + u32 bit) { - unsigned int ofs; + u32 ofs; ofs = find_next_bit((*n)->maps, EBITMAP_SIZE, bit - (*n)->startbit + 1); if (ofs < EBITMAP_SIZE) @@ -86,10 +86,10 @@ static inline unsigned int ebitmap_next_positive(const struct ebitmap *e, (((bit) - (node)->startbit) % EBITMAP_UNIT_SIZE) static inline int ebitmap_node_get_bit(const struct ebitmap_node *n, - unsigned int bit) + u32 bit) { - unsigned int index = EBITMAP_NODE_INDEX(n, bit); - unsigned int ofs = EBITMAP_NODE_OFFSET(n, bit); + u32 index = EBITMAP_NODE_INDEX(n, bit); + u32 ofs = EBITMAP_NODE_OFFSET(n, bit); BUG_ON(index >= EBITMAP_UNIT_NUMS); if ((n->maps[index] & (EBITMAP_BIT << ofs))) @@ -98,20 +98,20 @@ static inline int ebitmap_node_get_bit(const struct ebitmap_node *n, } static inline void ebitmap_node_set_bit(struct ebitmap_node *n, - unsigned int bit) + u32 bit) { - unsigned int index = EBITMAP_NODE_INDEX(n, bit); - unsigned int ofs = EBITMAP_NODE_OFFSET(n, bit); + u32 index = EBITMAP_NODE_INDEX(n, bit); + u32 ofs = EBITMAP_NODE_OFFSET(n, bit); BUG_ON(index >= EBITMAP_UNIT_NUMS); n->maps[index] |= (EBITMAP_BIT << ofs); } static inline void ebitmap_node_clr_bit(struct ebitmap_node *n, - unsigned int bit) + u32 bit) { - unsigned int index = EBITMAP_NODE_INDEX(n, bit); - unsigned int ofs = EBITMAP_NODE_OFFSET(n, bit); + u32 index = EBITMAP_NODE_INDEX(n, bit); + u32 ofs = EBITMAP_NODE_OFFSET(n, bit); BUG_ON(index >= EBITMAP_UNIT_NUMS); n->maps[index] &= ~(EBITMAP_BIT << ofs); @@ -126,8 +126,8 @@ int ebitmap_cmp(const struct ebitmap *e1, const struct ebitmap *e2); int ebitmap_cpy(struct ebitmap *dst, const struct ebitmap *src); int ebitmap_and(struct ebitmap *dst, const struct ebitmap *e1, const struct ebitmap *e2); int ebitmap_contains(const struct ebitmap *e1, const struct ebitmap *e2, u32 last_e2bit); -int ebitmap_get_bit(const struct ebitmap *e, unsigned long bit); -int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value); +int ebitmap_get_bit(const struct ebitmap *e, u32 bit); +int ebitmap_set_bit(struct ebitmap *e, u32 bit, int value); void ebitmap_destroy(struct ebitmap *e); int ebitmap_read(struct ebitmap *e, void *fp); int ebitmap_write(const struct ebitmap *e, void *fp); From patchwork Fri Jul 28 15:54:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13332090 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 92207C04A6A for ; Fri, 28 Jul 2023 15:55:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236409AbjG1Pzf (ORCPT ); Fri, 28 Jul 2023 11:55:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42988 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236705AbjG1Pz2 (ORCPT ); Fri, 28 Jul 2023 11:55:28 -0400 Received: from mail-ej1-x62c.google.com (mail-ej1-x62c.google.com [IPv6:2a00:1450:4864:20::62c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0DD10449F; Fri, 28 Jul 2023 08:55:13 -0700 (PDT) Received: by mail-ej1-x62c.google.com with SMTP id a640c23a62f3a-99bc512526cso327468366b.1; Fri, 28 Jul 2023 08:55:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559711; x=1691164511; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1+ccw4NZa5atLMu3PvWU3CwI2TXUxTCi4zdltIKSN3g=; b=ARajOChSPVav64iGhopmQ+8nKBr9w1b6PNunqIbKhFQmYug3HbMmKML7tFUcKNDAql 8wkzm7ISP2STHyjKgjKxt9qn0FEp1DO0S26sPjEhKfRbGY95eUuu8BVgGsX2ULoWOK5J LStkmwMuYdYXxRLiL6V0ilniPW8osDGql14vP84IP2odVzePfjACtH8OnVOcnAgCTRYy eUf1j2xi2erzVvWxtUoSBCeLvcEbeX1pPFJ/MzjeY5GzjZCVWrZQZnNWvDt0S1Gk9dEm q/aIXYE1FmdAlsl30NQyYVNqB4ZBaDPWUhKdw2ccwO1yHDvDXAGiXfWD2jXiiWP4sLpr Q5yg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559711; x=1691164511; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1+ccw4NZa5atLMu3PvWU3CwI2TXUxTCi4zdltIKSN3g=; b=ZcLlnpaz+ELCp5vK/IfZ7qXEFz5Ew5UbUTGXjoCtyLHPSPTlskKkRNaNIdj8neE6M5 zxUr8+xV4gcxNlt+/DWPj+yb5AFWRRx25ZFELDRNaznoGnwPRjlZlwbjgkTPcEt2vzGJ 1CreEv7xKr7zI+5Grx/3dGDJKTf22pmJB0owf8RgQwULmbfc1oeW29S3JwTVMld+GBsJ kmOC9yNz4899INr/MjOtaFX7XTrQlw+5qjuXC1QKpZcuQf8kbbBUl746bAeRpDoHF6Wu ay+B4ff8tIoq6UhQPVFvmIl77CJZPTOw552uSMbD77A0sr0OcfGxq9BEtXqsKfrjQ8ZX xRhQ== X-Gm-Message-State: ABy/qLarP9Lp3+0ElYJGlXdisBGlY24Ys6KTjgmPrLimAudeOwD9Sphz kPT0bnGpthRPhB4+z0J6zf2u8wa/qUHVZS4i X-Google-Smtp-Source: APBJJlEeR+3rhByc7CZ4OLonk4YAfn6iwAoyhwI1CSG17F28XVhqAQ7Dd2rCgsc/WVQ0wSKopXcz/w== X-Received: by 2002:a17:906:155:b0:99b:4ed4:5527 with SMTP id 21-20020a170906015500b0099b4ed45527mr2618066ejh.25.1690559711163; Fri, 28 Jul 2023 08:55:11 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:10 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 3/9] selinux: use identical iterator type in hashtab_duplicate() Date: Fri, 28 Jul 2023 17:54:53 +0200 Message-Id: <20230728155501.39632-2-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Use the identical type u32 for the loop iterator. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/ss/hashtab.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/selinux/ss/hashtab.c b/security/selinux/ss/hashtab.c index 30532ec319ce..7df9640554be 100644 --- a/security/selinux/ss/hashtab.c +++ b/security/selinux/ss/hashtab.c @@ -137,7 +137,8 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, void *args) { struct hashtab_node *cur, *tmp, *tail; - int i, rc; + u32 i; + int rc; memset(new, 0, sizeof(*new)); From patchwork Fri Jul 28 15:54:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13332089 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0BE21C001E0 for ; Fri, 28 Jul 2023 15:55:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235866AbjG1Pzf (ORCPT ); Fri, 28 Jul 2023 11:55:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42930 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235836AbjG1Pza (ORCPT ); Fri, 28 Jul 2023 11:55:30 -0400 Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BDAF444B1; Fri, 28 Jul 2023 08:55:14 -0700 (PDT) Received: by mail-lf1-x12a.google.com with SMTP id 2adb3069b0e04-4fe2503e3easo641871e87.2; Fri, 28 Jul 2023 08:55:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559713; x=1691164513; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Hj8EXANVUnt9bxQH+/nx3iBETrgoqthp/pWZeVRl9D8=; b=lJEotxX4ThykyTKoZQKZCBYw/acPZZ4atSdyoRuShZW2/I43mCDRmqkeglAanKpIEt 5MF9aBJM/t4X+/bcmUHnhzJ5MG36wDlLuYSiqgB71dPp1/ipxcp8w+sz83iMb2uuUOuc FwYcM8KxC4EBTRGkUgcFZVZo5bYQMjemYzMmw0fgSNNGr6CnhWzVfNOeaaT756gAM31m 85VZxhu/MTx2mxVzxFT/79zMBTSQpZMWxL5WFuClAxvjZ2/GgKSRWKyUqV6QTDmCzUWH 0JqbhdjgZp73AsnE94Sz3kVw2fIYpGOi82E/3cWhgIvhEkyT3eRb2PtibfZ8ZAI3/Wtm CgYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559713; x=1691164513; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Hj8EXANVUnt9bxQH+/nx3iBETrgoqthp/pWZeVRl9D8=; b=jQnpun6OMkjwNUye76r5PMmVRUGhnAlVokQQR21Fw9LA1dy+bxpUTZ+M21UnBw/jV8 Ao1nNfbId08f83VzBVR+kqA5bZ35/patGT2EKNP1KZM4KpZs+0grAP7pK8O2DRsWUT2k lALsbWp7S+KOIBVpFK7gNT2oGMyRYPuWQhOLP2dM9WhLMpSy6qkYafDwJ/889g7QdhZA +rWVA8/5IDzrGeJNmaNxPZt7Vm7d2XpCyEjiw4LZ8hcGT0RhW6yQNUiH+8bPiiGVY/v3 5LwZ3FfZNI8i91AzmV6BSe+JZ5PgFZo7CvottT+rmFbyEt+NecB+3HbfME/xQFHzIuk1 ucuA== X-Gm-Message-State: ABy/qLbwkLEelXiTFjXUijo34TwWbsfmLA9xbt7vYpU5NuO+BueawwDM QlTksjNfKc+vyNeK+kJgDMl2uwDseNy+hmpv X-Google-Smtp-Source: APBJJlFChGNT7gEME70QQCgEcUDXUUeIk3Hp2QhmpWS5T2oMgOoYeIEbnodCbfPol+UWhsWLPz0k0Q== X-Received: by 2002:a19:2d49:0:b0:4f9:7aee:8dc5 with SMTP id t9-20020a192d49000000b004f97aee8dc5mr1989307lft.19.1690559712679; Fri, 28 Jul 2023 08:55:12 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:12 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 4/9] selinux: avoid implicit conversions in mls code Date: Fri, 28 Jul 2023 17:54:54 +0200 Message-Id: <20230728155501.39632-3-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Use u32 for ebitmap bits. Use char for the default range of a class. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/ss/mls.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index b2c6c846ea03..cd38f5913b63 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c @@ -45,7 +45,7 @@ int mls_compute_context_len(struct policydb *p, struct context *context) len = 1; /* for the beginning ":" */ for (l = 0; l < 2; l++) { - int index_sens = context->range.level[l].sens; + u32 index_sens = context->range.level[l].sens; len += strlen(sym_name(p, SYM_LEVELS, index_sens - 1)); /* categories */ @@ -240,7 +240,8 @@ int mls_context_to_sid(struct policydb *pol, char *sensitivity, *cur_cat, *next_cat, *rngptr; struct level_datum *levdatum; struct cat_datum *catdatum, *rngdatum; - int l, rc, i; + u32 i; + int l, rc; char *rangep[2]; if (!pol->mls_enabled) { @@ -451,7 +452,8 @@ int mls_convert_context(struct policydb *oldp, struct level_datum *levdatum; struct cat_datum *catdatum; struct ebitmap_node *node; - int l, i; + u32 i; + int l; if (!oldp->mls_enabled || !newp->mls_enabled) return 0; @@ -495,7 +497,7 @@ int mls_compute_sid(struct policydb *p, struct range_trans rtr; struct mls_range *r; struct class_datum *cladatum; - int default_range = 0; + char default_range = 0; if (!p->mls_enabled) return 0; From patchwork Fri Jul 28 15:54:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13332091 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B8E55C41513 for ; Fri, 28 Jul 2023 15:55:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235820AbjG1Pzg (ORCPT ); Fri, 28 Jul 2023 11:55:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43026 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236861AbjG1Pza (ORCPT ); Fri, 28 Jul 2023 11:55:30 -0400 Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1F59744B4; Fri, 28 Jul 2023 08:55:16 -0700 (PDT) Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-99b9421aaebso309328266b.2; Fri, 28 Jul 2023 08:55:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559714; x=1691164514; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=LMehyge5V6oc71n+ts8VpdssHuMwLHVzBSgZt/TQ3lg=; b=gK1wcG5ifE9K7WNKaw+EopeVu9Z112sNyDDmRS0xr1oSRlvZx+ntyoKbpqVXAN6aIv ONynaAKRwpwdemhY31y9cbpw0n3af4i7a0XTd0kVXy9djH0qGp1OwDWxK8ilC8Ywuv23 PlkjUXw2p8k0odbo3/hI9EAY013EfsXnUJgkpy9c4Hq9qK8VzzH9BUf20RdJz9L7/Rmh 8tnWInKdYdLL118OyZKQqhVg/lB/uBH1tM/HHNtswCjvV0jnR7NybCQG1dmzpBe2Muzp 7k4+2QWxjr4rTM+hi5BiRgdfNbl/Wo03dHZXCFFP6C/8iT2efWxYmbwUC90hzqfaQpfl i7Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559714; x=1691164514; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LMehyge5V6oc71n+ts8VpdssHuMwLHVzBSgZt/TQ3lg=; b=eSu+AvkCf98cdJJfW3vWg7BiR6ysQzjOBWu6JpQJHA7tylytDbaK+ZS3Ot0tcpquTU NRwzBhcY9HxbEt+Qef+QjAunEG4es5UrQkfoKhRR66YTh5GoGMmSwUi+4FILSv7m62Ip 3ianQCglmdo+GLVTPooXw7KYd4NNCvBWgZHYCCwvlFBRIEoJAJnwCZXwL0X5yZREOByR mNfvoGAJSAaJ5kdT3AXQaEf7n1AFR4vPyhWH+p8PE9ST47XcomP5tiisL7LzVYU7AuNF QkojuM31FzF9xuMxjNRNAb13ea/XHQ3O+hEc/FoiSvg7TO7ZPnb2kLI/CYl9bNkgnCoi VO1Q== X-Gm-Message-State: ABy/qLZFgHKCpytK1pMUqPbeBDNsr5j0sYHIHhCgkkkZzUYWZKI1Uw0v 0gldRj6d3hpP23lGfB0Slq30PzNmVci2Nr/J X-Google-Smtp-Source: APBJJlFHnyeXTlVdIgpl2Ciud2FmYJ6My335BQvS0iplGidK9z8NhEPKsS8FXNVVJ+ibAf99PTmmRQ== X-Received: by 2002:a17:907:2711:b0:992:a85d:278b with SMTP id w17-20020a170907271100b00992a85d278bmr2274139ejk.59.1690559714482; Fri, 28 Jul 2023 08:55:14 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:14 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Ondrej Mosnacek , "GONG, Ruiqi" , linux-kernel@vger.kernel.org Subject: [PATCH v2 5/9] selinux: services: update type for number of class permissions Date: Fri, 28 Jul 2023 17:54:55 +0200 Message-Id: <20230728155501.39632-4-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Security classes have only up to 32 permissions, hence using an u16 is sufficient (while improving padding in struct selinux_mapping). Also use a fixed sized cast in a bit shift to avoid (well defined) overflows on architectures where sizeof(unsigned int) != sizeof(u32) resulting in no bits set. Signed-off-by: Christian Göttsche Reviewed-by: GONG, Ruiqi --- v2: update commit description: - mention struct selinux_mapping in the padding argument (currently between the first and second member there are 2 bytes padding) - mention overflow in the cast argument and the result of setting no bits due to it --- security/selinux/ss/services.c | 6 +++--- security/selinux/ss/services.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 2c5be06fbada..cf4b87ec4a0e 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -97,7 +97,6 @@ static int selinux_set_mapping(struct policydb *pol, struct selinux_map *out_map) { u16 i, j; - unsigned k; bool print_unknown_handle = false; /* Find number of classes in the input mapping */ @@ -117,6 +116,7 @@ static int selinux_set_mapping(struct policydb *pol, while (map[j].name) { const struct security_class_mapping *p_in = map + (j++); struct selinux_mapping *p_out = out_map->mapping + j; + u16 k; /* An empty class string skips ahead */ if (!strcmp(p_in->name, "")) { @@ -202,7 +202,7 @@ static void map_decision(struct selinux_map *map, { if (tclass < map->size) { struct selinux_mapping *mapping = &map->mapping[tclass]; - unsigned int i, n = mapping->num_perms; + u16 i, n = mapping->num_perms; u32 result; for (i = 0, result = 0; i < n; i++) { @@ -230,7 +230,7 @@ static void map_decision(struct selinux_map *map, * should audit that denial */ for (; i < (sizeof(u32)*8); i++) - result |= 1<auditdeny = result; } } diff --git a/security/selinux/ss/services.h b/security/selinux/ss/services.h index ed2ee6600467..d24b0a3d198e 100644 --- a/security/selinux/ss/services.h +++ b/security/selinux/ss/services.h @@ -12,7 +12,7 @@ /* Mapping for a single class */ struct selinux_mapping { u16 value; /* policy value for class */ - unsigned int num_perms; /* number of permissions in class */ + u16 num_perms; /* number of permissions in class */ u32 perms[sizeof(u32) * 8]; /* policy values for permissions */ }; From patchwork Fri Jul 28 15:54:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13332092 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 82E55C001DE for ; Fri, 28 Jul 2023 15:55:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235981AbjG1Pzh (ORCPT ); Fri, 28 Jul 2023 11:55:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42948 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235747AbjG1Pza (ORCPT ); Fri, 28 Jul 2023 11:55:30 -0400 Received: from mail-lj1-x22b.google.com (mail-lj1-x22b.google.com [IPv6:2a00:1450:4864:20::22b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2E11F4483; Fri, 28 Jul 2023 08:55:18 -0700 (PDT) Received: by mail-lj1-x22b.google.com with SMTP id 38308e7fff4ca-2b703a0453fso35210931fa.3; Fri, 28 Jul 2023 08:55:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559716; x=1691164516; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/rYsK0kNMxGjYfUlP6jXFUwqPwtrROBmYtzMufSE/LU=; b=cCv4j1x9LDD/oh2RJBveQ5h/SYR4mJpS7bFKmnTUDY9mMkXp8dXT5k9j6Ki9KXRv56 poIT6CqFn47rjK1p7wb/24bE4U+3+1QqYpmK/A8Nmau3pTmoGelqJkrWp1G5Pf8cY+K7 F++sZe8yzD25YVqz72wF0eOkCt//8o8B187z68iMovnQ/BSLtoGlvHAHXDJVNvrrrV9j 0uTYhj8/s320Zf/xvmA4k76N9Nwdh4LLA087uf6bvYmwf+wcSWQfHr4iz5vgjrHsY3ov 2mdlSLuVlrWMQfEwaeaGWHy7EQpz1dOFV6Fgx7kCztMUzAvvQlyAdt8SSYMAmYeOxcNJ vF8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559716; x=1691164516; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/rYsK0kNMxGjYfUlP6jXFUwqPwtrROBmYtzMufSE/LU=; b=IVr4dN9mBIvGoaYpwtth5Gp5Qs6pWhMx6tOlm+OAaOSqTSRUjd1q6vc4hXVtJqWu9L vc+gCXjRN1jku1wiXx+zn7KzUq5hwgTJ91xfzEhQ5RZfID+Kv0vlh14YhjAtHLgxRcz9 2IWoZVatDpbv3DRRCwLqa/Zh/yQSL6z3KPezftdOex+g8JizafIPCa9OIxmnqxTtfUU9 XFSjSUYqaFG6Klis3/vKH7vYfy0ao5IfHzy6PZnLJu9GzloieYyG88X8G0UGbO1//M9T lX8vkPJSgSrH1VpWems5b0ZmHtQff3JLjz7CsnwwOKQ3ckexCF6VfkcgqPmVVEI76//L CB1g== X-Gm-Message-State: ABy/qLYjQ0bC3KS11g5kit1M3R9ZChW4ptD6pRgMowbooK6TBECvS+PK gishxWO9R/JhVanrBem+TeWABiTazgEffyIBvCY= X-Google-Smtp-Source: APBJJlGSZLLbQo9G1/zn7+V8lJgT217NYhWT410jIWNQdqPMaRVgsqfreAm7ZaIgNKobAHKTWkTRmA== X-Received: by 2002:a2e:8e81:0:b0:2b9:4492:1226 with SMTP id z1-20020a2e8e81000000b002b944921226mr2325461ljk.11.1690559716318; Fri, 28 Jul 2023 08:55:16 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:15 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Ondrej Mosnacek , Casey Schaufler , Xiu Jianfeng , "GONG, Ruiqi" , linux-kernel@vger.kernel.org Subject: [PATCH v2 6/9] selinux: avoid implicit conversions in services code Date: Fri, 28 Jul 2023 17:54:56 +0200 Message-Id: <20230728155501.39632-5-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Use u32 as the output parameter type in security_get_classes() and security_get_permissions(), based on the type of the symtab nprim member. Declare the read-only class string parameter of security_get_permissions() const. Avoid several implicit conversions by using the identical type for the destination. Use the type identical to the source for local variables. Signed-off-by: Christian Göttsche Reviewed-by: GONG, Ruiqi --- v2: avoid declarations in init-clauses of for loops --- security/selinux/include/security.h | 4 ++-- security/selinux/selinuxfs.c | 7 ++++--- security/selinux/ss/services.c | 23 ++++++++++++----------- 3 files changed, 18 insertions(+), 16 deletions(-) diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 668e393a9709..074d439fe9ad 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -312,9 +312,9 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type, u32 *peer_sid); int security_get_classes(struct selinux_policy *policy, - char ***classes, int *nclasses); + char ***classes, u32 *nclasses); int security_get_permissions(struct selinux_policy *policy, - char *class, char ***perms, int *nperms); + const char *class, char ***perms, u32 *nperms); int security_get_reject_unknown(void); int security_get_allow_unknown(void); diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index f79e96f0f221..b969e87fd870 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -1798,7 +1798,8 @@ static int sel_make_perm_files(struct selinux_policy *newpolicy, char *objclass, int classvalue, struct dentry *dir) { - int i, rc, nperms; + u32 i, nperms; + int rc; char **perms; rc = security_get_permissions(newpolicy, objclass, &perms, &nperms); @@ -1868,8 +1869,8 @@ static int sel_make_classes(struct selinux_policy *newpolicy, struct dentry *class_dir, unsigned long *last_class_ino) { - - int rc, nclasses, i; + u32 i, nclasses; + int rc; char **classes; rc = security_get_classes(newpolicy, &classes, &nclasses); diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index cf4b87ec4a0e..3a03243f52e7 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -856,7 +856,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) struct sidtab *sidtab; struct sidtab_entry *old_entry, *new_entry; struct type_datum *type; - int index; + u32 index; int rc; if (!selinux_initialized()) @@ -1511,7 +1511,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, return -ENOMEM; if (!selinux_initialized()) { - int i; + u32 i; for (i = 1; i < SECINITSID_NUM; i++) { const char *s = initial_sid_to_string[i]; @@ -2821,7 +2821,6 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, { struct policydb *policydb = &policy->policydb; struct sidtab *sidtab = policy->sidtab; - int len; u16 sclass; struct genfs *genfs; struct ocontext *c; @@ -2843,7 +2842,7 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, return -ENOENT; for (c = genfs->head; c; c = c->next) { - len = strlen(c->u.name); + size_t len = strlen(c->u.name); if ((!c->v.sclass || sclass == c->v.sclass) && (strncmp(c->u.name, path, len) == 0)) break; @@ -3331,7 +3330,7 @@ static int get_classes_callback(void *k, void *d, void *args) { struct class_datum *datum = d; char *name = k, **classes = args; - int value = datum->value - 1; + u32 value = datum->value - 1; classes[value] = kstrdup(name, GFP_ATOMIC); if (!classes[value]) @@ -3341,7 +3340,7 @@ static int get_classes_callback(void *k, void *d, void *args) } int security_get_classes(struct selinux_policy *policy, - char ***classes, int *nclasses) + char ***classes, u32 *nclasses) { struct policydb *policydb; int rc; @@ -3357,7 +3356,8 @@ int security_get_classes(struct selinux_policy *policy, rc = hashtab_map(&policydb->p_classes.table, get_classes_callback, *classes); if (rc) { - int i; + u32 i; + for (i = 0; i < *nclasses; i++) kfree((*classes)[i]); kfree(*classes); @@ -3371,7 +3371,7 @@ static int get_permissions_callback(void *k, void *d, void *args) { struct perm_datum *datum = d; char *name = k, **perms = args; - int value = datum->value - 1; + u32 value = datum->value - 1; perms[value] = kstrdup(name, GFP_ATOMIC); if (!perms[value]) @@ -3381,10 +3381,11 @@ static int get_permissions_callback(void *k, void *d, void *args) } int security_get_permissions(struct selinux_policy *policy, - char *class, char ***perms, int *nperms) + const char *class, char ***perms, u32 *nperms) { struct policydb *policydb; - int rc, i; + u32 i; + int rc; struct class_datum *match; policydb = &policy->policydb; @@ -3599,7 +3600,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) /* Check to see if the rule contains any selinux fields */ int selinux_audit_rule_known(struct audit_krule *rule) { - int i; + u32 i; for (i = 0; i < rule->field_count; i++) { struct audit_field *f = &rule->fields[i]; From patchwork Fri Jul 28 15:54:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13332093 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6F35DC04FDF for ; Fri, 28 Jul 2023 15:55:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235695AbjG1Pzh (ORCPT ); Fri, 28 Jul 2023 11:55:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42838 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235536AbjG1Pza (ORCPT ); Fri, 28 Jul 2023 11:55:30 -0400 Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 12AB444B5; Fri, 28 Jul 2023 08:55:19 -0700 (PDT) Received: by mail-ed1-x52f.google.com with SMTP id 4fb4d7f45d1cf-51e28cac164so7332524a12.1; Fri, 28 Jul 2023 08:55:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559717; x=1691164517; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=PpdC41+Bf2kU2Tf09u02Pdp+KuYiOkl5+Sf1RWH1VHM=; b=NKiQ0jkjkVDzHrPPfVGjhRPKwcRldGhM6uAhpkqxvwOGhCgzSsbZoZhu5PLrvK+4Uy QQbRpCIMvlSqIH0J3FhPj3wLansioW2hoxGalrXM3e03tuu3zx46gqI7cAImLGQxIMeS aparSlLN7xRmAeJtm76amSjRM3lefEbYnpVPpHN5i3GwxIBGoADLs77Pc5afBJh6XwcY MUb7bsc+w+tE65Y25FwWqD30PXC/LQYdMo6ZomSxCqBlLDlHBAvwFS5Cz2B37b0gt4Wq HnRlP5fLueetmeBn6FfIpoemu+XqGJ85WOJQhp/CaozpasrUPyChlFvWEx31SyCHOVIr 0KYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559717; x=1691164517; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PpdC41+Bf2kU2Tf09u02Pdp+KuYiOkl5+Sf1RWH1VHM=; b=aNOHr/7Cqf1q6eGQ/L8U6uSL0PMvg866VINX+SaxNO/ouswJliUSW6PSstTfy3wHnx B/AWCOcr3DImQl5T09jUB3StN6iitbUBgKXqIZGqWtuxTZ4acmatm1PvOfvAuQ+Ivjq5 C9nTujhW6sxTzGM9VjdDe1mu/ln9d4HYY+OLQaYAGkGvNQPXw1E2cygMlAzJaPz2WRXb WxtBmwyu/4Rtf9b0KVX+t9Q1HXaj1J7V21khvAfv9b6AeBunINsHFyMMiOc5bleC+A+z ZqGtDTXbSVZul/zlljBt2d+Eav0idyRiVJKhF5aw1+XmCj8yMu8taZzQctxR8Dfp6CMO HL1Q== X-Gm-Message-State: ABy/qLYyx+6w3N9aOxxtaEpNgebDH87fyudaFzFCq7+f4EyazIzvLLqd EwfcBcqqsKpVDcFG6N6hMrL0kEdi2v163+GB X-Google-Smtp-Source: APBJJlEwirtYX2paxLrqjb1Vl3X7IY3qqxJrdGPWFwmZTaZkZ1KekvCci5Xme1v3jfl9+jGcMEl9LQ== X-Received: by 2002:a17:906:5a4f:b0:997:e7d0:e26d with SMTP id my15-20020a1709065a4f00b00997e7d0e26dmr3540076ejc.4.1690559717409; Fri, 28 Jul 2023 08:55:17 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:17 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 7/9] selinux: avoid implicit conversions in selinuxfs code Date: Fri, 28 Jul 2023 17:54:57 +0200 Message-Id: <20230728155501.39632-6-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Use umode_t as parameter type for sel_make_inode(), which assigns the value to the member i_mode of struct inode. Use identical type for loop iterator. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/selinuxfs.