From patchwork Mon Nov 11 14:16:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870809 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B076019CC1C for ; Mon, 11 Nov 2024 14:17:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334639; cv=none; b=Tbd6e9GWuer4c7rn2lheMiiS1FrTsXDzW92Yf9jXSVTIs1OuTKng6Wotgm0w2syxzCHSuDw6J518ImugrCsBL89N5cIEnRLddaCJa9Nf+yAmGg1eQqr8f10eq93M2dYe6vUnP3/AO3aoMLHRescOsu6LeM4YP0eGazuigwrFKY4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334639; c=relaxed/simple; bh=1X03f+9L+vzbXLJZtoh2MidKApsrBPodzAkncP52Sec=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Content-Type; b=PlS0WFUSDhfxtv6oPON0+qWFUC86sQ35g5JAx/GrL92a5XTHUQagsn3XH5wUzEpe1+TUGPvH0hzuetrYpAd8W1+nvPhq5C+AzTJppfXA49upHMvF/b+t24MMS+5uJ5CwteoOE4xgLA+qNRGqwrN5d22LEoc4PLHce03kiQGI0Cs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=fail (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=pAk5E/H/ reason="signature verification failed"; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="pAk5E/H/" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334632; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JNirH6qf+NsaeWmfLbDZ7chPPC2Q8CnabZQAWs5p1p0=; b=pAk5E/H/L26ZtPdqurq6kWxvl3bTSW7JdgQEJTVv4NU88b+EMMo4VY5/8BhTxlurCHnOSm VO9OF97Hl0xv+EYyPqy5PdXfWlo/XXC1R8vOa3NkGGlXV7Cem+Ejbun2hyCQQP3x1P89aG il8UrYyd9wei+oq5y92qOtq/fMWeLnZBfnE4clFPjDN+GRF2h2x+ONPQSKAO/GSYZW3pQS aSrZHm2YjomWDGNcsfbfp+MShXfUqclIs7678KxQTQl2s+r2fMiHijkR3X3xuRUjh04Kgs MQ/L4s5UZmzyap4bKsk431mFfkNXQCRzzOoayOWeUIRDbTsKpgj3w57jPi0crg== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 01/47] libsemanage: white space cleanup Date: Mon, 11 Nov 2024 15:16:20 +0100 Message-ID: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Avoid unrelated changes in followup patches. No functional change. Signed-off-by: Christian Göttsche --- libsemanage/LICENSE | 20 ++--- libsemanage/Makefile | 8 +- libsemanage/example/test_fcontext.c | 2 +- libsemanage/include/semanage/debug.h | 4 +- libsemanage/include/semanage/handle.h | 12 +-- libsemanage/include/semanage/modules.h | 6 +- libsemanage/include/semanage/semanage.h | 2 +- libsemanage/man/man3/semanage_bool.3 | 18 ++--- .../man/man3/semanage_bool_set_active.3 | 16 ++-- libsemanage/man/man3/semanage_count.3 | 6 +- libsemanage/man/man3/semanage_del.3 | 18 ++--- libsemanage/man/man3/semanage_exists.3 | 14 ++-- libsemanage/man/man3/semanage_fcontext.3 | 20 ++--- libsemanage/man/man3/semanage_iface.3 | 24 +++--- libsemanage/man/man3/semanage_iterate.3 | 14 ++-- libsemanage/man/man3/semanage_list.3 | 12 +-- libsemanage/man/man3/semanage_modify.3 | 14 ++-- libsemanage/man/man3/semanage_node.3 | 32 ++++---- libsemanage/man/man3/semanage_port.3 | 18 ++--- libsemanage/man/man3/semanage_query.3 | 16 ++-- libsemanage/man/man3/semanage_seuser.3 | 26 +++---- libsemanage/man/man3/semanage_user.3 | 26 +++---- libsemanage/man/man5/semanage.conf.5 | 10 +-- libsemanage/src/Makefile | 14 ++-- libsemanage/src/booleans_activedb.c | 2 +- libsemanage/src/conf-parse.y | 6 +- libsemanage/src/database.h | 24 +++--- libsemanage/src/database_activedb.c | 4 +- libsemanage/src/database_file.c | 4 +- libsemanage/src/database_join.c | 6 +- libsemanage/src/database_policydb.c | 2 +- libsemanage/src/database_policydb.h | 2 +- libsemanage/src/debug.c | 2 +- libsemanage/src/direct_api.c | 15 ++-- libsemanage/src/genhomedircon.c | 4 +- libsemanage/src/handle.c | 6 +- libsemanage/src/handle.h | 2 +- libsemanage/src/parse_utils.h | 4 +- libsemanage/src/policy_components.c | 2 +- libsemanage/src/ports_file.c | 2 +- libsemanage/src/ports_local.c | 6 +- libsemanage/src/semanage_store.c | 50 ++++++------- libsemanage/src/semanageswig.i | 2 +- libsemanage/src/semanageswig_python.i | 74 +++++++++---------- libsemanage/src/semanageswig_ruby.i | 2 +- libsemanage/src/seuser_record.c | 2 +- libsemanage/src/seusers_local.c | 2 +- libsemanage/src/user_record.c | 2 +- libsemanage/src/utilities.c | 2 +- libsemanage/tests/Makefile | 4 +- libsemanage/tests/README | 12 +-- libsemanage/tests/test_semanage_store.c | 2 +- 52 files changed, 299 insertions(+), 300 deletions(-) diff --git a/libsemanage/LICENSE b/libsemanage/LICENSE index 8add30ad..148d531c 100644 --- a/libsemanage/LICENSE +++ b/libsemanage/LICENSE @@ -55,7 +55,7 @@ modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. - + Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a @@ -111,7 +111,7 @@ modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. - + GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION @@ -146,7 +146,7 @@ such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. - + 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an @@ -158,7 +158,7 @@ Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. - + 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 @@ -216,7 +216,7 @@ instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. - + Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. @@ -267,7 +267,7 @@ Library will still fall under Section 6.) distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. - + 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work @@ -329,7 +329,7 @@ restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. - + 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined @@ -370,7 +370,7 @@ subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. - + 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or @@ -422,7 +422,7 @@ conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. - + 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is @@ -456,7 +456,7 @@ SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS - + How to Apply These Terms to Your New Libraries If you develop a new library, and you want it to be of the greatest diff --git a/libsemanage/Makefile b/libsemanage/Makefile index 390176fe..dbd240da 100644 --- a/libsemanage/Makefile +++ b/libsemanage/Makefile @@ -1,22 +1,22 @@ -all: +all: $(MAKE) -C src all swigify: $(MAKE) -C src swigify -pywrap: +pywrap: $(MAKE) -C src pywrap rubywrap: $(MAKE) -C src rubywrap -install: +install: $(MAKE) -C include install $(MAKE) -C src install $(MAKE) -C man install $(MAKE) -C utils install -install-pywrap: +install-pywrap: $(MAKE) -C src install-pywrap install-rubywrap: diff --git a/libsemanage/example/test_fcontext.c b/libsemanage/example/test_fcontext.c index c2ffcab8..abf41e3c 100644 --- a/libsemanage/example/test_fcontext.c +++ b/libsemanage/example/test_fcontext.c @@ -15,7 +15,7 @@ int main(const int argc, const char **argv) { int exist = 0; sh = semanage_handle_create(); - if (sh == NULL) { + if (sh == NULL) { perror("Can't create semanage handle\n"); return -1; } diff --git a/libsemanage/include/semanage/debug.h b/libsemanage/include/semanage/debug.h index effc24ad..ad79beca 100644 --- a/libsemanage/include/semanage/debug.h +++ b/libsemanage/include/semanage/debug.h @@ -35,9 +35,9 @@ extern const char *semanage_msg_get_channel(semanage_handle_t * handle); extern const char *semanage_msg_get_fname(semanage_handle_t * handle); -/* Set the messaging callback. +/* Set the messaging callback. * By the default, the callback will print - * the message on standard output, in a + * the message on standard output, in a * particular format. Passing NULL here * indicates that messaging should be suppressed */ extern void semanage_msg_set_callback(semanage_handle_t * handle, diff --git a/libsemanage/include/semanage/handle.h b/libsemanage/include/semanage/handle.h index 4cf30815..41db000f 100644 --- a/libsemanage/include/semanage/handle.h +++ b/libsemanage/include/semanage/handle.h @@ -25,7 +25,7 @@ /* All accesses with semanage are through a "semanage_handle". The * handle may ultimately reference local config files, - * the binary policy file, a module store, or a policy management server. + * the binary policy file, a module store, or a policy management server. */ struct semanage_handle; typedef struct semanage_handle semanage_handle_t; @@ -48,7 +48,7 @@ enum semanage_connect_type { }; /* This function allows you to specify the store to connect to. - * It must be called after semanage_handle_create but before + * It must be called after semanage_handle_create but before * semanage_connect. The argument should be the full path to the store. */ extern void semanage_select_store(semanage_handle_t * handle, char *path, @@ -76,8 +76,8 @@ extern void semanage_set_check_ext_changes(semanage_handle_t * handle, int do_ch * Upon success returns 0, -1 on error. */ extern int semanage_get_hll_compiler_path(semanage_handle_t *sh, char *lang_ext, char **compiler_path); -/* create the store if it does not exist, this only has an effect on - * direct connections and must be called before semanage_connect +/* create the store if it does not exist, this only has an effect on + * direct connections and must be called before semanage_connect * 1 for yes, 0 for no (default) */ extern void semanage_set_create_store(semanage_handle_t * handle, int create_store); @@ -103,9 +103,9 @@ extern int semanage_set_default_priority(semanage_handle_t *sh, uint16_t priorit */ extern int semanage_is_managed(semanage_handle_t *); -/* "Connect" to a manager based on the configuration and +/* "Connect" to a manager based on the configuration and * associate the provided handle with the connection. - * If the connect fails then this function returns a negative value, + * If the connect fails then this function returns a negative value, * else it returns zero. */ extern int semanage_connect(semanage_handle_t *); diff --git a/libsemanage/include/semanage/modules.h b/libsemanage/include/semanage/modules.h index 14666f6d..0d482dae 100644 --- a/libsemanage/include/semanage/modules.h +++ b/libsemanage/include/semanage/modules.h @@ -29,7 +29,7 @@ typedef struct semanage_module_key semanage_module_key_t; /* High level module management functions. These are all part of - * a transaction + * a transaction */ extern int semanage_module_install(semanage_handle_t *, @@ -222,7 +222,7 @@ extern int semanage_module_set_enabled(semanage_handle_t *sh, /* Lookup @modinfo by @modkey. Caller should use * semanage_module_info_destroy and free on @modinfo. - * + * * Returns 0 on success and -1 on error. */ extern int semanage_module_get_module_info(semanage_handle_t *sh, @@ -242,7 +242,7 @@ extern int semanage_module_list_all(semanage_handle_t *sh, semanage_module_info_t **modinfos, int *modinfos_len); -/* Install the module indicated by @modinfo with input data from +/* Install the module indicated by @modinfo with input data from * @module_data with length @data_len. * * @modinfo must have all values filled in. diff --git a/libsemanage/include/semanage/semanage.h b/libsemanage/include/semanage/semanage.h index 04890148..9a55d110 100644 --- a/libsemanage/include/semanage/semanage.h +++ b/libsemanage/include/semanage/semanage.h @@ -3,7 +3,7 @@ * * Copyright (C) 2005 Tresys Technology, LLC * Copyright (C) 2005 Red Hat, Inc. - * + * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either diff --git a/libsemanage/man/man3/semanage_bool.3 b/libsemanage/man/man3/semanage_bool.3 index 67da6325..806fc187 100644 --- a/libsemanage/man/man3/semanage_bool.3 +++ b/libsemanage/man/man3/semanage_bool.3 @@ -1,6 +1,6 @@ .TH semanage_bool 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_bool \- SELinux Policy Booleans Management API .SH "SYNOPSIS" @@ -20,8 +20,8 @@ For details on a specific function, see its manual page. .SH "Record API Overview" -.HP -.BR semanage_bool_create "(3)" \- +.HP +.BR semanage_bool_create "(3)" \- .br create a boolean @@ -41,17 +41,17 @@ create a key, which can be used to identify a boolean release resources for this boolean key .HP -.BR semanage_bool_key_extract "(3)" \- +.BR semanage_bool_key_extract "(3)" \- .br create a key matching this boolean .HP -.BR semanage_bool_clone "(3)" \- +.BR semanage_bool_clone "(3)" \- .br create an identical boolean (deep-copy clone) .HP -.BR semanage_bool_compare "(3)" \- +.BR semanage_bool_compare "(3)" \- .br compare this boolean to the provided key @@ -87,7 +87,7 @@ set the value of this boolean .SH "Record Store API Overview" .HP -.BR semanage_bool_modify_local "(3)" \- +.BR semanage_bool_modify_local "(3)" \- .br add or update a boolean in the local store @@ -122,7 +122,7 @@ check if a boolean is defined in the currently active policy query a boolean in the persistent policy .HP -.BR semanage_bool_query_local "(3)" \- +.BR semanage_bool_query_local "(3)" \- .br query a boolean in the local store @@ -174,4 +174,4 @@ return an array containing all booleans in the local store .HP .BR semanage_bool_list_active "(3)" \- .br -return an array containing all booleans in the currently active policy +return an array containing all booleans in the currently active policy diff --git a/libsemanage/man/man3/semanage_bool_set_active.3 b/libsemanage/man/man3/semanage_bool_set_active.3 index d868fe86..2b6150a1 100644 --- a/libsemanage/man/man3/semanage_bool_set_active.3 +++ b/libsemanage/man/man3/semanage_bool_set_active.3 @@ -17,25 +17,25 @@ semanage_bool_set_active \- update an existing SELinux boolean in the currently .SH "DESCRIPTION" .TP .B Behavior: -The set function will fail if no matching key is found in the local store. Otherwise, the provided object will replace the current one. When -.BR semanage_commit "(3)" -is invoked, changes will be written permanently into the local store, and will be loaded into policy. Validity of the object being added is checked at commit time. +The set function will fail if no matching key is found in the local store. Otherwise, the provided object will replace the current one. When +.BR semanage_commit "(3)" +is invoked, changes will be written permanently into the local store, and will be loaded into policy. Validity of the object being added is checked at commit time. .TP .B Parameters: -The +The .I handle is used to track persistent state across semanage calls, and for error reporting. The -.I key -identifies the +.I key +identifies the .I data object, which will be written into the store. The key are data are properties of the caller, and are not stored or modified internally. .TP .B Requirements: -This function requires an semanage connection to be established (see +This function requires an semanage connection to be established (see .BR semanage_connect "(3)" -), and must be executed in a transaction (see +), and must be executed in a transaction (see .BR semanage_begin_transaction "(3)" ). diff --git a/libsemanage/man/man3/semanage_count.3 b/libsemanage/man/man3/semanage_count.3 index 6ff89be3..27696981 100644 --- a/libsemanage/man/man3/semanage_count.3 +++ b/libsemanage/man/man3/semanage_count.3 @@ -1,6 +1,6 @@ .TH semanage_count 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_count \- SELinux Management API .SH "SYNOPSIS" @@ -21,14 +21,14 @@ The count function will return the number of all objects in the selected locatio .TP .B Parameters: -The +The .I handle is used to track persistent state across semanage calls, and for error reporting. The number of objects will be stored at the location pointed by .I response. .TP .B Requirements: -This function requires an semanage connection to be established (see +This function requires an semanage connection to be established (see .BR semanage_connect "(3)" ) diff --git a/libsemanage/man/man3/semanage_del.3 b/libsemanage/man/man3/semanage_del.3 index 4dd0a771..7e6da477 100644 --- a/libsemanage/man/man3/semanage_del.3 +++ b/libsemanage/man/man3/semanage_del.3 @@ -1,6 +1,6 @@ .TH semanage_del 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_del \- SELinux Management API .SH "SYNOPSIS" @@ -17,25 +17,25 @@ Replace the function and object name as necessary. .SH "DESCRIPTION" .TP .B Behavior: -The delete function will remove the object corresponding to the provided key from the local store. If no match is found, no action is taken. Changes will become permanent when -.BR semanage_commit "(3)" -is invoked. Additional checks may be performed at that time to ensure the system is left in a valid state. +The delete function will remove the object corresponding to the provided key from the local store. If no match is found, no action is taken. Changes will become permanent when +.BR semanage_commit "(3)" +is invoked. Additional checks may be performed at that time to ensure the system is left in a valid state. .TP .B Parameters: -The +The .I handle is used to track persistent state across semanage calls, and for error reporting. The -.I key -identifies the +.I key +identifies the .I data object, which will be deleted from the local store. The key is a property of the caller, and will not be stored or modified internally. .TP .B Requirements: -This function requires an semanage connection to be established (see +This function requires an semanage connection to be established (see .BR semanage_connect "(3)" -), and must be executed in a transaction (see +), and must be executed in a transaction (see .BR semanage_begin_transaction "(3)" ). diff --git a/libsemanage/man/man3/semanage_exists.3 b/libsemanage/man/man3/semanage_exists.3 index 6d68c76e..a272a0b3 100644 --- a/libsemanage/man/man3/semanage_exists.3 +++ b/libsemanage/man/man3/semanage_exists.3 @@ -1,6 +1,6 @@ .TH semanage_exists 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_exists \- SELinux Management API .SH "SYNOPSIS" @@ -19,21 +19,21 @@ Replace the function and object name as necessary. .SH "DESCRIPTION" .TP .B Behavior: -The exists