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index b969e87fd870..7d7931d1758e 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -97,7 +97,7 @@ static int selinux_fs_info_create(struct super_block *sb) static void selinux_fs_info_free(struct super_block *sb) { struct selinux_fs_info *fsi = sb->s_fs_info; - int i; + unsigned int i; if (fsi) { for (i = 0; i < fsi->bool_num; i++) @@ -1075,8 +1075,8 @@ static ssize_t sel_write_user(struct file *file, char *buf, size_t size) u32 sid, *sids = NULL; ssize_t length; char *newcon; - int i, rc; - u32 len, nsids; + int rc; + u32 i, len, nsids; length = avc_has_perm(current_sid(), SECINITSID_SECURITY, SECCLASS_SECURITY, SECURITY__COMPUTE_USER, @@ -1192,7 +1192,7 @@ static ssize_t sel_write_member(struct file *file, char *buf, size_t size) return length; } -static struct inode *sel_make_inode(struct super_block *sb, int mode) +static struct inode *sel_make_inode(struct super_block *sb, umode_t mode) { struct inode *ret = new_inode(sb); @@ -1613,7 +1613,6 @@ static int sel_make_avc_files(struct dentry *dir) { struct super_block *sb = dir->d_sb; struct selinux_fs_info *fsi = sb->s_fs_info; - int i; static const struct tree_descr files[] = { { "cache_threshold", &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, @@ -1623,7 +1622,7 @@ static int sel_make_avc_files(struct dentry *dir) #endif }; - for (i = 0; i < ARRAY_SIZE(files); i++) { + for (u32 i = 0; i < ARRAY_SIZE(files); i++) { struct inode *inode; struct dentry *dentry; @@ -1649,7 +1648,7 @@ static int sel_make_ss_files(struct dentry *dir) { struct super_block *sb = dir->d_sb; struct selinux_fs_info *fsi = sb->s_fs_info; - int i; + u32 i; static const struct tree_descr files[] = { { "sidtab_hash_stats", &sel_sidtab_hash_stats_ops, S_IRUGO }, }; @@ -1700,7 +1699,7 @@ static const struct file_operations sel_initcon_ops = { static int sel_make_initcon_files(struct dentry *dir) { - int i; + u32 i; for (i = 1; i <= SECINITSID_NUM; i++) { struct inode *inode; From patchwork Fri Jul 28 15:54:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13332096 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 37282C001DE for ; Fri, 28 Jul 2023 15:55:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236705AbjG1Pzk (ORCPT ); Fri, 28 Jul 2023 11:55:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43072 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236867AbjG1Pzb (ORCPT ); Fri, 28 Jul 2023 11:55:31 -0400 Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A48F84217; Fri, 28 Jul 2023 08:55:20 -0700 (PDT) Received: by mail-ej1-x633.google.com with SMTP id a640c23a62f3a-9891c73e0fbso472497366b.1; Fri, 28 Jul 2023 08:55:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559719; x=1691164519; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HOGEYVtk8nHyb4KSy2DKIRjavcN6aII04qx0UqqEHEg=; b=AFKxVvGAacA9Uj0sNWD5uRw7AnuN/Ql60mpTgHsjufEQz85PR9ABFJRd4niLRDMKD2 nXp2yHls91XYsyFcJGerm5MnsFXyLq5bdlLr87evelkOXMD4L98p8d3l7F/jxByqzkPS sr335/2G9RjfWenHx0pr1tpvQKphxZHhrVJSryZOgbcHyTUNkTaSv7WtELfn7OBcpQJu rRqUVsdWCLa1LnJ29t0bQ8vk6Ozj7Uz6ukQKIJH2r0wAc6mmoK1isoQnn2Oy9sS58Aa1 0Ivg1fDEjCA7yJh/qepU+hSo3+KHvLywOcyhXoDf9hBEGjuXzqEA/5FUmEGqPnKDleGG 5JQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559719; x=1691164519; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HOGEYVtk8nHyb4KSy2DKIRjavcN6aII04qx0UqqEHEg=; b=VNOH3hKy2EFclMh4p89+RlJUoOOgm51VaR6iwa+naoJfu08G0JSsSmOGVAp439BfCc 7LWhmJz/oWZgo7IklHvv6zZZd7xKn6AlPWGzGxstv8r+oEm8HXjOAaLdS278hY2wUlHb MLDOr9PfnzUyjavnElB5HWpVLXb4IgTIY+Lf9N/Le0BlT0O0oWdy6muev2tfjoc8O7bC KxH4ewt/7gHUv6dso+NetY10MS/9Jwvk+P5eUu4s4kIg6zpuzAGuUy7DmnKRk10uXXug ZO5wYKI/AYD+SSu/n2+CqAjZPGTmI/rFvxtTWrWJGGXIWJj0VgK8Gbl9f0x7oALOQ1TF H+Qw== X-Gm-Message-State: ABy/qLZbKeMuV506Gq3aOlTQJIsTKUgUdlkx+KLdq77RsZIELxUt8IqN xYUuuG4GIvMQO6iXIwJCtXVZgfLWNx+hqOeC X-Google-Smtp-Source: APBJJlH0nXMLUHqUYquNmtGpYiTbbQAtqDJDbfBvwM82Ib0MrztcYLRHLUVsrQqAlzZMCkhPB0tSfA== X-Received: by 2002:a17:907:7f89:b0:993:e85c:4ad6 with SMTP id qk9-20020a1709077f8900b00993e85c4ad6mr7142391ejc.7.1690559718975; Fri, 28 Jul 2023 08:55:18 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:18 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Ondrej Mosnacek , linux-kernel@vger.kernel.org Subject: [PATCH v2 8/9] selinux: policydb: implicit conversions Date: Fri, 28 Jul 2023 17:54:58 +0200 Message-Id: <20230728155501.39632-7-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Use the identical type for local variables, e.g. loop counters. Declare members of struct policydb_compat_info unsigned to consistently use unsigned iterators. They hold read-only non-negative numbers in the global variable policydb_compat. Signed-off-by: Christian Göttsche --- v2: - avoid declarations in init-clauses of for loops - declare members of struct policydb_compat_info unsigned --- security/selinux/ss/policydb.c | 93 +++++++++++++++++++++------------- 1 file changed, 58 insertions(+), 35 deletions(-) diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index dc66868ff62c..aa2371a422af 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -55,9 +55,9 @@ static const char *const symtab_name[SYM_NUM] = { #endif struct policydb_compat_info { - int version; - int sym_num; - int ocon_num; + unsigned int version; + unsigned int sym_num; + unsigned int ocon_num; }; /* These need to be updated if SYM_NUM or OCON_NUM changes */ @@ -159,9 +159,9 @@ static const struct policydb_compat_info policydb_compat[] = { }, }; -static const struct policydb_compat_info *policydb_lookup_compat(int version) +static const struct policydb_compat_info *policydb_lookup_compat(unsigned int version) { - int i; + u32 i; for (i = 0; i < ARRAY_SIZE(policydb_compat); i++) { if (policydb_compat[i].version == version) @@ -359,7 +359,7 @@ static int role_tr_destroy(void *key, void *datum, void *p) return 0; } -static void ocontext_destroy(struct ocontext *c, int i) +static void ocontext_destroy(struct ocontext *c, u32 i) { if (!c) return; @@ -781,7 +781,7 @@ void policydb_destroy(struct policydb *p) { struct ocontext *c, *ctmp; struct genfs *g, *gtmp; - int i; + u32 i; struct role_allow *ra, *lra = NULL; for (i = 0; i < SYM_NUM; i++) { @@ -1154,8 +1154,8 @@ static int common_read(struct policydb *p, struct symtab *s, void *fp) char *key = NULL; struct common_datum *comdatum; __le32 buf[4]; - u32 len, nel; - int i, rc; + u32 i, len, nel; + int rc; comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL); if (!comdatum) @@ -1220,13 +1220,13 @@ static int type_set_read(struct type_set *t, void *fp) static int read_cons_helper(struct policydb *p, struct constraint_node **nodep, - int ncons, int allowxtarget, void *fp) + u32 ncons, int allowxtarget, void *fp) { struct constraint_node *c, *lc; struct constraint_expr *e, *le; __le32 buf[3]; - u32 nexpr; - int rc, i, j, depth; + u32 i, j, nexpr; + int rc, depth; lc = NULL; for (i = 0; i < ncons; i++) { @@ -1318,8 +1318,8 @@ static int class_read(struct policydb *p, struct symtab *s, void *fp) char *key = NULL; struct class_datum *cladatum; __le32 buf[6]; - u32 len, len2, ncons, nel; - int i, rc; + u32 i, len, len2, ncons, nel; + int rc; cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL); if (!cladatum) @@ -1412,7 +1412,8 @@ static int role_read(struct policydb *p, struct symtab *s, void *fp) { char *key = NULL; struct role_datum *role; - int rc, to_read = 2; + int rc; + unsigned int to_read = 2; __le32 buf[3]; u32 len; @@ -1468,7 +1469,8 @@ static int type_read(struct policydb *p, struct symtab *s, void *fp) { char *key = NULL; struct type_datum *typdatum; - int rc, to_read = 3; + int rc; + unsigned int to_read = 3; __le32 buf[4]; u32 len; @@ -1542,7 +1544,8 @@ static int user_read(struct policydb *p, struct symtab *s, void *fp) { char *key = NULL; struct user_datum *usrdatum; - int rc, to_read = 2; + int rc; + unsigned int to_read = 2; __le32 buf[3]; u32 len; @@ -1683,7 +1686,7 @@ static int user_bounds_sanity_check(void *key, void *datum, void *datap) upper = user = datum; while (upper->bounds) { struct ebitmap_node *node; - unsigned long bit; + u32 bit; if (++depth == POLICYDB_BOUNDS_MAXDEPTH) { pr_err("SELinux: user %s: " @@ -1719,7 +1722,7 @@ static int role_bounds_sanity_check(void *key, void *datum, void *datap) upper = role = datum; while (upper->bounds) { struct ebitmap_node *node; - unsigned long bit; + u32 bit; if (++depth == POLICYDB_BOUNDS_MAXDEPTH) { pr_err("SELinux: role %s: " @@ -1834,9 +1837,9 @@ static int range_read(struct policydb *p, void *fp) { struct range_trans *rt = NULL; struct mls_range *r = NULL; - int i, rc; + int rc; __le32 buf[2]; - u32 nel; + u32 i, nel; if (p->policyvers < POLICYDB_VERSION_MLS) return 0; @@ -2082,9 +2085,9 @@ static int filename_trans_read_helper(struct policydb *p, void *fp) static int filename_trans_read(struct policydb *p, void *fp) { - u32 nel; + u32 nel, i; __le32 buf[1]; - int rc, i; + int rc; if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS) return 0; @@ -2123,8 +2126,8 @@ static int filename_trans_read(struct policydb *p, void *fp) static int genfs_read(struct policydb *p, void *fp) { - int i, j, rc; - u32 nel, nel2, len, len2; + int rc; + u32 i, j, nel, nel2, len, len2; __le32 buf[1]; struct ocontext *l, *c; struct ocontext *newc = NULL; @@ -2237,8 +2240,9 @@ static int genfs_read(struct policydb *p, void *fp) static int ocontext_read(struct policydb *p, const struct policydb_compat_info *info, void *fp) { - int i, j, rc; - u32 nel, len; + int rc; + unsigned int i; + u32 