function will return 0 if a matching key is not found, and 1 otherwise. +The exists function will return 0 if a matching key is not found, and 1 otherwise. .TP .B Parameters: -The +The .I handle is used to track persistent state across semanage calls, and for error reporting. The -.I key -identifies the object being checked. The result of the test will be stored in the address pointed by +.I key +identifies the object being checked. The result of the test will be stored in the address pointed by .I response -The key is a property of the caller, and will not be stored or modified internally. +The key is a property of the caller, and will not be stored or modified internally. .TP .B Requirements: -This function requires an semanage connection to be established (see +This function requires an semanage connection to be established (see .BR semanage_connect "(3)" ) diff --git a/libsemanage/man/man3/semanage_fcontext.3 b/libsemanage/man/man3/semanage_fcontext.3 index 1f0bf320..96e300bf 100644 --- a/libsemanage/man/man3/semanage_fcontext.3 +++ b/libsemanage/man/man3/semanage_fcontext.3 @@ -1,6 +1,6 @@ .TH semanage_fcontext 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_fcontext \- SELinux File Context Management API .SH "SYNOPSIS" @@ -18,15 +18,15 @@ For details on a specific function, see its manual page. .SH "Record API Overview" -.HP -.BR semanage_fcontext_create "(3)" \- +.HP +.BR semanage_fcontext_create "(3)" \- .br create a file context spec .HP .BR semanage_fcontext_free "(3)" \- .br -release resources for this file context spec +release resources for this file context spec .HP .BR semanage_fcontext_key_create "(3)" \- @@ -39,17 +39,17 @@ create a key, which can be used to identify a file context spec release resources for this file context spec key .HP -.BR semanage_fcontext_key_extract "(3)" \- +.BR semanage_fcontext_key_extract "(3)" \- .br -create a key matching this file context spec +create a key matching this file context spec .HP -.BR semanage_fcontext_clone "(3)" \- +.BR semanage_fcontext_clone "(3)" \- .br create an identical file context spec (deep-copy clone) .HP -.BR semanage_fcontext_compare "(3)" \- +.BR semanage_fcontext_compare "(3)" \- .br compare this file context spec to the provided key @@ -100,7 +100,7 @@ set the SELinux context for this file context spec .SH "Record Store API Overview" .HP -.BR semanage_fcontext_modify_local "(3)" \- +.BR semanage_fcontext_modify_local "(3)" \- .br add or update a file context spec in the local store @@ -125,7 +125,7 @@ check if a file context spec is defined in the local store query a file context spec in the persistent policy .HP -.BR semanage_fcontext_query_local "(3)" \- +.BR semanage_fcontext_query_local "(3)" \- .br query a file context spec in the local store diff --git a/libsemanage/man/man3/semanage_iface.3 b/libsemanage/man/man3/semanage_iface.3 index 90af8b45..8a8437fd 100644 --- a/libsemanage/man/man3/semanage_iface.3 +++ b/libsemanage/man/man3/semanage_iface.3 @@ -1,6 +1,6 @@ .TH semanage_iface 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_iface \- SELinux Network Interfaces Management API .SH "SYNOPSIS" @@ -11,15 +11,15 @@ semanage_iface \- SELinux Network Interfaces Management API .B #include .PP -This object contains properties associated with a network interface. +This object contains properties associated with a network interface. .PP For details on a specific function, see its manual page. .SH "Record API Overview" -.HP -.BR semanage_iface_create "(3)" \- +.HP +.BR semanage_iface_create "(3)" \- .br create an interface @@ -39,17 +39,17 @@ create a key, which can be used to identify an interface release resources for this interface key .HP -.BR semanage_iface_key_extract "(3)" \- +.BR semanage_iface_key_extract "(3)" \- .br create a key matching this interface .HP -.BR semanage_iface_clone "(3)" \- +.BR semanage_iface_clone "(3)" \- .br create an identical interface (deep-copy clone) .HP -.BR semanage_iface_compare "(3)" \- +.BR semanage_iface_compare "(3)" \- .br compare this interface to the provided key @@ -61,14 +61,14 @@ compare this interface to another .SH "Properties API Overview" .HP -.BR semanage_iface_get_name "(3)" \- +.BR semanage_iface_get_name "(3)" \- .br -return the name of this interface +return the name of this interface .HP .BR semanage_iface_set_name "(3)" \- .br -set the name of this interface +set the name of this interface .HP .BR semanage_iface_get_ifcon "(3)" \- @@ -93,7 +93,7 @@ set the SELinux context associated with packets sent over this interface .SH "Record Store API Overview" .HP -.BR semanage_iface_modify_local "(3)" \- +.BR semanage_iface_modify_local "(3)" \- .br add or update an interface in the local store @@ -118,7 +118,7 @@ check if an interface is defined in the local store query an interface in the persistent policy .HP -.BR semanage_iface_query_local "(3)" \- +.BR semanage_iface_query_local "(3)" \- .br query an interface in the local store diff --git a/libsemanage/man/man3/semanage_iterate.3 b/libsemanage/man/man3/semanage_iterate.3 index 15281647..d45c43f0 100644 --- a/libsemanage/man/man3/semanage_iterate.3 +++ b/libsemanage/man/man3/semanage_iterate.3 @@ -1,6 +1,6 @@ .TH semanage_iterate 3 "15 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_iterate \- SELinux Management API .SH "SYNOPSIS" @@ -23,10 +23,10 @@ Replace the function and object name as necessary. .SH "DESCRIPTION" .TP .B Behavior: -The iterate function will execute the specified handler over all objects in the selected location. An arbitrary argument can be passed into the handler function along with each object. +The iterate function will execute the specified handler over all objects in the selected location. An arbitrary argument can be passed into the handler function along with each object. -The object passed in is property of the libsemanage library, and may not be modified or preserved - use -.B semanage_OBJECT_clone +The object passed in is property of the libsemanage library, and may not be modified or preserved - use +.B semanage_OBJECT_clone if that is necessary. The handler code may not invoke any semanage write requests for the same object type (i.e. modifying the underlying store is not allowed). The iterate function is reentrant only while inside a transaction (see @@ -35,17 +35,17 @@ The handler code may not invoke any semanage write requests for the same object .TP .B Parameters: -The +The .I handle is used to track persistent state across semanage calls, and for error reporting. The .I handler -is the function to execute, with +is the function to execute, with .I handler_arg as its second parameter, and each object as its first parameter. .TP .B Requirements: -This function requires an semanage connection to be established (see +This function requires an semanage connection to be established (see .BR semanage_connect "(3)" ) diff --git a/libsemanage/man/man3/semanage_list.3 b/libsemanage/man/man3/semanage_list.3 index 0e1ca7b4..9f0414e2 100644 --- a/libsemanage/man/man3/semanage_list.3 +++ b/libsemanage/man/man3/semanage_list.3 @@ -1,6 +1,6 @@ .TH semanage_list 3 "16 March 2006" "ivg2@cornell.edu" "SELinux managent API documentation" -.SH "NAME" +.SH "NAME" semanage_list \- SELinux Lists Management API .SH "SYNOPSIS" @@ -23,18 +23,18 @@ The list function will return an array of all the objects in the selected locati .TP .B Parameters: -The +The .I handle is used to track persistent state across semanage calls, and for error reporting. The function will allocate and populate the array of objects, and store it at the location pointed by .I objects. -It will write the number of objects at the location pointed by +It will write the number of objects at the location pointed by .I count. -The array, and all its objects become property of the caller. Each object must be freed with -.B semanage_OBJECT_free. +The array, and all its objects become property of the caller. Each object must be freed with +.B semanage_OBJECT_free. .TP .B Requirements: -This function requires an semanage connection to be established (see +This function requires an semanage connection to be established (see .BR semanage_connect "(3)" ) diff --git a/libsemanage/man/man3/semanage_modify.3 b/libsemanage/man/man3/semanage_modify.3 index ee239009..abcdce1c 100644 --- a/libsemanage/man/man3/semanage_modify.3 +++ b/libsemanage/man/man3/semanage_modify.3 @@ -1,6 +1,6 @@ .TH semanage_modify 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_modify \- SELinux Management API .SH "SYNOPSIS" @@ -20,24 +20,24 @@ Replace the function and object name as necessary. .TP .B Behavior: If a matching key is found in the local store, the provided object will replace the current one. Otherwise, it will be added to the store. When -.BR semanage_commit "(3)" +.BR semanage_commit "(3)" is invoked, changes will be permanently written into the local store, and then loaded into policy. Validity of the object being added is checked at commit time. Adding new objects with respect to policy is allowed, except in the case of booleans. Attempt to add new booleans with respect to policy will fail at commit time. .TP .B Parameters: -The +The .I handle is used to track persistent state across semanage calls, and for error reporting. The -.I key -identifies the +.I key +identifies the .I data object, which will be written into the store. The key are data are properties of the caller, and are not stored or modified internally. .TP .B Requirements: -This function requires an semanage connection to be established (see +This function requires an semanage connection to be established (see .BR semanage_connect "(3)" -), and must be executed in a transaction (see +), and must be executed in a transaction (see .BR semanage_begin_transaction "(3)" ). diff --git a/libsemanage/man/man3/semanage_node.3 b/libsemanage/man/man3/semanage_node.3 index 2df7a914..29be96e0 100644 --- a/libsemanage/man/man3/semanage_node.3 +++ b/libsemanage/man/man3/semanage_node.3 @@ -1,6 +1,6 @@ .TH semanage_node 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_node \- SELinux Network Nodes Management API .SH "SYNOPSIS" @@ -11,27 +11,27 @@ semanage_node \- SELinux Network Nodes Management API .B #include .PP -This object contains properties associated with a network node. +This object contains properties associated with a network node. .PP For details on a specific function, see its manual page. .SH "Record API Overview" -.HP -.BR semanage_node_create "(3)" \- +.HP +.BR semanage_node_create "(3)" \- .br -create a node +create a node .HP .BR semanage_node_free "(3)" \- .br -release resources for this node +release resources for this node .HP .BR semanage_node_key_create "(3)" \- .br -create a key, which can be used to identify a node +create a key, which can be used to identify a node .HP .BR semanage_node_key_free "(3)" \- @@ -39,17 +39,17 @@ create a key, which can be used to identify a node release resources for this node key .HP -.BR semanage_node_key_extract "(3)" \- +.BR semanage_node_key_extract "(3)" \- .br -create a key matching this node +create a key matching this node .HP -.BR semanage_node_clone "(3)" \- +.BR semanage_node_clone "(3)" \- .br create an identical node (deep-copy clone) .HP -.BR semanage_node_compare "(3)" \- +.BR semanage_node_compare "(3)" \- .br compare this node to the provided key @@ -61,7 +61,7 @@ compare this node to another .SH "Properties API Overview" .HP -.BR semanage_node_get_addr "(3)" \- +.BR semanage_node_get_addr "(3)" \- .br return the IP address of this node in string representation @@ -118,17 +118,17 @@ set the IP protocol version for this node .HP .BR semanage_node_get_con "(3)" \- .br -return the SELinux context associated with this node +return the SELinux context associated with this node .HP .BR semanage_node_set_con "(3)" \- .br -set the SELinux context associated with this node +set the SELinux context associated with this node .SH "Record Store API Overview" .HP -.BR semanage_node_modify_local "(3)" \- +.BR semanage_node_modify_local "(3)" \- .br add or update an interface in the local store @@ -153,7 +153,7 @@ check if an interface is defined in the local store query an interface in the persistent policy .HP -.BR semanage_node_query_local "(3)" \- +.BR semanage_node_query_local "(3)" \- .br query an interface in the local store diff --git a/libsemanage/man/man3/semanage_port.3 b/libsemanage/man/man3/semanage_port.3 index 3a4e6265..a8977d7e 100644 --- a/libsemanage/man/man3/semanage_port.3 +++ b/libsemanage/man/man3/semanage_port.3 @@ -1,6 +1,6 @@ .TH semanage_port 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_port \- SELinux Network Ports Management API .SH "SYNOPSIS" @@ -18,8 +18,8 @@ For details on a specific function, see its manual page. .SH "Record API Overview" -.HP -.BR semanage_port_create "(3)" \- +.HP +.BR semanage_port_create "(3)" \- .br create a port range @@ -39,17 +39,17 @@ create a key, which can be used to identify a port range release resources for this port range key .HP -.BR semanage_port_key_extract "(3)" \- +.BR semanage_port_key_extract "(3)" \- .br create a key matching this port range .HP -.BR semanage_port_clone "(3)" \- +.BR semanage_port_clone "(3)" \- .br create an identical port range (deep-copy clone) .HP -.BR semanage_port_compare "(3)" \- +.BR semanage_port_compare "(3)" \- .br compare this port range to the provided key @@ -109,7 +109,7 @@ set the SELinux context for this port range .SH "Record Store API Overview" .HP -.BR semanage_port_modify_local "(3)" \- +.BR semanage_port_modify_local "(3)" \- .br add or update a port range in the local store @@ -134,7 +134,7 @@ check if a port range is defined in the local store query a port range in the persistent policy .HP -.BR semanage_port_query_local "(3)" \- +.BR semanage_port_query_local "(3)" \- .br query a port range in the local store @@ -166,4 +166,4 @@ return an array containing all port ranges in the persistent policy .HP .BR semanage_port_list_local "(3)" \- .br -return an array containing all port ranges in the local store +return an array containing all port ranges in the local store diff --git a/libsemanage/man/man3/semanage_query.3 b/libsemanage/man/man3/semanage_query.3 index e61c8b8b..4e77870b 100644 --- a/libsemanage/man/man3/semanage_query.3 +++ b/libsemanage/man/man3/semanage_query.3 @@ -1,6 +1,6 @@ .TH semanage_query 3 "15 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_query \- SELinux Management API .SH "SYNOPSIS" @@ -19,22 +19,22 @@ Replace the function and object name as necessary. .SH "DESCRIPTION" .TP .B Behavior: -The query function will fail if a matching key is not found. Otherwise, the corresponding object is returned. +The query function will fail if a matching key is not found. Otherwise, the corresponding object is returned. .TP .B Parameters: -The +The .I handle is used to track persistent state across semanage calls, and for error reporting. The -.I key -identifies the object being queried, which will be stored in the address pointed by +.I key +identifies the object being queried, which will be stored in the address pointed by .I response -The key is a property of the caller, and will not be stored or modified internally. The object returned becomes a property of the caller, and must be freed with -.B semanage_OBJECT_free. +The key is a property of the caller, and will not be stored or modified internally. The object returned becomes a property of the caller, and must be freed with +.B semanage_OBJECT_free. .TP .B Requirements: -This function requires an semanage connection to be established (see +This function requires an semanage connection to be established (see .BR semanage_connect "(3)" ) diff --git a/libsemanage/man/man3/semanage_seuser.3 b/libsemanage/man/man3/semanage_seuser.3 index be0fa687..9e00b024 100644 --- a/libsemanage/man/man3/semanage_seuser.3 +++ b/libsemanage/man/man3/semanage_seuser.3 @@ -1,6 +1,6 @@ .TH semanage_seuser 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_seuser \- Linux UID to SELinux User Management API .SH "SYNOPSIS" @@ -11,17 +11,17 @@ semanage_seuser \- Linux UID to SELinux User Management API .B #include .PP -This object contains properties associated with a Unix user. Typically many Unix users are mapped to the same SELinux user. See +This object contains properties associated with a Unix user. Typically many Unix users are mapped to the same SELinux user. See .BR semanage_user "(3)" -for overview of the SELinux user API. +for overview of the SELinux user API. .PP For details on a specific function, see its manual page. .SH "Record API Overview" -.HP -.BR semanage_seuser_create "(3)" \- +.HP +.BR semanage_seuser_create "(3)" \- .br create a seuser @@ -33,7 +33,7 @@ release resources for this seuser .HP .BR semanage_seuser_key_create "(3)" \- .br -create a key, which can be used to identify a seuser +create a key, which can be used to identify a seuser .HP .BR semanage_seuser_key_free "(3)" \- @@ -41,17 +41,17 @@ create a key, which can be used to identify a seuser release resources for this seuser key .HP -.BR semanage_seuser_key_extract "(3)" \- +.BR semanage_seuser_key_extract "(3)" \- .br -create a key matching this seuser +create a key matching this seuser .HP -.BR semanage_seuser_clone "(3)" \- +.BR semanage_seuser_clone "(3)" \- .br create an identical seuser (deep-copy clone) .HP -.BR semanage_seuser_compare "(3)" \- +.BR semanage_seuser_compare "(3)" \- .br compare this seuser to the provided key @@ -63,7 +63,7 @@ compare this seuser to another .SH "Properties API Overview" .HP -.BR semanage_seuser_get_name "(3)" \- +.BR semanage_seuser_get_name "(3)" \- .br return the name of this seuser @@ -95,7 +95,7 @@ set the range of valid MLS sensitivities and categories for this user .SH "Record Store API Overview" .HP -.BR semanage_seuser_modify_local "(3)" \- +.BR semanage_seuser_modify_local "(3)" \- .br add or update a seuser in the local store @@ -120,7 +120,7 @@ check if a seuser is defined in the local store query a seuser in the persistent policy .HP -.BR semanage_seuser_query_local "(3)" \- +.BR semanage_seuser_query_local "(3)" \- .br query a seuser in the local store diff --git a/libsemanage/man/man3/semanage_user.3 b/libsemanage/man/man3/semanage_user.3 index 6102dd5b..1304f0fa 100644 --- a/libsemanage/man/man3/semanage_user.3 +++ b/libsemanage/man/man3/semanage_user.3 @@ -1,6 +1,6 @@ .TH semanage_user 3 "16 March 2006" "ivg2@cornell.edu" "Libsemanage API documentation" -.SH "NAME" +.SH "NAME" semanage_user \- SELinux User Management API .SH "SYNOPSIS" @@ -11,20 +11,20 @@ semanage_user \- SELinux User Management API .B #include .PP -This object contains properties associated with a SELinux user. -Typically many Unix users are mapped to the same SELinux user. See +This object contains properties associated with a SELinux user. +Typically many Unix users are mapped to the same SELinux user. See .BR semanage_seuser "(3)" -for overview of the Unix user API. +for overview of the Unix user API. .PP For details on a specific function, see its manual page. .SH "Record API Overview" -.HP -.BR semanage_user_create "(3)" \- +.HP +.BR semanage_user_create "(3)" \- .br -create a user +create a user .HP .BR semanage_user_free "(3)" \- @@ -42,17 +42,17 @@ create a key, which can be used to identify a user release resources for this user key .HP -.BR semanage_user_key_extract "(3)" \- +.BR semanage_user_key_extract "(3)" \- .br create a key matching this user .HP -.BR semanage_user_clone "(3)" \- +.BR semanage_user_clone "(3)" \- .br create an identical user (deep-copy clone) .HP -.BR semanage_user_compare "(3)" \- +.BR semanage_user_compare "(3)" \- .br compare this user to the provided key @@ -64,7 +64,7 @@ compare this user to another .SH "Properties API Overview" .HP -.BR semanage_user_get_name "(3)" \- +.BR semanage_user_get_name "(3)" \- .br return the name of this user @@ -135,7 +135,7 @@ set the roles for this user .SH "Record Store API Overview" .HP -.BR semanage_user_modify_local "(3)" \- +.BR semanage_user_modify_local "(3)" \- .br add or update a user in the local store @@ -160,7 +160,7 @@ check if a user is defined in the local store query a user in the persistent policy .HP -.BR semanage_user_query_local "(3)" \- +.BR semanage_user_query_local "(3)" \- .br query a user in the local store diff --git a/libsemanage/man/man5/semanage.conf.5 b/libsemanage/man/man5/semanage.conf.5 index 380b58be..e6e8e27a 100644 --- a/libsemanage/man/man5/semanage.conf.5 +++ b/libsemanage/man/man5/semanage.conf.5 @@ -17,7 +17,7 @@ The following parameters are allowed: .RS .TP -.B module-store +.B module-store Specify how the SELinux Management library should interact with the SELinux policy store. When set to "direct", the SELinux Management library writes to the SELinux policy module store directly (this is the default setting). Otherwise a socket path or a server name can be used for the argument. @@ -45,7 +45,7 @@ Whether or not to ignore the cache of CIL modules compiled from HLL. It can be s If the cache is ignored, then all CIL modules are recompiled from their HLL modules. .TP -.B policy-version +.B policy-version When generating the policy, by default .BR semanage will set the policy version to POLICYDB_VERSION_MAX, as defined in . Change this setting if a different @@ -78,11 +78,11 @@ It can be set to either "true" or "false" and by default it is set to "false" (t .TP .B ignoredirs -List, separated by ";", of directories to ignore when setting up users homedirs. -Some distributions use this to stop labeling /root as a homedir. +List, separated by ";", of directories to ignore when setting up users homedirs. +Some distributions use this to stop labeling /root as a homedir. .TP -.B usepasswd +.B usepasswd Whether or not to enable the use getpwent() to obtain a list of home directories to label. It can be set to either "true" or "false". By default it is set to "true". diff --git a/libsemanage/src/Makefile b/libsemanage/src/Makefile index d5259967..8dfbd762 100644 --- a/libsemanage/src/Makefile +++ b/libsemanage/src/Makefile @@ -43,9 +43,9 @@ SWIGRUBYIF= semanageswig_ruby.i SWIGCOUT= semanageswig_wrap.c SWIGRUBYCOUT= semanageswig_ruby_wrap.c SWIGLOBJ:= $(patsubst %.c,$(PYPREFIX)%.lo,$(SWIGCOUT)) -SWIGRUBYLOBJ:= $(patsubst %.c,$(RUBYPREFIX)%.lo,$(SWIGRUBYCOUT)) +SWIGRUBYLOBJ:= $(patsubst %.c,$(RUBYPREFIX)%.lo,$(SWIGRUBYCOUT)) SWIGSO=$(PYPREFIX)_semanage.so -SWIGFILES=$(SWIGSO) semanage.py +SWIGFILES=$(SWIGSO) semanage.py SWIGRUBYSO=$(RUBYPREFIX)_semanage.so LIBSO=$(TARGET).$(LIBVERSION) @@ -107,7 +107,7 @@ conf-parse.c: conf-parse.y conf-parse.h: conf-parse.c -%.o: %.c +%.o: %.c $(CC) $(CPPFLAGS) $(CFLAGS) -c -o $@ $< %.lo: %.c @@ -134,7 +134,7 @@ $(SWIGRUBYCOUT): $(SWIGRUBYIF) swigify: $(SWIGIF) $(SWIG) $< -install: all +install: all test -d $(DESTDIR)$(LIBDIR) || install -m 755 -d $(DESTDIR)$(LIBDIR) install -m 644 $(LIBA) $(DESTDIR)$(LIBDIR) install -m 755 $(LIBSO) $(DESTDIR)$(LIBDIR) @@ -143,20 +143,20 @@ install: all test -f $(DESTDIR)$(DEFAULT_SEMANAGE_CONF_LOCATION) || install -m 644 -D semanage.conf $(DESTDIR)$(DEFAULT_SEMANAGE_CONF_LOCATION) cd $(DESTDIR)$(LIBDIR) && ln -sf $(LIBSO) $(TARGET) -install-pywrap: pywrap +install-pywrap: pywrap test -d $(DESTDIR)$(PYTHONLIBDIR) || install -m 755 -d $(DESTDIR)$(PYTHONLIBDIR) install -m 755 $(SWIGSO) $(DESTDIR)$(PYTHONLIBDIR)/_semanage$(PYCEXT) install -m 644 semanage.py $(DESTDIR)$(PYTHONLIBDIR) install-rubywrap: rubywrap - test -d $(DESTDIR)$(RUBYINSTALL) || install -m 755 -d $(DESTDIR)$(RUBYINSTALL) + test -d $(DESTDIR)$(RUBYINSTALL) || install -m 755 -d $(DESTDIR)$(RUBYINSTALL) install -m 755 $(SWIGRUBYSO) $(DESTDIR)$(RUBYINSTALL)/semanage.so relabel: /sbin/restorecon $(DESTDIR)$(LIBDIR)/$(LIBSO) -clean: +clean: -rm -f $(LIBPC) $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(SWIGRUBYSO) $(TARGET) conf-parse.c conf-parse.h conf-scan.c *.o *.lo *~ distclean: clean diff --git a/libsemanage/src/booleans_activedb.c b/libsemanage/src/booleans_activedb.c index 9bcc9d71..6ebb520b 100644 --- a/libsemanage/src/booleans_activedb.c +++ b/libsemanage/src/booleans_activedb.c @@ -106,7 +106,7 @@ static int bool_commit_list(semanage_handle_t * handle, for (i = 0; i < count; i++) { name = semanage_bool_get_name(booleans[i]); if (!name) - goto omem; + goto omem; newvalue = semanage_bool_get_value(booleans[i]); curvalue = security_get_boolean_active(name); if (newvalue == curvalue) diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y index eac91344..8cfbd580 100644 --- a/libsemanage/src/conf-parse.y +++ b/libsemanage/src/conf-parse.y @@ -177,7 +177,7 @@ save_previous: SAVE_PREVIOUS '=' ARG { if (strcasecmp($3, "true") == 0) current_conf->save_previous = 1; else if (strcasecmp($3, "false") == 0) - current_conf->save_previous = 0; + current_conf->save_previous = 0; else { yyerror("save-previous can only be 'true' or 'false'"); } @@ -190,7 +190,7 @@ save_linked: SAVE_LINKED '=' ARG { if (strcasecmp($3, "true") == 0) current_conf->save_linked = 1; else if (strcasecmp($3, "false") == 0) - current_conf->save_linked = 0; + current_conf->save_linked = 0; else { yyerror("save-linked can only be 'true' or 'false'"); } @@ -280,7 +280,7 @@ optimize_policy: OPTIMIZE_POLICY '=' ARG { free($3); } -command_block: +command_block: command_start external_opts BLOCK_END { if (new_external->path == NULL) { parse_errors++; diff --git a/libsemanage/src/database.h b/libsemanage/src/database.h index a1cd32b8..8bd894df 100644 --- a/libsemanage/src/database.h +++ b/libsemanage/src/database.h @@ -30,7 +30,7 @@ typedef struct record_table { /* Free record key */ void (*key_free) (record_key_t * key); - /* Return 0 if the record matches the key, + /* Return 0 if the record matches the key, * -1 if the key represents a record that should * be ordered before this record, and 1 if vice-versa */ int (*compare) (const record_t * rec, const record_key_t * key); @@ -60,7 +60,7 @@ typedef struct dbase_table { /* --------------- Database Functionality ----------- */ /* Note: In all the functions below, the key is property - * of the caller, and will not be modified by the database. + * of the caller, and will not be modified by the database. * In add/set/modify, the data is also property of the caller */ /* Add the specified record to @@ -69,8 +69,8 @@ typedef struct dbase_table { dbase_t * dbase, const record_key_t * key, const record_t * data); - /* Add the specified record to the - * database if it not present. + /* Add the specified record to the + * database if it not present. * If it's present, replace it */ int (*modify) (struct semanage_handle * handle, @@ -89,12 +89,12 @@ typedef struct dbase_table { dbase_t * dbase, const record_key_t * key); /* Clear all records, and leave the database in - * cached, modified state. This function does + * cached, modified state. This function does * not require a call to cache() */ int (*clear) (struct semanage_handle * handle, dbase_t * dbase); - /* Retrieve a record - * + /* Retrieve a record + * * Note: the resultant record * becomes property of the caller, and * must be freed accordingly */ @@ -112,17 +112,17 @@ typedef struct dbase_table { int (*count) (struct semanage_handle * handle, dbase_t * dbase, unsigned int *response); - /* Execute the specified handler over + /* Execute the specified handler over * the records of this database. The handler * can signal a successful exit by returning 1, * an error exit by returning -1, and continue by * returning 0 - * + * * Note: The record passed into the iterate handler * may or may not persist after the handler invocation, * and writing to it has unspecified behavior. It *must* * be cloned if modified, or preserved. - * + * * Note: The iterate handler may not invoke any other * semanage read functions outside a transaction. It is only * reentrant while in transaction. The iterate handler may @@ -134,9 +134,9 @@ typedef struct dbase_table { void *varg), void *fn_arg); /* Construct a list of all records in this database - * + * * Note: The list returned becomes property of the caller, - * and must be freed accordingly. + * and must be freed accordingly. */ int (*list) (struct semanage_handle * handle, dbase_t * dbase, diff --git a/libsemanage/src/database_activedb.c b/libsemanage/src/database_activedb.c index 1cce0b82..fa6b6105 100644 --- a/libsemanage/src/database_activedb.c +++ b/libsemanage/src/database_activedb.c @@ -1,7 +1,7 @@ /* Copyright (C) 2005 Red Hat, Inc. */ /* Object: dbase_activedb_t (Active/Kernel) - * Extends: dbase_llist_t (Linked List) + * Extends: dbase_llist_t (Linked List) * Implements: dbase_t (Database) */ @@ -20,7 +20,7 @@ typedef struct dbase_activedb dbase_t; /* ACTIVEDB dbase */ struct dbase_activedb { - /* Parent object - must always be + /* Parent object - must always be * the first field - here we are using * a linked list to store the records */ dbase_llist_t llist; diff --git a/libsemanage/src/database_file.c b/libsemanage/src/database_file.c index a51269e7..a7773fb5 100644 --- a/libsemanage/src/database_file.c +++ b/libsemanage/src/database_file.c @@ -1,7 +1,7 @@ /* Copyright (C) 2005 Red Hat, Inc. */ /* Object: dbase_file_t (File) - * Extends: dbase_llist_t (Linked List) + * Extends: dbase_llist_t (Linked List) * Implements: dbase_t (Database) */ @@ -25,7 +25,7 @@ typedef struct dbase_file dbase_t; /* FILE dbase */ struct dbase_file { - /* Parent object - must always be + /* Parent object - must always be * the first field - here we are using * a linked list to store the records */ dbase_llist_t llist; diff --git a/libsemanage/src/database_join.c b/libsemanage/src/database_join.c index a49a6226..2a2008e8 100644 --- a/libsemanage/src/database_join.c +++ b/libsemanage/src/database_join.c @@ -1,7 +1,7 @@ /* Copyright (C) 2005 Red Hat, Inc. */ /* Object: dbase_join_t (Join) - * Extends: dbase_llist_t (Linked List) + * Extends: dbase_llist_t (Linked List) * Implements: dbase_t (Database) */ @@ -20,7 +20,7 @@ typedef struct dbase_join dbase_t; /* JOIN dbase */ struct dbase_join { - /* Parent object - must always be + /* Parent object - must always be * the first field - here we are using * a linked list to store the records */ dbase_llist_t llist; @@ -194,7 +194,7 @@ static int dbase_join_flush(semanage_handle_t * handle, dbase_join_t * dbase) /* Then clear all records from the cache. * This is *not* the same as dropping the cache - it's an explicit - * request to delete all current records. We need to do + * request to delete all current records. We need to do * this because we don't store delete deltas for the join, * so we must re-add all records from scratch */ if (dtable1->clear(handle, dbase1) < 0) diff --git a/libsemanage/src/database_policydb.c b/libsemanage/src/database_policydb.c index 748a6ed6..95418365 100644 --- a/libsemanage/src/database_policydb.c +++ b/libsemanage/src/database_policydb.c @@ -109,7 +109,7 @@ static int dbase_policydb_cache(semanage_handle_t * handle, goto err; } - /* Try opening file + /* Try opening file * ENOENT is not fatal - we just create an empty policydb */ fp = fopen(fname, "rb"); if (fp == NULL && errno != ENOENT) { diff --git a/libsemanage/src/database_policydb.h b/libsemanage/src/database_policydb.h index f782e0d5..8cb66f71 100644 --- a/libsemanage/src/database_policydb.h +++ b/libsemanage/src/database_policydb.h @@ -68,7 +68,7 @@ typedef int (*record_policydb_table_iterate_t) (sepol_handle_t * h, typedef struct record_policydb_table { /* Add policy record */ record_policydb_table_add_t add; - /* Modify policy record, or add if + /* Modify policy record, or add if * the key isn't found */ record_policydb_table_modify_t modify; /* Set policy record */ diff --git a/libsemanage/src/debug.c b/libsemanage/src/debug.c index 3c345462..902ab5a5 100644 --- a/libsemanage/src/debug.c +++ b/libsemanage/src/debug.c @@ -1,6 +1,6 @@ /* Author: Joshua Brindle - * Ivan Gyurdiev + * Ivan Gyurdiev * * Copyright (C) 2004-2005 Tresys Technology, LLC * Copyright (C) 2005 Red Hat Inc. diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index 7631c7bf..84c31399 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -3,7 +3,7 @@ * * Copyright (C) 2004-2006 Tresys Technology, LLC * Copyright (C) 2005 Red Hat, Inc. - * + * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either @@ -514,7 +514,7 @@ static int semanage_direct_update_user_extra(semanage_handle_t * sh, cil_db_t *c goto cleanup; pusers_extra->dtable->drop_cache(pusers_extra->dbase); - + } else { retval = pusers_extra->dtable->clear(sh, pusers_extra->dbase); } @@ -1509,8 +1509,8 @@ static int semanage_direct_commit(semanage_handle_t * sh) /* ======= Post-process: Validate non-policydb components ===== */ /* Validate local modifications to file contexts. - * Note: those are still cached, even though they've been - * merged into the main file_contexts. We won't check the + * Note: those are still cached, even though they've been + * merged into the main file_contexts. We won't check the * large file_contexts - checked at compile time */ if (do_rebuild || fcontexts_modified) { retval = semanage_fcontext_validate_local(sh, out); @@ -1603,7 +1603,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) See /etc/selinux/semanage.conf if you need to enable it."); } - /* free out, if we don't free it before calling semanage_install_sandbox + /* free out, if we don't free it before calling semanage_install_sandbox * then fork() may fail on low memory machines */ sepol_policydb_free(out); out = NULL; @@ -2735,7 +2735,7 @@ cleanup: if (modinfos != NULL) { for (i = 0; i < *modinfos_len; i++) { semanage_module_info_destroy( - sh, + sh, &(*modinfos)[i]); } free(*modinfos); @@ -2846,7 +2846,7 @@ static int semanage_direct_install_info(semanage_handle_t *sh, status = -3; goto cleanup; } - + /* if this is an HLL, delete the CIL cache if it exists so it will get recompiled */ if (type == SEMANAGE_MODULE_PATH_HLL) { ret = semanage_module_get_path( @@ -2992,4 +2992,3 @@ cleanup: return status; } - diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index ecb34fc7..ede2d67d 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -145,7 +145,7 @@ static void ignore_free(void) { static int ignore_setup(char *ignoredirs) { char *tok; - ignoredir_t *ptr = NULL; + ignoredir_t *ptr = NULL; tok = strtok(ignoredirs, ";"); while(tok) { @@ -1372,7 +1372,7 @@ done: int semanage_genhomedircon(semanage_handle_t * sh, sepol_policydb_t * policydb, - int usepasswd, + int usepasswd, char *ignoredirs) { genhomedircon_settings_t s; diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c index b2201ee3..c489a75f 100644 --- a/libsemanage/src/handle.c +++ b/libsemanage/src/handle.c @@ -3,7 +3,7 @@ * * Copyright (C) 2004-2005 Tresys Technology, LLC * Copyright (C) 2005 Red Hat, Inc. - * + * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either @@ -207,7 +207,7 @@ int semanage_get_disable_dontaudit(semanage_handle_t * sh) void semanage_set_disable_dontaudit(semanage_handle_t * sh, int disable_dontaudit) { assert(sh != NULL); - + sepol_set_disable_dontaudit(sh->sepolh, disable_dontaudit); return; } @@ -279,7 +279,7 @@ void semanage_select_store(semanage_handle_t * sh, char *storename, assert(sh != NULL); - /* This just sets the storename to what the user requests, no + /* This just sets the storename to what the user requests, no verification of existence will be done until connect */ free(sh->conf->store_path); sh->conf->store_path = strdup(storename); diff --git a/libsemanage/src/handle.h b/libsemanage/src/handle.h index c7f4e903..2853ca39 100644 --- a/libsemanage/src/handle.h +++ b/libsemanage/src/handle.h @@ -1,7 +1,7 @@ /* Author: Joshua Brindle * Jason Tang * Ivan Gyurdiev - * + * * Copyright (C) 2005 Tresys Technology, LLC * Copyright (C) 2005 Red Hat Inc. * diff --git a/libsemanage/src/parse_utils.h b/libsemanage/src/parse_utils.h index 3e44aca1..52408373 100644 --- a/libsemanage/src/parse_utils.h +++ b/libsemanage/src/parse_utils.h @@ -45,12 +45,12 @@ extern int parse_assert_noeof(semanage_handle_t * handle, parse_info_t * info); * otherwise eat the whitespace */ extern int parse_assert_space(semanage_handle_t * handle, parse_info_t * info); -/* Throw an error if the specified character +/* Throw an error if the specified character * does not follow, otherwise eat that character */ extern int parse_assert_ch(semanage_handle_t * handle, parse_info_t * info, const char ch); -/* Throw an error if the specified string +/* Throw an error if the specified string * does not follow is not found, otherwise * eat the string */ extern int parse_assert_str(semanage_handle_t * handle, diff --git a/libsemanage/src/policy_components.c b/libsemanage/src/policy_components.c index 896ac512..69835550 100644 --- a/libsemanage/src/policy_components.c +++ b/libsemanage/src/policy_components.c @@ -113,7 +113,7 @@ int semanage_base_merge_components(semanage_handle_t * handle) int rc = STATUS_SUCCESS; /* Order is important here - change things carefully. - * System components first, local next. Verify runs with + * System components first, local next. Verify runs with * mutual dependencies are ran after everything is merged */ load_table_t components[] = { diff --git a/libsemanage/src/ports_file.c b/libsemanage/src/ports_file.c index 1356021a..90909eb4 100644 --- a/libsemanage/src/ports_file.c +++ b/libsemanage/src/ports_file.c @@ -101,7 +101,7 @@ static int port_parse(semanage_handle_t * handle, if (parse_fetch_int(handle, info, &low, '-') < 0) goto err; - /* If range (-) does not follow immediately, require a space + /* If range (-) does not follow immediately, require a space * In other words, the space here is optional, but only * in the ranged case, not in the single port case, * so do a custom test */ diff --git a/libsemanage/src/ports_local.c b/libsemanage/src/ports_local.c index e7e9bdbf..0261b07f 100644 --- a/libsemanage/src/ports_local.c +++ b/libsemanage/src/ports_local.c @@ -97,7 +97,7 @@ int semanage_port_validate_local(semanage_handle_t * handle) const char *proto_str2; int proto2, low2, high2; - /* Find the first port with matching + /* Find the first port with matching protocol to compare against */ do { if (j == nports - 1) @@ -119,8 +119,8 @@ int semanage_port_validate_local(semanage_handle_t * handle) } /* If closest port of matching protocol doesn't overlap with - * test port, neither do the rest of them, because that's - * how the sort function works on ports - lower bound + * test port, neither do the rest of them, because that's + * how the sort function works on ports - lower bound * ports come first */ next: i++; diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 0ac2e5b2..aa5f4961 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -187,7 +187,7 @@ static int semanage_init_paths(const char *root) return 0; } -/* This initializes the paths inside the stores, this is only necessary +/* This initializes the paths inside the stores, this is only necessary * when directly accessing the store */ static int semanage_init_store_paths(const char *root) @@ -649,7 +649,7 @@ int semanage_create_store(semanage_handle_t * sh, int create) } /* returns <0 if the active store cannot be read or doesn't exist - * 0 if the store exists but the lock file cannot be accessed + * 0 if the store exists but the lock file cannot be accessed * SEMANAGE_CAN_READ if the store can be read and the lock file used * SEMANAGE_CAN_WRITE if the modules directory and binary policy dir can be written to */ @@ -732,7 +732,7 @@ int semanage_copy_file(const char *src, const char *dst, mode_t mode, if (!mode) mode = S_IRUSR | S_IWUSR; - + mask = umask(0); if ((out = open(tmp, O_WRONLY | O_CREAT | O_TRUNC, mode)) == -1) { umask(mask); @@ -1496,7 +1496,7 @@ static int semanage_exec_prog(semanage_handle_t * sh, return WEXITSTATUS(status); } -/* reloads the policy pointed to by the handle, used locally by install +/* reloads the policy pointed to by the handle, used locally by install * and exported for user reload requests */ int semanage_reload_policy(semanage_handle_t * sh) { @@ -2106,8 +2106,8 @@ int semanage_load_files(semanage_handle_t * sh, cil_db_t *cildb, char **filename return 0; } -/* - * Expands the policy contained within *base +/* + * Expands the policy contained within *base */ /** @@ -2291,7 +2291,7 @@ static void semanage_fc_node_list_destroy(semanage_file_context_node_t * x) } } -/* Free the linked list of buckets (and their node lists) +/* Free the linked list of buckets (and their node lists) * starting at the given bucket. */ static void semanage_fc_bucket_list_destroy(semanage_file_context_bucket_t * x) { @@ -2319,7 +2319,7 @@ static void semanage_fc_bucket_list_destroy(semanage_file_context_bucket_t * x) * -> a is less specific than b. * If a does not have a specified type and b does not, * -> a is less specific than b. - * FIXME: These heuristics are imperfect, but good enough for + * FIXME: These heuristics are imperfect, but good enough for * now. A proper comparison would determine which (if either) * regular expression is a subset of the other. */ @@ -2357,13 +2357,13 @@ static int semanage_fc_compare(semanage_file_context_node_t * a, if (!b->file_type && a->file_type) return 1; - /* If none of the above conditions were satisfied, + /* If none of the above conditions were satisfied, * then a and b are equally specific. */ return 0; } /* Merges two sorted file context linked lists into a single sorted one. - * The left list is assumed to represent nodes that came first in the original ordering. + * The left list is assumed to represent nodes that came first in the original ordering. * The final sorted list is returned. */ static semanage_file_context_node_t @@ -2415,9 +2415,9 @@ static semanage_file_context_node_t * This is a stable implementation of an iterative merge sort. * Each bucket initially has a linked list of file contexts * that are 1 node long. - * Each pass, buckets (and the nodes they contain) are merged + * Each pass, buckets (and the nodes they contain) are merged * two at time. - * Buckets are merged until there is only one bucket left, + * Buckets are merged until there is only one bucket left, * containing the list of file contexts, sorted. */ static void semanage_fc_merge_sort(semanage_file_context_bucket_t * main) @@ -2430,9 +2430,9 @@ static void semanage_fc_merge_sort(semanage_file_context_bucket_t * main) while (main->next) { current = main; - /* Merge buckets two-by-two. - * If there is an odd number of buckets, the last - * bucket will be left alone, which corresponds + /* Merge buckets two-by-two. + * If there is an odd number of buckets, the last + * bucket will be left alone, which corresponds * to the operation of merging it with an empty bucket. */ while (current) { if (current->next) { @@ -2444,7 +2444,7 @@ static void semanage_fc_merge_sort(semanage_file_context_bucket_t * main) /* Free the (now empty) second bucket. * (This does not touch the node list - * in the bucket because it has been + * in the bucket because it has been * shifted over to the first bucket. */ free(temp); } @@ -2453,8 +2453,8 @@ static void semanage_fc_merge_sort(semanage_file_context_bucket_t * main) } } -/* Compute the location of the first regular expression - * meta character in the path of the given node, if it exists. +/* Compute the location of the first regular expression + * meta character in the path of the given node, if it exists. * On return: * fc_node->meta = position of meta character, if it exists * (-1 corresponds to no character) @@ -2515,7 +2515,7 @@ static char *semanage_strnchr(const char *buf, size_t buf_len, char c) } /* Returns a pointer to the end of line character in the given buffer. - * Used in the context of a file context char buffer that we will be + * Used in the context of a file context char buffer that we will be * parsing and sorting. */ static char *semanage_get_line_end(const char *buf, size_t buf_len) @@ -2540,7 +2540,7 @@ static char *semanage_get_line_end(const char *buf, size_t buf_len) * Returns 0 on success, -1 on failure. * Allocates a buffer pointed to by sorted_buf that contains the sorted lines. * sorted_buf_len is set to the size of this buffer. - * This buffer is guaranteed to have a final \0 character. + * This buffer is guaranteed to have a final \0 character. * This buffer must be released by the caller. */ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, @@ -2573,7 +2573,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, return -1; } - /* Initialize the head of the linked list + /* Initialize the head of the linked list * that will contain a node for each file context line. */ head = current = (semanage_file_context_node_t *) calloc(1, @@ -2643,7 +2643,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, escape_chars++; just_saw_escape = 1; } else { - /* We're looking at an escaped + /* We're looking at an escaped escape. Reset our flag. */ just_saw_escape = 0; } @@ -2792,7 +2792,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, /* Sort the bucket list. */ semanage_fc_merge_sort(main); - /* First, calculate how much space we'll need for + /* First, calculate how much space we'll need for * the newly sorted block of data. (We don't just * use buf_len for this because we have extracted * comments and whitespace.) */ @@ -2880,7 +2880,7 @@ static void semanage_nc_destroy_ruletab(semanage_netfilter_context_node_t * * Returns 0 on success, -1 on failure. * Allocates a buffer pointed to by sorted_buf that contains the sorted lines. * sorted_buf_len is set to the size of this buffer. - * This buffer is guaranteed to have a final \0 character. + * This buffer is guaranteed to have a final \0 character. * This buffer must be released by the caller. */ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, @@ -2994,7 +2994,7 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, line_buf = line_end + 1; } - /* First, calculate how much space we'll need for + /* First, calculate how much space we'll need for * the newly sorted block of data. (We don't just * use buf_len for this because we have extracted * comments and whitespace.) Start at 1 for trailing \0 */ diff --git a/libsemanage/src/semanageswig.i b/libsemanage/src/semanageswig.i index ebf39cfb..9c198e5a 100644 --- a/libsemanage/src/semanageswig.i +++ b/libsemanage/src/semanageswig.i @@ -2,7 +2,7 @@ * * Copyright (C) 2004-2005 Tresys Technology, LLC * Copyright (C) 2006 Red Hat, Inc. - * + * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either diff --git a/libsemanage/src/semanageswig_python.i b/libsemanage/src/semanageswig_python.i index 0e27424f..0ca09763 100644 --- a/libsemanage/src/semanageswig_python.i +++ b/libsemanage/src/semanageswig_python.i @@ -2,7 +2,7 @@ * * Copyright (C) 2004-2005 Tresys Technology, LLC * Copyright (C) 2006 Red Hat, Inc - * + * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either @@ -36,34 +36,34 @@ /* There are two ways to call this function: * One is with a valid swig_type and destructor. - * Two is with a NULL swig_type and NULL destructor. - * + * Two is with a NULL swig_type and NULL destructor. + * * In the first mode, the function converts - * an array of *cloned* objects [of the given pointer swig type] - * into a PyList, and destroys the array in the process + * an array of *cloned* objects [of the given pointer swig type] + * into a PyList, and destroys the array in the process * (the objects pointers are preserved). * * In the second mode, the function converts * an array of *constant* strings into a PyList, and destroys - * the array in the process + * the array in the process * (the strings are copied, originals not freed). */ static int semanage_array2plist( semanage_handle_t* handle, - void** arr, - unsigned int asize, + void** arr, + unsigned int asize, swig_type_info* swig_type, - void (*destructor) (void*), + void (*destructor) (void*), PyObject** result) { - + PyObject* plist = PyList_New(0); unsigned int i; - if (!plist) + if (!plist) goto err; - + for (i = 0; i < asize; i++) { - + PyObject* obj = NULL; /* NULL indicates string conversion, @@ -71,31 +71,31 @@ if (!swig_type) obj = SWIG_FromCharPtr(arr[i]); else - obj = SWIG_NewPointerObj(arr[i], swig_type, 0); + obj = SWIG_NewPointerObj(arr[i], swig_type, 0); - if (!obj) + if (!obj) goto err; - if (PyList_Append(plist, obj) < 0) + if (PyList_Append(plist, obj) < 0) goto err; } free(arr); - - *result = plist; + + *result = plist; return STATUS_SUCCESS; err: - for (i = 0; i < asize; i++) + for (i = 0; i < asize; i++) if (destructor) destructor(arr[i]); free(arr); return STATUS_ERR; } -%} +%} /* a few helpful typemaps are available in this library */ %include -/* wrap all int*'s so they can be used for results +/* wrap all int*'s so they can be used for results if it becomes necessary to send in data this should be changed to INOUT */ %apply int *OUTPUT { int * }; %apply int *OUTPUT { size_t * }; @@ -122,10 +122,10 @@ %typemap(argout) ( semanage_handle_t* handle, const semanage_user_t* user, - const char*** roles_arr, + const char*** roles_arr, unsigned int* num_roles) { - if ($result) { + if ($result) { int value; SWIG_AsVal_int($result, &value); if (value >= 0) { @@ -185,10 +185,10 @@ %typemap(argout) ( semanage_handle_t* handle, - semanage_bool_t*** records, + semanage_bool_t*** records, unsigned int* count) { - if ($result) { + if ($result) { int value; SWIG_AsVal_int($result, &value); if (value >= 0) { @@ -228,10 +228,10 @@ %typemap(argout) ( semanage_handle_t* handle, - semanage_fcontext_t*** records, + semanage_fcontext_t*** records, unsigned int* count) { - if ($result) { + if ($result) { int value; SWIG_AsVal_int($result, &value); if (value >= 0) { @@ -272,10 +272,10 @@ %typemap(argout) ( semanage_handle_t* handle, - semanage_iface_t*** records, + semanage_iface_t*** records, unsigned int* count) { - if ($result) { + if ($result) { int value; SWIG_AsVal_int($result, &value); if (value >= 0) { @@ -316,10 +316,10 @@ %typemap(argout) ( semanage_handle_t* handle, - semanage_seuser_t*** records, + semanage_seuser_t*** records, unsigned int* count) { - if ($result) { + if ($result) { int value; SWIG_AsVal_int($result, &value); if (value >= 0) { @@ -359,10 +359,10 @@ %typemap(argout) ( semanage_handle_t* handle, - semanage_user_t*** records, + semanage_user_t*** records, unsigned int* count) { - if ($result) { + if ($result) { int value; SWIG_AsVal_int($result, &value); if (value >= 0) { @@ -402,10 +402,10 @@ %typemap(argout) ( semanage_handle_t* handle, - semanage_port_t*** records, + semanage_port_t*** records, unsigned int* count) { - if ($result) { + if ($result) { int value; SWIG_AsVal_int($result, &value); if (value >= 0) { @@ -531,10 +531,10 @@ %typemap(argout) ( semanage_handle_t* handle, - semanage_node_t*** records, + semanage_node_t*** records, unsigned int* count) { - if ($result) { + if ($result) { int value; SWIG_AsVal_int($result, &value); if (value >= 0) { diff --git a/libsemanage/src/semanageswig_ruby.i b/libsemanage/src/semanageswig_ruby.i index 9010b545..18ea6841 100644 --- a/libsemanage/src/semanageswig_ruby.i +++ b/libsemanage/src/semanageswig_ruby.i @@ -12,7 +12,7 @@ /* a few helpful typemaps are available in this library */ %include -/* wrap all int*'s so they can be used for results +/* wrap all int*'s so they can be used for results if it becomes necessary to send in data this should be changed to INOUT */ %apply int *OUTPUT { int * }; %apply int *OUTPUT { size_t * }; diff --git a/libsemanage/src/seuser_record.c b/libsemanage/src/seuser_record.c index 44a54758..69ebea51 100644 --- a/libsemanage/src/seuser_record.c +++ b/libsemanage/src/seuser_record.c @@ -23,7 +23,7 @@ struct semanage_seuser { /* This user's name */ char *name; - /* This user's corresponding + /* This user's corresponding * seuser ("role set") */ char *sename; diff --git a/libsemanage/src/seusers_local.c b/libsemanage/src/seusers_local.c index 795a33d6..ec7bfb08 100644 --- a/libsemanage/src/seusers_local.c +++ b/libsemanage/src/seusers_local.c @@ -316,7 +316,7 @@ static int validate_handler(const semanage_seuser_t * seuser, void *varg) return -1; } -/* This function may not be called outside a transaction, or +/* This function may not be called outside a transaction, or * it will (1) deadlock, because iterate is not reentrant outside * a transaction, and (2) be