j, nel, len, val; __be64 prefixbuf[1]; __le32 buf[3]; struct ocontext *l, *c; @@ -2299,9 +2303,27 @@ static int ocontext_read(struct policydb *p, const struct policydb_compat_info * rc = next_entry(buf, fp, sizeof(u32)*3); if (rc) goto out; - c->u.port.protocol = le32_to_cpu(buf[0]); - c->u.port.low_port = le32_to_cpu(buf[1]); - c->u.port.high_port = le32_to_cpu(buf[2]); + + rc = -EINVAL; + + val = le32_to_cpu(buf[0]); + if (val > U8_MAX) + goto out; + c->u.port.protocol = val; + + val = le32_to_cpu(buf[1]); + if (val > U16_MAX) + goto out; + c->u.port.low_port = val; + + val = le32_to_cpu(buf[2]); + if (val > U16_MAX) + goto out; + c->u.port.high_port = val; + + if (c->u.port.low_port > c->u.port.high_port) + goto out; + rc = context_read_and_validate(&c->context[0], p, fp); if (rc) goto out; @@ -2429,9 +2451,9 @@ int policydb_read(struct policydb *p, void *fp) struct role_allow *ra, *lra; struct role_trans_key *rtk = NULL; struct role_trans_datum *rtd = NULL; - int i, j, rc; + int rc; __le32 buf[4]; - u32 len, nprim, nel, perm; + u32 i, j, len, nprim, nel, perm; char *policydb_str; const struct policydb_compat_info *info; @@ -3282,7 +3304,8 @@ static int (*const write_f[SYM_NUM]) (void *key, void *datum, void *datap) = { static int ocontext_write(struct policydb *p, const struct policydb_compat_info *info, void *fp) { - unsigned int i, j, rc; + unsigned int i, j; + int rc; size_t nel, len; __be64 prefixbuf[1]; __le32 buf[3]; @@ -3631,10 +3654,10 @@ static int filename_trans_write(struct policydb *p, void *fp) */ int policydb_write(struct policydb *p, void *fp) { - unsigned int i, num_syms; int rc; + unsigned int num_syms; __le32 buf[4]; - u32 config; + u32 config, i; size_t len; const struct policydb_compat_info *info; From patchwork Fri Jul 28 15:54:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13332094 X-Patchwork-Delegate: paul@paul-moore.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 885A7C001E0 for ; Fri, 28 Jul 2023 15:55:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235798AbjG1Pzi (ORCPT ); Fri, 28 Jul 2023 11:55:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42964 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236430AbjG1Pzb (ORCPT ); Fri, 28 Jul 2023 11:55:31 -0400 Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B138421B; Fri, 28 Jul 2023 08:55:21 -0700 (PDT) Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-9922d6f003cso328691566b.0; Fri, 28 Jul 2023 08:55:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559720; x=1691164520; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=EPHbKlNohEyT6fHekCE2tm7ibKK+fjaWchkmGqjYMrs=; b=nRseK7z65pCewXQfBxUb9pU4jiS+a1bz8h14DsuF3KLRf9Kq8QFUEnBH8kLrdtQmSQ 2jWf39AwJjxUQQ6SMKQo8HICYrdEtgMpR8OQdAigEOgsFtSlxYAyjbm6IViTbFiY7siS jtGjVgBc14MwEl9imJxJQtov1PUzh8jT/Dup52LUK9io/dXU+1JkoRVdD+PBhPtD+EwP 4iK8oa4xn6aHMGsbWr4edP8dbLoq+hkCEB/WErSf8laR0GxSgTJamVXnKDe+cPLd0Kh3 ONfZ8vs4DBdTQbIyp+hT5lCHJ2gta2Zs0+prif/VbtH2EWGirCEDBh8VtBCihY88gbFC JzVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559720; x=1691164520; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EPHbKlNohEyT6fHekCE2tm7ibKK+fjaWchkmGqjYMrs=; b=Vo0qCHp+04t2vJ8QfUu9QxwWk32rZ9Wfx0uzVuCT52OflK/mv/hAmZbFW1hW/vcD/d 1sHWpl2po7biyInWV0xebFSYIsHBi6d+nKKvbKC06LtV1gy4xL/GL+8YpMU4ZeBGzVut 3yfU/PoqA5VMqPvJrY9QunJ8bao7C7HLp3YQEOzALDZwagrB9HlCsTX4qh9W68JMV2fu /NrfynJCmA+/0xkwqPYmXZukEKS5mfEe414PIN/G/TMN8SDaOCq1hEF31p8HlqxyNzgu ZlG7ZC7V4Q/iufnHE5xDAgdcFYg14U0IW7VyU3SiHU5oF4XnL+YKAGdbYHlPzPwiv2Hr rNaQ== X-Gm-Message-State: ABy/qLb22miU8LVtdIEf6J7fIRkhvU4R7NY+HSxpC6VYg8mKOStwk8fP b2pFVzJzZS2DDFRv9pfODZ1VODai8i005v9j X-Google-Smtp-Source: APBJJlGe+A0oWKQVcwl9usSCqVsNHg79O6cAF7pjMMrsUc/ACIUT6KvXtk7Mzq4GWcS1Q5m24zSzLw== X-Received: by 2002:a17:906:31db:b0:993:d88e:41ed with SMTP id f27-20020a17090631db00b00993d88e41edmr2757566ejf.3.1690559720100; Fri, 28 Jul 2023 08:55:20 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:19 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 9/9] selinux: avoid implicit conversion in nlmsgtab code Date: Fri, 28 Jul 2023 17:54:59 +0200 Message-Id: <20230728155501.39632-8-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Use an unsigned type as loop iterator. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/nlmsgtab.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index 2ee7b4ed43ef..2f8fab949633 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -153,7 +153,8 @@ static const struct nlmsg_perm nlmsg_audit_perms[] = { static int nlmsg_perm(u16 nlmsg_type, u32 *perm, const struct nlmsg_perm *tab, size_t tabsize) { - int i, err = -EINVAL; + u32 i; + int err = -EINVAL; for (i = 0; i < tabsize/sizeof(struct nlmsg_perm); i++) if (nlmsg_type == tab[i].nlmsg_type) {