racy, because it makes multiple dbase calls */ diff --git a/libsemanage/src/user_record.c b/libsemanage/src/user_record.c index bb8f4de1..b22c5c1c 100644 --- a/libsemanage/src/user_record.c +++ b/libsemanage/src/user_record.c @@ -301,7 +301,7 @@ void semanage_user_free(semanage_user_t * user) if (!tmp_user) goto omem; - /* Set the shared name from one of the records + /* Set the shared name from one of the records * (at least one is available) */ if (record1 == NULL) name = semanage_user_extra_get_name(record2); diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c index fdbb8ad6..24284d65 100644 --- a/libsemanage/src/utilities.c +++ b/libsemanage/src/utilities.c @@ -318,7 +318,7 @@ semanage_list_t *semanage_slurp_file_filter(FILE * file, if (pred(line)) { semanage_rtrim(line, '\n'); current = list_addafter_controlmem(current, line); - if (!current) + if (!current) break; line = NULL; buff_len = 0; diff --git a/libsemanage/tests/Makefile b/libsemanage/tests/Makefile index 69f49a36..b0869558 100644 --- a/libsemanage/tests/Makefile +++ b/libsemanage/tests/Makefile @@ -20,9 +20,9 @@ $(EXECUTABLE): $(OBJECTS) ../src/libsemanage.a %.policy: %.cil ../../secilc/secilc $*.cil -o $*.policy -f /dev/null -clean distclean: +clean distclean: rm -rf $(OBJECTS) $(POLICIES) $(EXECUTABLE) -test: all +test: all ./$(EXECUTABLE) diff --git a/libsemanage/tests/README b/libsemanage/tests/README index 424970cf..396591cb 100644 --- a/libsemanage/tests/README +++ b/libsemanage/tests/README @@ -5,7 +5,7 @@ read-only filesystem by using DAC permissions. Consequently, these tests will fail if run as root, as root can override DAC permissions. -How to add and use unit tests +How to add and use unit tests ============================= We are using the CUnit unit testing framework. This framework--and the @@ -22,13 +22,13 @@ add unit tests for your code: semanage_store.c. Your new .h/.c files represent a suite of related tests. -2. Write or add new tests to a suite. Tests are simply functions that +2. Write or add new tests to a suite. Tests are simply functions that take the form: void test_my_function(void) These tests are where you will make calls to the CUnit assertions. - + If you are making a new test suite, also add the suite init/cleanup functions. These take the form: @@ -51,9 +51,9 @@ add unit tests for your code: 6. Run your tests. Rejoice or despair, as appropriate. -A note on the the utilities.c: Add functions that can be commonly used -here. For example, it is handy to have a dummy message callback -function to silence error messages produced by libsemanage and keep +A note on the the utilities.c: Add functions that can be commonly used +here. For example, it is handy to have a dummy message callback +function to silence error messages produced by libsemanage and keep your output pretty. To do this, include utilities.h and specify the callback like so: diff --git a/libsemanage/tests/test_semanage_store.c b/libsemanage/tests/test_semanage_store.c index 92085361..2e6c38e1 100644 --- a/libsemanage/tests/test_semanage_store.c +++ b/libsemanage/tests/test_semanage_store.c @@ -124,7 +124,7 @@ int semanage_store_test_cleanup(void) return 0; } -/* Adds all the tests needed for this suite. +/* Adds all the tests needed for this suite. */ int semanage_store_add_tests(CU_pSuite suite) { From patchwork Mon Nov 11 14:16:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870805 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E3F0719DF4D for ; Mon, 11 Nov 2024 14:17:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334636; cv=none; b=K6R6FUVqGtGelmnZQ3FUn10roe+KR/YIY99R+9hIO8Fzlmeu7TfHbyCpCCoHpdTSooO929KN0EBcCW9mfrzJvStN9L8jHWnRF2VXK0SHyGx08p2yAqkMLcmBcNFRko6EiyOlZGprO2gm3xs158nhY6lf7vuqE/5yFXcgETe3e5g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334636; c=relaxed/simple; bh=z4tQjKaABWZKmhMy0F3cbnlPfRWzKSSczKqZNShp0yE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Xa3YLTdVPQwc3yZEIEWX6w2DGHHpnXnQJniBVNOqMU52R9Ea5DTMbfxzieGXdnu/hKGAfKprHEYIXYZONjdTdK5rhwb4ZQS6H2T4+PNyR2Rudn76CU+UrcrkVm2J2yI3r3CJbFskfLed+5L08gF7BupSn8Q8Q1dPBWueYWOYTs8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=I6Dx9Kvd; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="I6Dx9Kvd" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334633; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=B2Z5TN6/WVd4CRXT3/XVwMxxuHQlXB3cj7tTaz/ReSY=; b=I6Dx9Kvdjrxro2UF9cNzLJpNE5h+FY4ZVO78NnbvV4NEEVDF8omzxIRpuEHhsTCK94Q8uZ uUUQLvZNF+hv1TJe9lMhm/wK6ZOGqeoUspfOdhphbzIFEz/aoUPsyv+taQx+bhoj9yiP3B /ycwDifIouOZgwwQSOt5EdGB4Yfsqj0z/Pw3ktXfFI9HuDOt+Nr5stTr6Aa13JvRZBG6Zr E698RptQeup7+btU9ynJ/Hs20/B2Z82zBtCgRvbpSR7AHmv57QmC/BD+0O/S6bq9TUIsYD OOe6AsXgdx1oe+pJoq8O7IjBwUiNGhs1l1sFdbkeVdFKE1Osch3Gtrr6IAHZDQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 02/47] libsemanage: fix typo Date: Mon, 11 Nov 2024 15:16:21 +0100 Message-ID: <20241111141706.38039-2-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/semanage_store.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index aa5f4961..b0b7aa5d 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -423,7 +423,7 @@ cleanup: } /* THIS MUST BE THE FIRST FUNCTION CALLED IN THIS LIBRARY. If the - * library has nnot been initialized yet then call the functions that + * library has not been initialized yet then call the functions that * initialize the path variables. This function does nothing if it * was previously called and that call was successful. Return 0 on * success, -1 on error. From patchwork Mon Nov 11 14:16:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870806 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 541DE19FA9D for ; Mon, 11 Nov 2024 14:17:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334636; cv=none; b=Cg+zkBt2ZqobFfP244Im+DVPWAzwWjXhh43vVZniGatb0+uo3OOjhrhqrIRIynu6a6TGaegMRSs/r06Ar7ReGDbACcXuc6rnHXpkdrs2ybB11UwiXrh3iLlwmuLKtYpZI3AiqMdlkxPzUOUeVJpJg3vayJ0cK99RWqhHJpyqsKU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334636; c=relaxed/simple; bh=mhrw0jndIUEpPz9wLkgvkiTI32yS3VzD4SA66ghCyas=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=dIfEwBUoSTvc5xLv1+UxpqnHlhisBzqP9kOqqqTEQMf7Ln88pxlh041qYIccAVjQPsLMcE//A9EAoSBqZybd9AZZEo+2O8lQcXhBGpUbfhVB54oFyq2lqKmZmILNy9N1+v+2OLCpBvuNPKTSfzrjuVEHk5codWzL94fYMxQIyBc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=t8SI6/Oo; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="t8SI6/Oo" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334633; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3OvbGTL76osaDfJHN1S/oqoYdhgMkuYnWF77H0QMPBs=; b=t8SI6/OoEw2s1NRu4+7Fy2Skz5/b1qCL5ZlN9EYSPs98blhFUMMCxLcuBK2Awy4UyEHnzC zAFx6ecyN72dpDIxEVS0Dsore2nnnDqyroyjqPWzBNwJ9Nqzvsqwonl4A4iMD9qjNr2D9b 1lCnCpfbwdkxI5Pp9DEJSNSXOlXTEd08kTmk1dBhW2weOQHiCur6buk0N46fQ1uarWuyxG JLjj3m6BGElU9IHU//W1TsR6mIlM6+3z9DNSL/0CvklHjGJYH44JOjVy/EFWGPl3OAv8fe OPdc4CDn21bhmiXD3F5gV5wvBzjzyHhOV7/N09YmID+GBAqQVRhp/DEJh0tgMA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 03/47] libsemanage: drop unused macro Date: Mon, 11 Nov 2024 15:16:22 +0100 Message-ID: <20241111141706.38039-3-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Reported by clang-analyzer: semanage_store.c:68:9: warning: macro is not used [-Wunused-macros] #define TRUE 1 ^ Signed-off-by: Christian Göttsche --- libsemanage/src/semanage_store.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index b0b7aa5d..df994297 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -66,8 +66,6 @@ typedef struct dbase_policydb dbase_t; /* relative path names to enum semanage_paths to special files and * directories for the module store */ -#define TRUE 1 - enum semanage_file_defs { SEMANAGE_ROOT, SEMANAGE_TRANS_LOCK, From patchwork Mon Nov 11 14:16:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870808 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 75FD81A00C9 for ; Mon, 11 Nov 2024 14:17:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334638; cv=none; b=GUnWilnZIoLhGhpmJ+AaJ9kfF1irXAECCPa8ROkNEYwII1+iKXytwD+OxfiK5ACz4meqbeUe/6uxKRMxrL61zEW/Z1aQ41rxwxR+woND+ZorncDpTExU17ujLurolj+wqO7iz0cLw2ktS3X51jG69X8c388YXBk86jpW97rLsrk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334638; c=relaxed/simple; bh=ZwjZcZ6E+ATQO/DAb+NcMe/qLoWl/W1w/PDC6LO3Adg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=rd/YnMEYlHSXwOLNWMoRTppk9KcrBhpYDathSqEf9+5oKJ8I2oRHkUZpnguoo7yksOCUujMNxysHDz/26L/f5dLiFoJkKTbsbGUHex+VP9tsHWNhowytIeaQDG+a9+7BGq6zp2Pc1eAMEO1o7I00U/jFiJaIYHbLvYgNFUFLxF0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=UN3Sdv4l; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="UN3Sdv4l" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334633; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BrVtepWLMBQmYKPCZLUdmN/YI/TKd59y0vHcs8GScLc=; b=UN3Sdv4lV+cEuuohh/rCkWHcGsCTkjjiGLj3jtcvNhYshT0RqFgEMOtoHnVuychf9e/yfG VIQTSMqnSlH3wvq5OTbhoKg6KNseWtpeOoWaqr2pbSKHXDcl6qR63js2hTZYrGooW2cvaP KDMwq0Oj8+2Ai4/yJjK79qyeR8cnevSgqEkgsgrnMDjOOoziH/+uaIZErgfZJqFCa9p1rx pYPDOi02EZHjWTBzvu5wr88n1JRoUbnQeaquluSWJ7XKvUsXJxnUhXc37jYUR7ZcpbqqQu Ch4WmD3SYv+S0UskCnO0EJ4SmvYTqF196MTefjVRjy8Tjq9kkJfhNZ7tHND7JA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 04/47] libsemanage: drop dead assignments Date: Mon, 11 Nov 2024 15:16:23 +0100 Message-ID: <20241111141706.38039-4-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/compressed_file.c | 2 +- libsemanage/src/direct_api.c | 4 ++-- libsemanage/src/semanage_store.c | 4 +--- libsemanage/src/users_base_file.c | 2 +- 4 files changed, 5 insertions(+), 7 deletions(-) diff --git a/libsemanage/src/compressed_file.c b/libsemanage/src/compressed_file.c index e230a70b..067f54d7 100644 --- a/libsemanage/src/compressed_file.c +++ b/libsemanage/src/compressed_file.c @@ -45,7 +45,7 @@ static int bzip(semanage_handle_t *sh, const char *filename, void *data, size_t size = 1<<16; int bzerror; size_t total = 0; - size_t len = 0; + size_t len; FILE *f; if ((f = fopen(filename, "wb")) == NULL) { diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index 84c31399..104dbd40 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -582,7 +582,7 @@ cleanup: static int read_from_pipe_to_data(semanage_handle_t *sh, size_t initial_len, int fd, char **out_data_read, size_t *out_read_len) { size_t max_len = initial_len; - ssize_t read_len = 0; + ssize_t read_len; size_t data_read_len = 0; char *data_read = NULL; @@ -1001,7 +1001,7 @@ static int semanage_compile_hll_modules(semanage_handle_t *sh, /* to be incremented when checksum input data format changes */ static const size_t CHECKSUM_EPOCH = 2; - int i, status = 0; + int i, status; char cil_path[PATH_MAX]; struct stat sb; Sha256Context context; diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index df994297..82c5a684 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -2081,7 +2081,7 @@ int semanage_direct_get_serial(semanage_handle_t * sh) int semanage_load_files(semanage_handle_t * sh, cil_db_t *cildb, char **filenames, int numfiles) { - int i, retval = 0; + int i, retval; char *filename; struct file_contents contents = {}; @@ -2557,8 +2557,6 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, semanage_file_context_bucket_t *main; semanage_file_context_bucket_t *bcurrent; - i = 0; - if (sh == NULL) { return -1; } diff --git a/libsemanage/src/users_base_file.c b/libsemanage/src/users_base_file.c index a0f8cd7e..4e4d8d9b 100644 --- a/libsemanage/src/users_base_file.c +++ b/libsemanage/src/users_base_file.c @@ -66,7 +66,7 @@ static int user_base_parse(semanage_handle_t * handle, parse_info_t * info, semanage_user_base_t * user) { - int islist = 0; + int islist; char *str = NULL; char *start; char *name_str = NULL; From patchwork Mon Nov 11 14:16:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870807 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 777E61A00D1 for ; Mon, 11 Nov 2024 14:17:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334637; cv=none; b=iY/eQ8OJ00VI/OtZgFE5JkXq576JKikAM/NybYzI8K29AHfiWNi8nKjkUVyiVoq2DlzhacaZN1QtMtRrSbWFU2K7Kxd1vyo4Dx+zECzHmmJwKlYS5V96JvSug8hpxHFU4r6Jsz4bL1S6G/yjjUa6w/EObOMXK+n15Vsag8no5d0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334637; c=relaxed/simple; bh=BOPdcJiuEPcgtYZ3NOzt/A4/SNIg4wgXN1Vm9jE8Fuo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=P3cyGGEAGuKnKfidXFxlYPaoSPl7M3N5JNJ58RV5Qv2UG+UYt3Lzllo4gobzVmGBNH8G7NXl9BO8rLZH0HgabO8SZ2VdeWa//Oq+1L/lxnzOm+1FrVHOXeGdR9CiYs/Sk2SEGRUgcZFFDCUYnov1MAJ2e2xad5yO3RvoH6hiHzc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=efnsnbtw; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="efnsnbtw" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334633; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cAWpzf3I85PnY/2YCUidZkA5CsUaMlpsCcnjpGD5xFA=; b=efnsnbtwRBXDw2TNlk+DhLaz4oT+byeEYs52L/ujjSQkH+E1bmht3mIYPFpCWI5mT5tb6t RYNZ83Ig/7WRISKF1I3koJ5dtSuh0t7IQ+mQKgAi00e92KsffplLtitcQoQBLjA4BsVo1L FgqFY5HAK2OkyliawymrBEW0wPknpc1Zn7TH5IiDpbm/JpcR3iooaB+etqBOHWswfOWiLb Yd1fUYHWWn9WCQNoGdkEtDeetxkCQfzFxJ1+LnMJAtqp7TYW7p/b35ja5D2To315duby7d +ahFC0cap9z22vvwnnCkrwKo/1UqaZ1kA6hcKWrjd0AtfC39VRGJYiffFVNggg== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 05/47] libsemanage: drop dead variable Date: Mon, 11 Nov 2024 15:16:24 +0100 Message-ID: <20241111141706.38039-5-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Reported by clang-analyzer: semanage_store.c:2206:9: warning: Although the value stored to 'retval' is used in the enclosing expression, the value is never actually read from 'retval' [deadcode.DeadStores] if ((retval = ^ Signed-off-by: Christian Göttsche --- libsemanage/src/semanage_store.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 82c5a684..57295482 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -2201,7 +2201,7 @@ int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out, int semanage_verify_modules(semanage_handle_t * sh, char **module_filenames, int num_modules) { - int i, retval; + int i; semanage_conf_t *conf = sh->conf; if (conf->mod_prog == NULL) { return 0; @@ -2210,8 +2210,7 @@ int semanage_verify_modules(semanage_handle_t * sh, char *module = module_filenames[i]; external_prog_t *e; for (e = conf->mod_prog; e != NULL; e = e->next) { - if ((retval = - semanage_exec_prog(sh, e, module, "$<")) != 0) { + if (semanage_exec_prog(sh, e, module, "$<") != 0) { return -1; } } From patchwork Mon Nov 11 14:16:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870810 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0E06F132122 for ; Mon, 11 Nov 2024 14:17:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334639; cv=none; b=sWLdoaz4AcyvjuTjaN9Rd86rGiIu+9SYgP+Pk3S3xlbmWCri28HCjXSrlgU8/ycCSxB9HUyol9dggIyLHjK1ZIo6w5x5K4p8g+s7yxZnZcVetSpTTXy783LP56DfG0qAEZUP6U/4DwVwiL0i9gJyzIkydcjH9wMQQDua3I0su8U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334639; c=relaxed/simple; bh=4Pmu3OL7SA+E5vaYHKPd4LO8e50Jcxi6GZG1oUJ5rTE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=VoXwMP2ELN3jqVBaaLPJs9pvouG0i6wMRdIuyBcL8oLyTysqnoIeMrTEmWqYmIz+wIVApb3Fipy+lS1x2dFvoMQWPQ9V8Kpb2zvnu7dSowkBBY5AQdNFMqjg4UK9hWdyirS7D/Q7XpmBpyRnlZw9GPFydurfDm7TKvvIbsQQmgs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=Lc0pMHli; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="Lc0pMHli" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334633; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BTc6ZjtaLYYGLTKVIne/dWpoTnZPwsq/+R10hwdE4T8=; b=Lc0pMHlikToIHZFAmWGuLIwZ6jk6PU8J6fInATOWH4TWItus0N5dARxD5PwVdBSVzkQWxB A6Pty7gcnE7AMqPr118fwOfUUaK1XMhYrFbVvV7OhGWpUU2Fc4J0Q3Por9I3IijBbOaO/v 82xZZ4Mej78DrhpL3Hab3dU9sjl6EDWUmkPNiZmv3Tbh9kgjUHTiDXdJIL4VwqFwJfJvtu E6oBun/m6uFXk+pdfXixZTGW0MXV0DYFegzP4QcJdGl2eTFAudJa5cKTsRUkAxleyxcAi6 YJqqfc4y8h0HadkJcDA6zxeXmTIgPOcs8pBpK/V/MXcth8NCg/DKwhg874QXog== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 06/47] libsemanage: drop unnecessary declarations Date: Mon, 11 Nov 2024 15:16:25 +0100 Message-ID: <20241111141706.38039-6-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche semanage_remove_directory() is declared in "semanage_store.h" and semanage_rename() is defined before usage. Signed-off-by: Christian Göttsche --- libsemanage/src/semanage_store.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 57295482..08e6fc1b 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -696,8 +696,6 @@ int semanage_store_access_check(void) /********************* other I/O functions *********************/ -static int semanage_rename(semanage_handle_t * sh, const char *tmp, const char *dst); -int semanage_remove_directory(const char *path); static int semanage_copy_dir_flags(const char *src, const char *dst, int flag); /* Callback used by scandir() to select files. */ From patchwork Mon Nov 11 14:16:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870811 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 46C581A00D1 for ; Mon, 11 Nov 2024 14:17:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334639; cv=none; b=Z76mA4CpPCcht/go0w8BhoxG93a0HGt4nPdrHFz4U6f5HWCAcvBnzWylPjUYfkWCZgyMG/AOlNaG5T7+GURHwjaT1GGw3lXd7KODNg73Lmr9+qGGxV6VqrJqPbIEOS0vx0Y+qy/IXRfGOY7DfkLq4842QcOQ3e5yjODjhlDGmQQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334639; c=relaxed/simple; bh=2k/SE5j0EINxxFGbrCAoXrkvCGVnbw62npcrd+ete2s=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=iwqdcJhY6NreLmPGAnorFYg8HgbL9cvnTIHQpKvBs9vLjbJov0PLFQ7drz0tRSgUCskufuV5s4akIXnxgyg7KAujJ7KmPSOIm8/ihu8ZrqY7CHZJivetEwA7v4/Wmnyn0ZEuYx/7S7wikNIdpLl7CMk9dBcw6e5BUKytGTkeOVs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=j4O3+Wn8; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="j4O3+Wn8" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334634; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=85/NSBwfkaLi/eW2spTVrXDh85+C2F0E28qSCzfO65E=; b=j4O3+Wn8FSSECLY7wl13ljDUd3Gvrsvb2tpD8Svl9DJi4nID0sCLQWFWIyH4prL33khj/Z 22NOcN9GiRSQuwqL5IzSsoLWfSdaAA3csBl9iB7ZZHzDMZi7+TNTil/hdKziogm6lq0Rnx BP+HzRaU24JhRF2AotaGAMwnTr6i/xYD5O4QF+veKYMXeclAGGsLgTNvRkO7eoAjlRTNXd rscJ6NpIv/0GgmGQNA8IgEiwwfqZc8WAlKS3kHEFptslvepgQ8ScWPlMaJ5fnzE3hiByhq HzQnCA6g0Lpqw5oC3iLAIxasGfS+if5wZVrV5R9rUnW//FYOb3ejgHexcbxygA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 07/47] libsemanage: drop unnecessary return statements Date: Mon, 11 Nov 2024 15:16:26 +0100 Message-ID: <20241111141706.38039-7-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Drop return statements at end of void functions and drop one unreachable return statement (compilers that can't infer it is unreachable should just not be used). Signed-off-by: Christian Göttsche --- libsemanage/src/debug.c | 1 - libsemanage/src/handle.c | 9 --------- 2 files changed, 10 deletions(-) diff --git a/libsemanage/src/debug.c b/libsemanage/src/debug.c index 902ab5a5..1e375694 100644 --- a/libsemanage/src/debug.c +++ b/libsemanage/src/debug.c @@ -107,7 +107,6 @@ void semanage_msg_relay_handler(void *varg, sh->msg_channel = sepol_msg_get_channel(sepolh); sh->msg_level = sepol_msg_get_level(sepolh); /* XXX should map values */ sh->msg_callback(sh->msg_callback_arg, sh, "%s", buffer); - return; } extern void semanage_msg_set_callback(semanage_handle_t * handle, diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c index c489a75f..d5baa614 100644 --- a/libsemanage/src/handle.c +++ b/libsemanage/src/handle.c @@ -194,7 +194,6 @@ void semanage_set_create_store(semanage_handle_t * sh, int create_store) assert(sh != NULL); sh->create_store = create_store; - return; } int semanage_get_disable_dontaudit(semanage_handle_t * sh) @@ -209,7 +208,6 @@ void semanage_set_disable_dontaudit(semanage_handle_t * sh, int disable_dontaudi assert(sh != NULL); sepol_set_disable_dontaudit(sh->sepolh, disable_dontaudit); - return; } int semanage_get_preserve_tunables(semanage_handle_t * sh) @@ -244,7 +242,6 @@ void semanage_set_check_contexts(semanage_handle_t * sh, int do_check_contexts) assert(sh != NULL); sh->do_check_contexts = do_check_contexts; - return; } uint16_t semanage_get_default_priority(semanage_handle_t *sh) @@ -285,8 +282,6 @@ void semanage_select_store(semanage_handle_t * sh, char *storename, sh->conf->store_path = strdup(storename); assert(sh->conf->store_path); /* no way to return failure */ sh->conf->store_type = storetype; - - return; } void semanage_set_store_root(semanage_handle_t *sh, const char *store_root) @@ -296,8 +291,6 @@ void semanage_set_store_root(semanage_handle_t *sh, const char *store_root) free(sh->conf->store_root_path); sh->conf->store_root_path = strdup(store_root); assert(sh->conf->store_root_path); /* no way to return failure */ - - return; } int semanage_is_managed(semanage_handle_t * sh) @@ -361,8 +354,6 @@ int semanage_access_check(semanage_handle_t * sh) default: return -1; } - - return -1; /* unreachable */ } From patchwork Mon Nov 11 14:16:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870812 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 96E9E19EED6 for ; Mon, 11 Nov 2024 14:17:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334640; cv=none; b=MElEltne0veFNNbtroRxuC1KDjVHTMSmn3MU6YU2kcar3UigeDHsoTuwFZ11IJDcbRSj1Us9rE43I3QpgEJb5KI/EBPfSsvBkV+spPEybI59Z+IV/KxjiESqRSjY9MfSxq/yAxjxLOibuvBcqRfAbwlR4fjjZCLiyfbyoTUismo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334640; c=relaxed/simple; bh=7sjc6Dsskv5B18PWOkXBKrKqkoPyxP7Mt7y02y6q37M=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=H/KOHq+fBfw55L4TWa+CmX3nuFSA2AxYQev8Vb0KQNkOsHcrxETB3WOCDxRIyyb671QUmd/DO94S/SaDy/iHnTDADkqBTSl1y2Yb++Q4QWP+z6+4XyCJ/4FyVsQTZ3PsWxQgHOjTMboeAMSL7fHoyuGkqINydEQ4vIMwvbZozOE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=AlI/nUxu; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="AlI/nUxu" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334634; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=33CHAP1zhbiyo4kOYHii8nGEsk+kYP1Aj5+X9dLA9Vc=; b=AlI/nUxuY9FrdxrK2ltuUTAwxmNsf+Bi8w1KfvlMJHwh666/48t3ZsFR6uGjchPjwAfbUC Q4XtPWaoZ9gE2q1jtbMT6B3LnARIyYBUKfemZMXuiQITBeY/PQC+HPlrVhYgx7ahI4zVQ/ dJTWbIF+no69oENJwhWi1D6dszBVM5VZkxXujJpxk4j/HwjBriddE4kiPXQaZk4VfeRZgT XnCtfLyjh6GZ3eSsAVYWO1VWi1hEytFlWsERYoHx6xthA3/hCrFKKof4WISwo7l8YnV/Xl omzfMHlrn1TSOY9blWvFPJsr2UrWJuINxTFfUx2IdtHOO83hSvzyHasUXJ4U9Q== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 08/47] libsemanage: drop duplicate include Date: Mon, 11 Nov 2024 15:16:27 +0100 Message-ID: <20241111141706.38039-8-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/modules.c | 1 - 1 file changed, 1 deletion(-) diff --git a/libsemanage/src/modules.c b/libsemanage/src/modules.c index c3bd90ac..eeb85be6 100644 --- a/libsemanage/src/modules.c +++ b/libsemanage/src/modules.c @@ -40,7 +40,6 @@ #include #include "handle.h" -#include "modules.h" #include "sha256.h" #include "debug.h" From patchwork Mon Nov 11 14:16:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870813 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 96EF41A00C9 for ; Mon, 11 Nov 2024 14:17:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334640; cv=none; b=YAIcmo78T2GpVxTXBXVkW56fRevq5SP0W+xL6sW7nfPEkhmBzHghg8INQpLP+iLG8DoFRKgDWEPv9akMCM+jSkkwND8UnARMfXLDP2hIkN3ojWpjHOOhBoqKBX4fLAPwzyeTDlRahFfdTWbk+gjX1ZwAtCbbNopzed6JCF4lbsw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334640; c=relaxed/simple; bh=j7pC6Y6yxRnJGflcqyKNTVw7kh7w4M+Ld/jDCTrRJr4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=NMbB4NGJHQdX6puvb9AJil2k6AQhvW/UnW5bolanWJlZv0uVEI06Kq2GVEq7yQ0Lt+UvjmLGAsvtnzDP5MbUIW/oqKuxeaFiuIZBSNvk5WCgaG4OWEt8BUji/feSQoSOd0xqqdSSLWzu0yp0IdDLXXMaHky3tfTsdGJM9NazoM8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=WGV9cIdh; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="WGV9cIdh" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334634; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2ZZBdMvQRwwHxxH4YB3+MiDiZeoJH5fdOoiFTMHIgQA=; b=WGV9cIdhY/li2QbRr89RX7mWMUaqLrDh9Jq+HLu5gM35GhqascNhnZBpo/6097dmbO70u9 HY2iY3DvjwJjYBGsI0sgC3kGkhV7/U60hrGVeqAptZeE+JW2gjgYAXue8pzTJfyNygtfFT A9/XnyJ1KX4oMkZGI9UlDMc+zGHTGAPhc92OqQdg+UL3SPvNdrm4IcFCNY2H06E0Yxwwtt G2fl5EyM2OGxLgQ2JoVx+rs7pOD9tZ+GuNY/xKI8bkUHeQv1E8r/ZNGv0e3nxuBQyV3G1Q yYSm3yh2uimq2zvhVLjyg1O+x8aHlRB8VqVByW2rzACTcNF1FjAEtjDi8t22Dg== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 09/47] libsemanage: drop const from function declaration Date: Mon, 11 Nov 2024 15:16:28 +0100 Message-ID: <20241111141706.38039-9-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Using the const qualifier in a declaration for a passed by value parameter has no effect. Signed-off-by: Christian Göttsche --- libsemanage/src/parse_utils.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libsemanage/src/parse_utils.h b/libsemanage/src/parse_utils.h index 52408373..d52ab271 100644 --- a/libsemanage/src/parse_utils.h +++ b/libsemanage/src/parse_utils.h @@ -48,7 +48,7 @@ extern int parse_assert_space(semanage_handle_t * handle, parse_info_t * info); /* Throw an error if the specified character * does not follow, otherwise eat that character */ extern int parse_assert_ch(semanage_handle_t * handle, - parse_info_t * info, const char ch); + parse_info_t * info, char ch); /* Throw an error if the specified string * does not follow is not found, otherwise @@ -58,7 +58,7 @@ extern int parse_assert_str(semanage_handle_t * handle, /* Eat the optional character, if found, * or return STATUS_NODATA */ -extern int parse_optional_ch(parse_info_t * info, const char ch); +extern int parse_optional_ch(parse_info_t * info, char ch); /* Eat the optional string, if found, * or return STATUS_NODATA */ From patchwork Mon Nov 11 14:16:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870816 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EDDDF1A00D6 for ; Mon, 11 Nov 2024 14:17:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334641; cv=none; b=M4SRDstXy2kKU9EuHVqCZkKlAlO6VWCJzeku5o3pxEJSE2hxKOCS5eiHlDfT8ulfPcN/BMsiIScSfZJYuY9WTk5hq6LDHO5AnUwcPx4YHxlBgugYtNru718ZlcT9SR8k6OPoiEzXoy7n7vU3A7jidfm1dIBbUN96ELsFui+ZNgQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334641; c=relaxed/simple; bh=GgYNpBzgsEow3FC7aWWulenS2YkQMQbxELJP9q3WtbI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=nI6Apw83wUsRttk/FmPoplofCfOrCvwAz2ac71N3gnP4pm/+M2qych26OC8BMiH2KgyE9W/V4N3oiAnFoLNEixm3a3w1bjLoCxM2IY2ngeqBa3kx5zRF/Bdwi3vJPHJehQlDHlQcfegAQlbZitTLWlTApBGk/ROjvFxREPY894E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=VCxcvi9B; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="VCxcvi9B" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334634; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TiS5LBzFs6Dh/8Zd2sA+tJWS4qXQUXYfJoXeJY6e5V4=; b=VCxcvi9BDteHEYiZHMS/srM8fgJf6qxEUXeYNYpqQwz3ZtdBtGEBXsav0yDajuvzmlkC62 7JM5WLepbqt/a5Qg3TPAS2M8YvwtBXqDaWdanLqoDnbziO77z/YVqtiUcJ43iiDna/xS+l XNbW7AG+0JgxOALklhanq3BaP+WB5KlirQw6vDRzTaeTK06O32Nx3xJTWrCNMyE5Y0pRew 6C34Gi0nW/8eTpVbk6poSWySGpMvxj4F5p+G+GVj0a92iLTHgsc0SF6vJJ8wOu3nTKQUnm tyusqPiZXsDXhK0tErzNAGMVz7UOdKC5jueWR/ms6qg8VzdGazXAlK+NtgkpRA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 10/47] libsemanage: set O_CLOEXEC flag for file descriptors Date: Mon, 11 Nov 2024 15:16:29 +0100 Message-ID: <20241111141706.38039-10-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Close internal managed file descriptors in case of an concurrent execve. Also avoid leaking file descriptors in get_shell_list(). Signed-off-by: Christian Göttsche --- libsemanage/src/compressed_file.c | 4 ++-- libsemanage/src/conf-parse.y | 2 +- libsemanage/src/database_file.c | 2 +- libsemanage/src/database_policydb.c | 2 +- libsemanage/src/direct_api.c | 20 ++++++++++---------- libsemanage/src/genhomedircon.c | 8 +++++--- libsemanage/src/parse_utils.c | 2 +- libsemanage/src/semanage_store.c | 28 ++++++++++++++-------------- libsemanage/src/utilities.c | 2 +- 9 files changed, 36 insertions(+), 34 deletions(-) diff --git a/libsemanage/src/compressed_file.c b/libsemanage/src/compressed_file.c index 067f54d7..74185c92 100644 --- a/libsemanage/src/compressed_file.c +++ b/libsemanage/src/compressed_file.c @@ -48,7 +48,7 @@ static int bzip(semanage_handle_t *sh, const char *filename, void *data, size_t len; FILE *f; - if ((f = fopen(filename, "wb")) == NULL) { + if ((f = fopen(filename, "wbe")) == NULL) { return -1; } @@ -177,7 +177,7 @@ int map_compressed_file(semanage_handle_t *sh, const char *path, int ret = 0, fd = -1; FILE *file = NULL; - fd = open(path, O_RDONLY); + fd = open(path, O_RDONLY | O_CLOEXEC); if (fd == -1) { ERR(sh, "Unable to open %s\n", path); return -1; diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y index 8cfbd580..9e58345a 100644 --- a/libsemanage/src/conf-parse.y +++ b/libsemanage/src/conf-parse.y @@ -429,7 +429,7 @@ semanage_conf_t *semanage_conf_parse(const char *config_filename) if (semanage_conf_init(current_conf) == -1) { goto cleanup; } - if ((semanage_in = fopen(config_filename, "r")) == NULL) { + if ((semanage_in = fopen(config_filename, "re")) == NULL) { /* configuration file does not exist or could not be * read. THIS IS NOT AN ERROR. just rely on the * defaults. */ diff --git a/libsemanage/src/database_file.c b/libsemanage/src/database_file.c index a7773fb5..6fe2ddf3 100644 --- a/libsemanage/src/database_file.c +++ b/libsemanage/src/database_file.c @@ -127,7 +127,7 @@ static int dbase_file_flush(semanage_handle_t * handle, dbase_file_t * dbase) fname = dbase->path[handle->is_in_transaction]; mask = umask(0077); - str = fopen(fname, "w"); + str = fopen(fname, "we"); umask(mask); if (!str) { ERR(handle, "could not open %s for writing: %s", diff --git a/libsemanage/src/database_policydb.c b/libsemanage/src/database_policydb.c index 95418365..19d90de5 100644 --- a/libsemanage/src/database_policydb.c +++ b/libsemanage/src/database_policydb.c @@ -111,7 +111,7 @@ static int dbase_policydb_cache(semanage_handle_t * handle, /* Try opening file * ENOENT is not fatal - we just create an empty policydb */ - fp = fopen(fname, "rb"); + fp = fopen(fname, "rbe"); if (fp == NULL && errno != ENOENT) { ERR(handle, "could not open %s for reading: %s", fname, strerror(errno)); diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index 104dbd40..3fa24331 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -456,7 +456,7 @@ static int write_file(semanage_handle_t * sh, int out; if ((out = - open(filename, O_WRONLY | O_CREAT | O_TRUNC, + open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR)) == -1) { ERR(sh, "Could not open %s for writing.", filename); return -1; @@ -639,17 +639,17 @@ static int semanage_pipe_data(semanage_handle_t *sh, char *path, char *in_data, */ sigaction(SIGPIPE, &new_signal, &old_signal); - retval = pipe(input_fd); + retval = pipe2(input_fd, O_CLOEXEC); if (retval == -1) { ERR(sh, "Unable to create pipe for input pipe: %s\n", strerror(errno)); goto cleanup; } - retval = pipe(output_fd); + retval = pipe2(output_fd, O_CLOEXEC); if (retval == -1) { ERR(sh, "Unable to create pipe for output pipe: %s\n", strerror(errno)); goto cleanup; } - retval = pipe(err_fd); + retval = pipe2(err_fd, O_CLOEXEC); if (retval == -1) { ERR(sh, "Unable to create pipe for error pipe: %s\n", strerror(errno)); goto cleanup; @@ -821,7 +821,7 @@ static int semanage_direct_write_langext(semanage_handle_t *sh, goto cleanup; } - fp = fopen(fn, "w"); + fp = fopen(fn, "we"); if (fp == NULL) { ERR(sh, "Unable to open %s module ext file.", modinfo->name); ret = -1; @@ -1072,7 +1072,7 @@ static int semanage_compare_checksum(semanage_handle_t *sh, const char *referenc int fd, retval; char *data; - fd = open(path, O_RDONLY); + fd = open(path, O_RDONLY | O_CLOEXEC); if (fd == -1) { if (errno != ENOENT) { ERR(sh, "Unable to open %s: %s\n", path, strerror(errno)); @@ -1213,7 +1213,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) } if (sepol_get_disable_dontaudit(sh->sepolh) == 1) { FILE *touch; - touch = fopen(path, "w"); + touch = fopen(path, "we"); if (touch != NULL) { if (fclose(touch) != 0) { ERR(sh, "Error attempting to create disable_dontaudit flag."); @@ -1245,7 +1245,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) if (sepol_get_preserve_tunables(sh->sepolh) == 1) { FILE *touch; - touch = fopen(path, "w"); + touch = fopen(path, "we"); if (touch != NULL) { if (fclose(touch) != 0) { ERR(sh, "Error attempting to create preserve_tunable flag."); @@ -2107,7 +2107,7 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh, switch (enabled) { case 0: /* disable the module */ mask = umask(0077); - fp = fopen(fn, "w"); + fp = fopen(fn, "we"); umask(mask); if (fp == NULL) { @@ -2294,7 +2294,7 @@ static int semanage_direct_get_module_info(semanage_handle_t *sh, goto cleanup; } - fp = fopen(fn, "r"); + fp = fopen(fn, "re"); if (fp == NULL) { ERR(sh, diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index ede2d67d..9e2fe453 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -218,7 +218,7 @@ static semanage_list_t *get_shell_list(void) size_t buff_len = 0; ssize_t len; - shells = fopen(PATH_SHELLS_FILE, "r"); + shells = fopen(PATH_SHELLS_FILE, "re"); if (!shells) return default_shell_list(); while ((len = getline(&temp, &buff_len, shells)) > 0) { @@ -227,11 +227,13 @@ static semanage_list_t *get_shell_list(void) if (semanage_list_push(&list, temp)) { free(temp); semanage_list_destroy(&list); + fclose(shells); return default_shell_list(); } } } free(temp); + fclose(shells); return list; } @@ -503,7 +505,7 @@ static semanage_list_t *make_template(genhomedircon_settings_t * s, FILE *template_file = NULL; semanage_list_t *template_data = NULL; - template_file = fopen(s->homedir_template_path, "r"); + template_file = fopen(s->homedir_template_path, "re"); if (!template_file) return NULL; template_data = semanage_slurp_file_filter(template_file, pred); @@ -1410,7 +1412,7 @@ int semanage_genhomedircon(semanage_handle_t * sh, s.h_semanage = sh; s.policydb = policydb; - if (!(out = fopen(s.fcfilepath, "w"))) { + if (!(out = fopen(s.fcfilepath, "we"))) { /* couldn't open output file */ ERR(sh, "Could not open the file_context file for writing"); retval = STATUS_ERR; diff --git a/libsemanage/src/parse_utils.c b/libsemanage/src/parse_utils.c index 918dee43..13837c87 100644 --- a/libsemanage/src/parse_utils.c +++ b/libsemanage/src/parse_utils.c @@ -45,7 +45,7 @@ void parse_release(parse_info_t * info) int parse_open(semanage_handle_t * handle, parse_info_t * info) { - info->file_stream = fopen(info->filename, "r"); + info->file_stream = fopen(info->filename, "re"); if (!info->file_stream && (errno != ENOENT)) { ERR(handle, "could not open file %s: %s", info->filename, strerror(errno)); diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 08e6fc1b..7c9f5b2a 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -625,7 +625,7 @@ int semanage_create_store(semanage_handle_t * sh, int create) if (stat(path, &sb) == -1) { if (errno == ENOENT && create) { mask = umask(0077); - if ((fd = creat(path, S_IRUSR | S_IWUSR)) == -1) { + if ((fd = open(path, O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR)) == -1) { umask(mask); ERR(sh, "Could not create lock file at %s.", path); @@ -722,7 +722,7 @@ int semanage_copy_file(const char *src, const char *dst, mode_t mode, if (n < 0 || n >= PATH_MAX) return -1; - if ((in = open(src, O_RDONLY)) == -1) { + if ((in = open(src, O_RDONLY | O_CLOEXEC)) == -1) { return -1; } @@ -730,7 +730,7 @@ int semanage_copy_file(const char *src, const char *dst, mode_t mode, mode = S_IRUSR | S_IWUSR; mask = umask(0); - if ((out = open(tmp, O_WRONLY | O_CREAT | O_TRUNC, mode)) == -1) { + if ((out = open(tmp, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, mode)) == -1) { umask(mask); errsv = errno; close(in); @@ -1516,7 +1516,7 @@ int semanage_split_fc(semanage_handle_t * sh) char buf[PATH_MAX] = { 0 }; /* I use fopen here instead of open so that I can use fgets which only reads a single line */ - file_con = fopen(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL), "r"); + file_con = fopen(semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL), "re"); if (!file_con) { ERR(sh, "Could not open %s for reading.", semanage_path(SEMANAGE_TMP, SEMANAGE_FC_TMPL)); @@ -1524,14 +1524,14 @@ int semanage_split_fc(semanage_handle_t * sh) } fc = open(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC), - O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR); if (fc < 0) { ERR(sh, "Could not open %s for writing.", semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC)); goto cleanup; } hd = open(semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL), - O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); + O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR); if (hd < 0) { ERR(sh, "Could not open %s for writing.", semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL)); @@ -1746,7 +1746,7 @@ static int semanage_commit_sandbox(semanage_handle_t * sh) memset(write_buf, 0, sizeof(write_buf)); snprintf(write_buf, sizeof(write_buf), "%d", commit_number); if ((fd = - open(commit_filename, O_WRONLY | O_CREAT | O_TRUNC, + open(commit_filename, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR)) == -1) { ERR(sh, "Could not open commit number file %s for writing.", commit_filename); @@ -1762,7 +1762,7 @@ static int semanage_commit_sandbox(semanage_handle_t * sh) close(fd); /* sync changes in sandbox to filesystem */ - fd = open(sandbox, O_DIRECTORY); + fd = open(sandbox, O_DIRECTORY | O_CLOEXEC); if (fd == -1) { ERR(sh, "Error while opening %s for syncfs(): %d", sandbox, errno); return -1; @@ -1895,9 +1895,9 @@ static int semanage_get_lock(semanage_handle_t * sh, struct timeval origtime, curtime; int got_lock = 0; - if ((fd = open(lock_file, O_RDONLY)) == -1) { + if ((fd = open(lock_file, O_RDONLY | O_CLOEXEC)) == -1) { if ((fd = - open(lock_file, O_RDWR | O_CREAT | O_TRUNC, + open(lock_file, O_RDWR | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR)) == -1) { ERR(sh, "Could not open direct %s at %s.", lock_name, lock_file); @@ -2042,7 +2042,7 @@ int semanage_direct_get_serial(semanage_handle_t * sh) semanage_path(SEMANAGE_ACTIVE, SEMANAGE_COMMIT_NUM_FILE); } - if ((fd = open(commit_filename, O_RDONLY)) == -1) { + if ((fd = open(commit_filename, O_RDONLY | O_CLOEXEC)) == -1) { if (errno == ENOENT) { /* the commit number file does not exist yet, * so assume that the number is 0 */ @@ -2122,7 +2122,7 @@ int semanage_read_policydb(semanage_handle_t * sh, sepol_policydb_t * in, semanage_path(SEMANAGE_ACTIVE, file)) == NULL) { goto cleanup; } - if ((infile = fopen(kernel_filename, "r")) == NULL) { + if ((infile = fopen(kernel_filename, "re")) == NULL) { ERR(sh, "Could not open kernel policy %s for reading.", kernel_filename); goto cleanup; @@ -2165,7 +2165,7 @@ int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out, semanage_path(SEMANAGE_TMP, file)) == NULL) { goto cleanup; } - if ((outfile = fopen(kernel_filename, "wb")) == NULL) { + if ((outfile = fopen(kernel_filename, "wbe")) == NULL) { ERR(sh, "Could not open kernel policy %s for writing.", kernel_filename); goto cleanup; @@ -3032,7 +3032,7 @@ void semanage_setfiles(const char *path){ /* Make sure "path" is owned by root */ if ((geteuid() != 0 || getegid() != 0) && - ((fd = open(path, O_RDONLY)) != -1)){ + ((fd = open(path, O_RDONLY | O_CLOEXEC)) != -1)){ /* Skip files with the SUID or SGID bit set -- abuse protection */ if ((fstat(fd, &sb) != -1) && !(S_ISREG(sb.st_mode) && diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c index 24284d65..3702cbe1 100644 --- a/libsemanage/src/utilities.c +++ b/libsemanage/src/utilities.c @@ -40,7 +40,7 @@ char *semanage_findval(const char *file, const char *var, const char *delim) assert(file); assert(var); - if ((fd = fopen(file, "r")) == NULL) + if ((fd = fopen(file, "re")) == NULL) return NULL; while (getline(&buff, &buff_len, fd) > 0) { From patchwork Mon Nov 11 14:16:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870814 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DED3719F113 for ; Mon, 11 Nov 2024 14:17:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334640; cv=none; b=TTF9ZlriqUBKOlxGn6+5L0Mk86rPVLH2otYJL/eUwUQu3A4NABReQVq/XT21663B6vpfgfbVSnpCkpZpfh2ADxQT2/fYsxgNmZDcdtYM9u6YbQCaDiH2SWS7XhRUoCFU2I9eHUNtkFmO4caJg85Lgbwco6WfB2rw0qgSJGzjj/M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334640; c=relaxed/simple; bh=u65SspZ9dlDGHOuo+pxrh/Gtaq0XL3CSP8/xV+ceuiY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=s1GfyMu+sBoNKGNSlaCIdL8LSWI/KQfWAju5LtbcnXsjPksLU1/3ybppuolAv9nGiwtx0T/Zs9h964E9pLm+KdA4bBGfprRVnYNnO619it5Y1ZU9wvXu6ljPJ7aPhcPm9Lf2he8tHwGXoZ8x4myS5HG03onr4kvT9aEVLW7wNpQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=D7o/vXDw; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="D7o/vXDw" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334634; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=S30nL3g6+5cD4/G2Aa3/tEF2FB5Xy/D6M99N65p6sGk=; b=D7o/vXDwn3hqPwmulxnhkshv3EpaKGAS2+73RuuSkQcE2mj+bVaM8SrWcZQN9snuPTUPBG +hvQF9FhFcoP5U9CzRmfxeB5tRWcilZ7P+2GMwSqZykpl6ahhWdxxPVnl5ga2sBfPsV41X uLc3+E5HPP9Xq23AIYAK4GKj4kjVGSjZjNbFbVPlVChjimiHaX45EAh6WfZmVBYo1buvyf BS+TOJKHai7VCzIDje21AZdVW+TiR3qv2m3TdCHLgECcVh2TkzzaF4eIpZlffDDAnxSKYK 8n/GNtqXL4eMPI1X18wWhA6ui6Hsbo5IumXRG7FtP9loyLA20k41GBJ8CoxJ7g== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 11/47] libsemanage: check memory allocations Date: Mon, 11 Nov 2024 15:16:30 +0100 Message-ID: <20241111141706.38039-11-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/conf-parse.y | 6 ++++++ libsemanage/src/handle.c | 2 ++ 2 files changed, 8 insertions(+) diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y index 9e58345a..9c806fdd 100644 --- a/libsemanage/src/conf-parse.y +++ b/libsemanage/src/conf-parse.y @@ -369,6 +369,12 @@ static int semanage_conf_init(semanage_conf_t * conf) conf->save_previous = 0; conf->save_linked = 0; + if (!conf->store_path || + !conf->store_root_path || + !conf->compiler_directory_path) { + return -1; + } + if ((conf->load_policy = calloc(1, sizeof(*(current_conf->load_policy)))) == NULL) { return -1; diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c index d5baa614..f048f6d7 100644 --- a/libsemanage/src/handle.c +++ b/libsemanage/src/handle.c @@ -45,6 +45,8 @@ int semanage_set_root(const char *root) { free(private_semanage_root); private_semanage_root = strdup(root); + if (!private_semanage_root) + return -1; return 0; } From patchwork Mon Nov 11 14:16:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870815 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C3FC11A01C3 for ; Mon, 11 Nov 2024 14:17:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334641; cv=none; b=CUB1dQhhXhoVcNi0avStnOREWTy3/2K5xWlqiBYkG4EkGemxD0YmDKVIGZ6acO7NOsFp8pqW1YuY+L3cFy9AJrUTNixTIbRSUQT/oDdVnmD2YEvbbYpz7EvzD2zAhXsDKM+A1mI8px2eNdqGPlPqZ0yyTPDEE99RkXXuma680u4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334641; c=relaxed/simple; bh=mNzjuVVYk4ihMJIufHQj/QE5Yr8x/JHlQr3snt2zed0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=aohDgr9qEjutlshrQi/pvGAyBwK1meR6+aYWYa97XIEXmpnlr8g3s+tApgUNSm4VkejlGFS+6GfpmG+7LCFbdutyCmPwQPyYjtpl7Op/gABuzQj06Pqz/3T6psN1XSBCNOdGiNVbhM1/irR6gLnvcLYcVzOqFVA/I8NQM8ZoDRI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=m1anhFcz; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="m1anhFcz" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334635; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Hy6MACwipdsTTMvFPvD2QsfECfdAB67fKKSBlCb3Erk=; b=m1anhFcz07qOr3XAgXNO2r6Nn1/7Lg/8mN9oZIpIRoJgZteBas9SZB7HzUqoz8drhKFzwV 6Wcsh6Tz9156FzgZK4TVwLWpCP03nEIsiPaM9iGG+RJWC9pt5j5cK1liFj5v7vrQ/3cXrU su2nmUMylOGgfa7NfTKwkM5NbZYOHJ9y+rp6Ba+08QokfNP387C6RvKOH1FVtaQMyPutSQ bfuwa0+Zi2sfF4D3L+VqqnWnQDDgK5RxgOOQbWes+N0bDOREGrg7CAY0fYZqdCIj4oQK2y tRXio2+JIT+eoumKX4TG1dtWYDxVKrNRIZWpEnj4qGZYT53ZvhOVh7G0bEjzvQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 12/47] libsemanage: use unlink on non directory Date: Mon, 11 Nov 2024 15:16:31 +0100 Message-ID: <20241111141706.38039-12-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche remove(3) just calls unlink(2) for non directories. Signed-off-by: Christian Göttsche --- libsemanage/src/semanage_store.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 7c9f5b2a..29bde24a 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -880,7 +880,7 @@ int semanage_remove_directory(const char *path) return retval; } } else { - if (remove(s) == -1) { + if (unlink(s) == -1) { return -3; } } From patchwork Mon Nov 11 14:16:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870817 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C3F6619CC1C for ; Mon, 11 Nov 2024 14:17:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334641; cv=none; b=TxDRkSV3h2I6z43Qx2zwIU+ac3R1D4bn6OW0o7jCSUHS2rsmMb6AncVaUgYoG2vqrCiNZIUPVZJR4q2Ssu6/QMGfSdqeDopUd7IUGW19ILFhGjvMBF51yJ2sFcTFeEP9jMBPYTww9XOThpUQ7dcNnNdSJ0NZlpMm0dZQ4l2JKhw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334641; c=relaxed/simple; bh=AJHWi70tHqT9PHmo9lHuWvaYxmJyv5o1s61aTz5A5i8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=XtH+ct+p53mFJCOO2Td0xYEWaic0g/zY1io/4Zf6CjjV+VU/DZfvGvjMQnnweE76XdjtIIVFLPZD4TYbibS2bpZLDnQCq/Ru82TyooHr8XwaiglSypkyTtZWeq7eEYyhuFyypd0PkHjK1EEmbmT2546GuKHR1EvJ3iZhZzCXDKU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=N2iFFyGv; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="N2iFFyGv" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334635; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xVVQbQkE9pm+qY/yrXvK1e/Y1hDOMGnI8UKmO0u/dEk=; b=N2iFFyGv5i3YVeUYIZWAUx9UG985lZvfL4owQlttJ+0ttGYvrNrZYV+boC+UJY6UR2jJMA 2bTE+Bf9zMgmsI+RF5hWDWjsiweUz5cw/Rz5EJgRqKGVIMUyfiT4G3JfAReLNjmxO9xOJk pizjQPO5S/BsPSPDJjP7KSq2tGu0Dho6X3frb0QdWgPQ5Cwo6AbcaM/pN6BfLMDCIUPJrr VgiCDQz1mzLMlVa0ddP5GQi9bV1X2Ls2xN7LXkoI3nar/yaGEMx6PZ2fn4gMj2AeRvosqz uU9fj6VP1rbw8YG2cdoBfRI2HDcKnyhRFoBWhcMkxLtTAdSiSm/9B5SNaZQzGw== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 13/47] libsemanage: free resources on failed connect attempt Date: Mon, 11 Nov 2024 15:16:32 +0100 Message-ID: <20241111141706.38039-13-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche In case connecting to the semanage database fails, free all already allocated resources. Signed-off-by: Christian Göttsche --- libsemanage/src/database_activedb.c | 3 +++ libsemanage/src/database_file.c | 3 +++ libsemanage/src/database_join.c | 3 +++ libsemanage/src/database_policydb.c | 2 +- libsemanage/src/direct_api.c | 1 + libsemanage/src/handle.c | 5 ++--- 6 files changed, 13 insertions(+), 4 deletions(-) diff --git a/libsemanage/src/database_activedb.c b/libsemanage/src/database_activedb.c index fa6b6105..e0369963 100644 --- a/libsemanage/src/database_activedb.c +++ b/libsemanage/src/database_activedb.c @@ -139,6 +139,9 @@ int dbase_activedb_init(semanage_handle_t * handle, void dbase_activedb_release(dbase_activedb_t * dbase) { + if (!dbase) + return; + dbase_llist_drop_cache(&dbase->llist); free(dbase); } diff --git a/libsemanage/src/database_file.c b/libsemanage/src/database_file.c index 6fe2ddf3..716f54e7 100644 --- a/libsemanage/src/database_file.c +++ b/libsemanage/src/database_file.c @@ -191,6 +191,9 @@ int dbase_file_init(semanage_handle_t * handle, void dbase_file_release(dbase_file_t * dbase) { + if (!dbase) + return; + dbase_llist_drop_cache(&dbase->llist); free(dbase); } diff --git a/libsemanage/src/database_join.c b/libsemanage/src/database_join.c index 2a2008e8..bf260952 100644 --- a/libsemanage/src/database_join.c +++ b/libsemanage/src/database_join.c @@ -271,6 +271,9 @@ int dbase_join_init(semanage_handle_t * handle, void dbase_join_release(dbase_join_t * dbase) { + if (!dbase) + return; + dbase_llist_drop_cache(&dbase->llist); free(dbase); } diff --git a/libsemanage/src/database_policydb.c b/libsemanage/src/database_policydb.c index 19d90de5..6e922b5e 100644 --- a/libsemanage/src/database_policydb.c +++ b/libsemanage/src/database_policydb.c @@ -44,7 +44,7 @@ struct dbase_policydb { static void dbase_policydb_drop_cache(dbase_policydb_t * dbase) { - if (dbase->cache_serial >= 0) { + if (dbase && dbase->cache_serial >= 0) { sepol_policydb_free(dbase->policydb); dbase->cache_serial = -1; dbase->modified = 0; diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index 3fa24331..83addbee 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -321,6 +321,7 @@ int semanage_direct_connect(semanage_handle_t * sh) err: ERR(sh, "could not establish direct connection"); + (void) semanage_direct_disconnect(sh); return STATUS_ERR; } diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c index f048f6d7..9bb84546 100644 --- a/libsemanage/src/handle.c +++ b/libsemanage/src/handle.c @@ -361,12 +361,11 @@ int semanage_access_check(semanage_handle_t * sh) int semanage_disconnect(semanage_handle_t * sh) { - assert(sh != NULL && sh->funcs != NULL - && sh->funcs->disconnect != NULL); + assert(sh != NULL); if (!sh->is_connected) { return 0; } - if (sh->funcs->disconnect(sh) < 0) { + if (sh->funcs && sh->funcs->disconnect(sh) < 0) { return -1; } sh->is_in_transaction = 0; From patchwork Mon Nov 11 14:16:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870822 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1EACA1A00C9 for ; Mon, 11 Nov 2024 14:17:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; cv=none; b=SXj/1YULEnuQ1+lxMAZSNQ6XzzqzCa85eLjOgC3kg6ehdc36rFJvLTqisPLkmgB7s9u3bzrFk4VEo0NkuCxmmh0Qttzylpi7VQEL8BiD9Q2lhq30W/ffHx1zlnCb+AhY06dLiUwkUSQr26MuWN05iFwf2+jtduUMOCvrR75imJ8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; c=relaxed/simple; bh=ZPm+hckMglq//sydxnbCeoY/neuiOWN4JYDIdTB9Edo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=qlDTmkjbk9M5rg71fo/I2lQ0dMmhxwlLj0gBLlodlqWY+iT+xsBO+h8Jk/PyRrcgX2vZfL+GS9H7kJnsG7sDX5vdsLg8YLJC/gS21hToar3e6F844SLn8mfzOac9n65PWYZn5tJ5kZnJUTRdkraIeF/vL/RM9TlueEvegECIwbk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=CMwDzXvR; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="CMwDzXvR" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334635; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=8O8TfkY6dZXkidKXcoGlUtfukV0LiKlEgt/5gw91Yak=; b=CMwDzXvRICgchnT9h79MJK4t0IU3jb8cK0aQSwzZ+8Q7eboJz42hRyh3usmTp+VS+s885P xo1sslDk5O2aeInF3SvuCn1ynnE7/QQhgc8EnEK3JhA9AxBrx5G/DKoArEFLy4I/HKQQjD htC2hjGIE0UL/9TOzvpIA+kagHQ5x5Q3lblo5hu1L+UmTpMmA1OtEcBr/D7qK+vkee6K0S cY1fDyyAs4Z6vrYEkeNhnCP3QrCD0C+IzBMwVRwpt16CDvyxWQPt+Bc3FHcHc9DsDwSvJ2 BZ0q93pPDndjFDp6XCxeS5Eju6hAQtglUnu8g/d40nA9mBhigcfXtSL6ECP60g== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 14/47] libsemanage: declare file local function tables static Date: Mon, 11 Nov 2024 15:16:33 +0100 Message-ID: <20241111141706.38039-14-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/booleans_activedb.c | 2 +- libsemanage/src/booleans_file.c | 2 +- libsemanage/src/booleans_policydb.c | 2 +- libsemanage/src/fcontexts_file.c | 2 +- libsemanage/src/genhomedircon.c | 2 +- libsemanage/src/ibendports_file.c | 2 +- libsemanage/src/ibendports_policydb.c | 2 +- libsemanage/src/ibpkeys_file.c | 2 +- libsemanage/src/ibpkeys_policydb.c | 2 +- libsemanage/src/interfaces_file.c | 2 +- libsemanage/src/interfaces_policydb.c | 2 +- libsemanage/src/nodes_file.c | 2 +- libsemanage/src/nodes_policydb.c | 2 +- libsemanage/src/ports_file.c | 2 +- libsemanage/src/ports_policydb.c | 2 +- libsemanage/src/seusers_file.c | 2 +- libsemanage/src/users_base_file.c | 2 +- libsemanage/src/users_base_policydb.c | 2 +- libsemanage/src/users_extra_file.c | 2 +- libsemanage/src/users_join.c | 2 +- 20 files changed, 20 insertions(+), 20 deletions(-) diff --git a/libsemanage/src/booleans_activedb.c b/libsemanage/src/booleans_activedb.c index 6ebb520b..1d4e33b4 100644 --- a/libsemanage/src/booleans_activedb.c +++ b/libsemanage/src/booleans_activedb.c @@ -141,7 +141,7 @@ static int bool_commit_list(semanage_handle_t * handle, } /* BOOL RECORD: ACTIVEDB extension: method table */ -record_activedb_table_t SEMANAGE_BOOL_ACTIVEDB_RTABLE = { +static record_activedb_table_t SEMANAGE_BOOL_ACTIVEDB_RTABLE = { .read_list = bool_read_list, .commit_list = bool_commit_list, }; diff --git a/libsemanage/src/booleans_file.c b/libsemanage/src/booleans_file.c index 6d600bbc..dae42ffb 100644 --- a/libsemanage/src/booleans_file.c +++ b/libsemanage/src/booleans_file.c @@ -101,7 +101,7 @@ static int bool_parse(semanage_handle_t * handle, } /* BOOL RECORD: FILE extension: method table */ -record_file_table_t SEMANAGE_BOOL_FILE_RTABLE = { +static record_file_table_t SEMANAGE_BOOL_FILE_RTABLE = { .parse = bool_parse, .print = bool_print, }; diff --git a/libsemanage/src/booleans_policydb.c b/libsemanage/src/booleans_policydb.c index 26fcac0a..e838c3eb 100644 --- a/libsemanage/src/booleans_policydb.c +++ b/libsemanage/src/booleans_policydb.c @@ -36,7 +36,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* BOOLEAN RECRORD (SEPOL): POLICYDB extension: method table */ -record_policydb_table_t SEMANAGE_BOOL_POLICYDB_RTABLE = { +static record_policydb_table_t SEMANAGE_BOOL_POLICYDB_RTABLE = { .add = NULL, .modify = NULL, /* FIXME: these casts depend on structs in libsepol matching structs diff --git a/libsemanage/src/fcontexts_file.c b/libsemanage/src/fcontexts_file.c index f3579410..16380fe3 100644 --- a/libsemanage/src/fcontexts_file.c +++ b/libsemanage/src/fcontexts_file.c @@ -158,7 +158,7 @@ static int fcontext_parse(semanage_handle_t * handle, } /* FCONTEXT RECORD: FILE extension: method table */ -record_file_table_t SEMANAGE_FCONTEXT_FILE_RTABLE = { +static record_file_table_t SEMANAGE_FCONTEXT_FILE_RTABLE = { .parse = fcontext_parse, .print = fcontext_print, }; diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 9e2fe453..61c95f34 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -130,7 +130,7 @@ typedef struct IgnoreDir { char *dir; } ignoredir_t; -ignoredir_t *ignore_head = NULL; +static ignoredir_t *ignore_head = NULL; static void ignore_free(void) { ignoredir_t *next; diff --git a/libsemanage/src/ibendports_file.c b/libsemanage/src/ibendports_file.c index 2fa2a67c..8ae02a9c 100644 --- a/libsemanage/src/ibendports_file.c +++ b/libsemanage/src/ibendports_file.c @@ -129,7 +129,7 @@ err: } /* IBENDPORT RECORD: FILE extension: method table */ -record_file_table_t SEMANAGE_IBENDPORT_FILE_RTABLE = { +static record_file_table_t SEMANAGE_IBENDPORT_FILE_RTABLE = { .parse = ibendport_parse, .print = ibendport_print, }; diff --git a/libsemanage/src/ibendports_policydb.c b/libsemanage/src/ibendports_policydb.c index 1029810e..67c4e905 100644 --- a/libsemanage/src/ibendports_policydb.c +++ b/libsemanage/src/ibendports_policydb.c @@ -30,7 +30,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* IBENDPORT RECORD (SEPOL): POLICYDB extension : method table */ -record_policydb_table_t SEMANAGE_IBENDPORT_POLICYDB_RTABLE = { +static record_policydb_table_t SEMANAGE_IBENDPORT_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t)sepol_ibendport_modify, .set = NULL, diff --git a/libsemanage/src/ibpkeys_file.c b/libsemanage/src/ibpkeys_file.c index edde69f0..a45c6d3f 100644 --- a/libsemanage/src/ibpkeys_file.c +++ b/libsemanage/src/ibpkeys_file.c @@ -153,7 +153,7 @@ err: } /* IBPKEY RECORD: FILE extension: method table */ -record_file_table_t SEMANAGE_IBPKEY_FILE_RTABLE = { +static record_file_table_t SEMANAGE_IBPKEY_FILE_RTABLE = { .parse = ibpkey_parse, .print = ibpkey_print, }; diff --git a/libsemanage/src/ibpkeys_policydb.c b/libsemanage/src/ibpkeys_policydb.c index 8d73cf6f..ac16bcb6 100644 --- a/libsemanage/src/ibpkeys_policydb.c +++ b/libsemanage/src/ibpkeys_policydb.c @@ -30,7 +30,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* PKEY RECORD (SEPOL): POLICYDB extension : method table */ -record_policydb_table_t SEMANAGE_IBPKEY_POLICYDB_RTABLE = { +static record_policydb_table_t SEMANAGE_IBPKEY_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t)sepol_ibpkey_modify, .set = NULL, diff --git a/libsemanage/src/interfaces_file.c b/libsemanage/src/interfaces_file.c index 244f0ae5..29badb54 100644 --- a/libsemanage/src/interfaces_file.c +++ b/libsemanage/src/interfaces_file.c @@ -145,7 +145,7 @@ static int iface_parse(semanage_handle_t * handle, } /* IFACE RECORD: FILE extension: method table */ -record_file_table_t SEMANAGE_IFACE_FILE_RTABLE = { +static record_file_table_t SEMANAGE_IFACE_FILE_RTABLE = { .parse = iface_parse, .print = iface_print, }; diff --git a/libsemanage/src/interfaces_policydb.c b/libsemanage/src/interfaces_policydb.c index 552ce7d5..8a02751a 100644 --- a/libsemanage/src/interfaces_policydb.c +++ b/libsemanage/src/interfaces_policydb.c @@ -36,7 +36,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* INTERFACE RECRORD (SEPOL): POLICYDB extension: method table */ -record_policydb_table_t SEMANAGE_IFACE_POLICYDB_RTABLE = { +static record_policydb_table_t SEMANAGE_IFACE_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t) sepol_iface_modify, .set = NULL, diff --git a/libsemanage/src/nodes_file.c b/libsemanage/src/nodes_file.c index 2d2b7fe0..e6e108cb 100644 --- a/libsemanage/src/nodes_file.c +++ b/libsemanage/src/nodes_file.c @@ -154,7 +154,7 @@ static int node_parse(semanage_handle_t * handle, } /* NODE RECORD: FILE extension: method table */ -record_file_table_t SEMANAGE_NODE_FILE_RTABLE = { +static record_file_table_t SEMANAGE_NODE_FILE_RTABLE = { .parse = node_parse, .print = node_print, }; diff --git a/libsemanage/src/nodes_policydb.c b/libsemanage/src/nodes_policydb.c index 7224f008..23464cf6 100644 --- a/libsemanage/src/nodes_policydb.c +++ b/libsemanage/src/nodes_policydb.c @@ -35,7 +35,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* NODE RECORD (SEPOL): POLICYDB extension : method table */ -record_policydb_table_t SEMANAGE_NODE_POLICYDB_RTABLE = { +static record_policydb_table_t SEMANAGE_NODE_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t) sepol_node_modify, .set = NULL, diff --git a/libsemanage/src/ports_file.c b/libsemanage/src/ports_file.c index 90909eb4..6158cb63 100644 --- a/libsemanage/src/ports_file.c +++ b/libsemanage/src/ports_file.c @@ -161,7 +161,7 @@ static int port_parse(semanage_handle_t * handle, } /* PORT RECORD: FILE extension: method table */ -record_file_table_t SEMANAGE_PORT_FILE_RTABLE = { +static record_file_table_t SEMANAGE_PORT_FILE_RTABLE = { .parse = port_parse, .print = port_print, }; diff --git a/libsemanage/src/ports_policydb.c b/libsemanage/src/ports_policydb.c index 37d7deb2..e7f4fc0d 100644 --- a/libsemanage/src/ports_policydb.c +++ b/libsemanage/src/ports_policydb.c @@ -35,7 +35,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* PORT RECORD (SEPOL): POLICYDB extension : method table */ -record_policydb_table_t SEMANAGE_PORT_POLICYDB_RTABLE = { +static record_policydb_table_t SEMANAGE_PORT_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t) sepol_port_modify, .set = NULL, diff --git a/libsemanage/src/seusers_file.c b/libsemanage/src/seusers_file.c index 21b970ac..7eb3f427 100644 --- a/libsemanage/src/seusers_file.c +++ b/libsemanage/src/seusers_file.c @@ -109,7 +109,7 @@ static int seuser_parse(semanage_handle_t * handle, } /* SEUSER RECORD: FILE extension: method table */ -record_file_table_t SEMANAGE_SEUSER_FILE_RTABLE = { +static record_file_table_t SEMANAGE_SEUSER_FILE_RTABLE = { .parse = seuser_parse, .print = seuser_print, }; diff --git a/libsemanage/src/users_base_file.c b/libsemanage/src/users_base_file.c index 4e4d8d9b..8fb00698 100644 --- a/libsemanage/src/users_base_file.c +++ b/libsemanage/src/users_base_file.c @@ -195,7 +195,7 @@ static int user_base_parse(semanage_handle_t * handle, } /* USER BASE record: FILE extension: method table */ -record_file_table_t SEMANAGE_USER_BASE_FILE_RTABLE = { +static record_file_table_t SEMANAGE_USER_BASE_FILE_RTABLE = { .parse = user_base_parse, .print = user_base_print, }; diff --git a/libsemanage/src/users_base_policydb.c b/libsemanage/src/users_base_policydb.c index b42279c8..2e2ea522 100644 --- a/libsemanage/src/users_base_policydb.c +++ b/libsemanage/src/users_base_policydb.c @@ -35,7 +35,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* USER BASE record: POLICYDB extension: method table */ -record_policydb_table_t SEMANAGE_USER_BASE_POLICYDB_RTABLE = { +static record_policydb_table_t SEMANAGE_USER_BASE_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t) sepol_user_modify, .set = NULL, diff --git a/libsemanage/src/users_extra_file.c b/libsemanage/src/users_extra_file.c index 7aa9df3c..b3a15da2 100644 --- a/libsemanage/src/users_extra_file.c +++ b/libsemanage/src/users_extra_file.c @@ -100,7 +100,7 @@ static int user_extra_parse(semanage_handle_t * handle, } /* USER EXTRA RECORD: FILE extension: method table */ -record_file_table_t SEMANAGE_USER_EXTRA_FILE_RTABLE = { +static record_file_table_t SEMANAGE_USER_EXTRA_FILE_RTABLE = { .parse = user_extra_parse, .print = user_extra_print, }; diff --git a/libsemanage/src/users_join.c b/libsemanage/src/users_join.c index b598209f..dba96f3d 100644 --- a/libsemanage/src/users_join.c +++ b/libsemanage/src/users_join.c @@ -22,7 +22,7 @@ typedef struct dbase_join dbase_t; #include "debug.h" /* USER record: JOIN extension: method table */ -record_join_table_t SEMANAGE_USER_JOIN_RTABLE = { +static record_join_table_t SEMANAGE_USER_JOIN_RTABLE = { .join = semanage_user_join, .split = semanage_user_split, }; From patchwork Mon Nov 11 14:16:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870819 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F249319F131 for ; Mon, 11 Nov 2024 14:17:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334642; cv=none; b=MzRmoiT/BI5uzq31OuTp5piwNUjVpdpnYEwGlOJPxfQBuBhTkA3/O8xGM1okOeAiLgD7BDcu+oBhl6z4EVWS4m763EoAFQRdPV/c2mW9RCIqx0PEenA1b18hcvK5xnvuoAZYr0S4xij/+j3GzDCxrOQRgcK5iPhYb0bhDCzL9gQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334642; c=relaxed/simple; bh=GmnPXLouGQvtHn3DB3lmH1aHEDrgPM4XFiv4daSp4I8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=VDAuh0UPMSAuf/u5wHhyZnUOdRyUQWv3pIRSZ5+DN4yLYGW037i6Cioo57prVGrY8lZ4ke1DR21PcGx7ziHxm2IKvpVEnVHAIDzuIwHQsfvOJJJ8Pon+xWynWNsxrOwlGbuhafMGwYq3GFw8O+EYTVdkcaW5vsZvJrSoA90YG18= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=hqmwkoMm; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="hqmwkoMm" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334635; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=19PB52UUxTtqh/rNRfI03/PkcRr7adARdckeJ88LQT4=; b=hqmwkoMmou807nQ+BA0cMvNgY7yYxRlQdXjDEQ2JV+PcnTVuSqHIuK04NUjwmo1IH+RoCc cmmVq1zcYwU/coiJs++p31MUlPAkBHfqByiyaILAE2FX15MZz/bI+ZoLnuOm1sV8qB8BoX Woxysa/bzoeTne7FVbl5kNM8LJ509NP2YR7QY0paNUzKZvREf0TYmyabPwAhyI1XEOVk+8 AdzVa20h31ueNRp5kvHoCIGQEYzh44RSkzmMxhfFaEoUuEfX7xi6UcGQB1/MRBT+0LtpDA ZKwmYuTG1rGU3m1ThGWgGG68Xoiml3eG1fx/DXS6e2QDLPX9CuxGT9j1cGHMog== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 15/47] libsemanage: avoid const dropping casts Date: Mon, 11 Nov 2024 15:16:34 +0100 Message-ID: <20241111141706.38039-15-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche sha256.c: In function ‘Sha256Update’: sha256.c:197:40: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 197 | TransformFunction( Context, (uint8_t*)Buffer ); | ^ sha256.c:199:21: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 199 | Buffer = (uint8_t*)Buffer + BLOCK_SIZE; | ^ sha256.c:207:21: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 207 | Buffer = (uint8_t*)Buffer + n; | ^ semanage_store.c: In function ‘semanage_get_active_modules_cmp’: semanage_store.c:1059:38: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 1059 | semanage_module_info_t *aa = (semanage_module_info_t *)a; | ^ semanage_store.c:1060:38: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 1060 | semanage_module_info_t *bb = (semanage_module_info_t *)b; | ^ genhomedircon.c: In function ‘seuser_sort_func’: genhomedircon.c:742:40: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 742 | const semanage_seuser_t **u1 = (const semanage_seuser_t **) arg1; | ^ genhomedircon.c:743:40: warning: cast discards ‘const’ qualifier from pointer target type [-Wcast-qual] 743 | const semanage_seuser_t **u2 = (const semanage_seuser_t **) arg2; | ^ Signed-off-by: Christian Göttsche --- libsemanage/src/genhomedircon.c | 4 ++-- libsemanage/src/semanage_store.c | 4 ++-- libsemanage/src/sha256.c | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 61c95f34..34b5ff93 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -741,8 +741,8 @@ static int write_user_context(genhomedircon_settings_t * s, FILE * out, static int seuser_sort_func(const void *arg1, const void *arg2) { - const semanage_seuser_t **u1 = (const semanage_seuser_t **) arg1; - const semanage_seuser_t **u2 = (const semanage_seuser_t **) arg2; + const semanage_seuser_t *const *u1 = (const semanage_seuser_t *const *) arg1; + const semanage_seuser_t *const *u2 = (const semanage_seuser_t *const *) arg2; const char *name1 = semanage_seuser_get_name(*u1); const char *name2 = semanage_seuser_get_name(*u2); diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 29bde24a..0684b2e8 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -1058,8 +1058,8 @@ cleanup: /* qsort comparison function for semanage_get_active_modules. */ static int semanage_get_active_modules_cmp(const void *a, const void *b) { - semanage_module_info_t *aa = (semanage_module_info_t *)a; - semanage_module_info_t *bb = (semanage_module_info_t *)b; + const semanage_module_info_t *aa = (const semanage_module_info_t *)a; + const semanage_module_info_t *bb = (const semanage_module_info_t *)b; return strcmp(aa->name, bb->name); } diff --git a/libsemanage/src/sha256.c b/libsemanage/src/sha256.c index fe2aeef0..79664138 100644 --- a/libsemanage/src/sha256.c +++ b/libsemanage/src/sha256.c @@ -194,9 +194,9 @@ void { if( Context->curlen == 0 && BufferSize >= BLOCK_SIZE ) { - TransformFunction( Context, (uint8_t*)Buffer ); + TransformFunction( Context, (const uint8_t*)Buffer ); Context->length += BLOCK_SIZE * 8; - Buffer = (uint8_t*)Buffer + BLOCK_SIZE; + Buffer = (const uint8_t*)Buffer + BLOCK_SIZE; BufferSize -= BLOCK_SIZE; } else @@ -204,7 +204,7 @@ void n = MIN( BufferSize, (BLOCK_SIZE - Context->curlen) ); memcpy( Context->buf + Context->curlen, Buffer, (size_t)n ); Context->curlen += n; - Buffer = (uint8_t*)Buffer + n; + Buffer = (const uint8_t*)Buffer + n; BufferSize -= n; if( Context->curlen == BLOCK_SIZE ) { From patchwork Mon Nov 11 14:16:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870824 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5DF7A1A0714 for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; cv=none; b=FSZdNo1dzRF8LN4roC8DzqFhskupAB3Y97Gxgs8a6zD+YwG0+DLGMWN/PgnJghkkkcSEt4Jb61Wud4lWcEbVelcqe+izAWjozKxI2CC9+T143n3Zj7/ySsKXV3fkGqGJaHyTXTV/pDa/s7Q3diwhqKRosjb4ho1i7cXCv3/kdGg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; c=relaxed/simple; bh=BCYkPibHr8mJqNX/uudDQxmIkMlMJddVZxuATiHeUAs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=BbnOmUrcgZIZrbLnIQRFGAh+C9j8qqpBJ7T+50nKpbJBJbLOwy6pG5ewsqdZuJfbv9CAlSctK2vs0rAqaYKw+cBU2wpgcO6B2T9bD8p8PAEyNr5jdgjndtcI0Jbxqx/97Nf8+LzaQE8npGPdD62JRLg1owoXH7aFx6GzGHPThwA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=aNFhNskm; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="aNFhNskm" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334635; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AxRnLsEc9JYnGbm/RmRWa4v0FQFYfs3WMKJCaqfR1yQ=; b=aNFhNskmv8MprZOxR51mzaFPfBiEPMQOdQRPsUTlU1EJttw7sRHQHwKXENfQVzUqH0ouJd m2WCd+coQjqO3tpYNlxNG3LQsIWaYmvQhnTh0l4uoo2KhA25NSSun0qZke4+VayOSdG6Ch LLFhBju0EZYn0pev5DISlqFBIxOA1h8IQa7WArU1jQWk1HqgBaq48wuT1d9tmCdztWV0Qm n+IhDjXRh8E8bzgKaLNms13xfk8QpnVpXSFgkpb8VqU0DQng7cseP0mlozSDjljQ5X7D9g Ki+3sLQGYiWYojZtxNNt+xY/ZEIdRSp2pwFjRbjyuqtOMJaAFJqb8DV7Ktj4DQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 16/47] libsemanage: cast to unsigned char for character checking functions Date: Mon, 11 Nov 2024 15:16:35 +0100 Message-ID: <20241111141706.38039-16-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Character checking functions, like isspace(3), take an unsigned char as input, and passing any other value is undefined behavior. Signed-off-by: Christian Göttsche --- libsemanage/src/conf-scan.l | 4 ++-- libsemanage/src/genhomedircon.c | 4 ++-- libsemanage/src/modules.c | 8 ++++---- libsemanage/src/parse_utils.c | 10 +++++----- libsemanage/src/semanage_store.c | 16 ++++++++-------- libsemanage/src/users_base_file.c | 4 ++-- 6 files changed, 23 insertions(+), 23 deletions(-) diff --git a/libsemanage/src/conf-scan.l b/libsemanage/src/conf-scan.l index b06a896c..bc0630b9 100644 --- a/libsemanage/src/conf-scan.l +++ b/libsemanage/src/conf-scan.l @@ -78,11 +78,11 @@ args return PROG_ARGS; * Returns NULL on error. */ static char *my_strdup(char *s) { char *t; - while (isspace(*s)) { + while (isspace((unsigned char)*s)) { s++; } t = s + strlen(s) - 1; - while (t >= s && isspace(*t)) { + while (t >= s && isspace((unsigned char)*t)) { *t = '\0'; t--; } diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 34b5ff93..31c9a5bf 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -543,14 +543,14 @@ static const char *extract_context(const char *line) while (off > 0) { p--; off--; - if (!isspace(*p)) + if (!isspace((unsigned char)*p)) break; } if (off == 0) return NULL; /* find the last field in line */ - while (off > 0 && !isspace(*(p - 1))) { + while (off > 0 && !isspace((unsigned char)*(p - 1))) { p--; off--; } diff --git a/libsemanage/src/modules.c b/libsemanage/src/modules.c index eeb85be6..e6a47362 100644 --- a/libsemanage/src/modules.c +++ b/libsemanage/src/modules.c @@ -819,12 +819,12 @@ int semanage_module_validate_name(const char * name) goto exit; } - if (!isalpha(*name)) { + if (!isalpha((unsigned char)*name)) { status = -1; goto exit; } -#define ISVALIDCHAR(c) (isalnum(c) || c == '_' || c == '-') +#define ISVALIDCHAR(c) (isalnum((unsigned char)c) || c == '_' || c == '-') for (name++; *name; name++) { if (ISVALIDCHAR(*name)) { @@ -876,12 +876,12 @@ int semanage_module_validate_lang_ext(const char *ext) goto exit; } - if (!isalnum(*ext)) { + if (!isalnum((unsigned char)*ext)) { status = -1; goto exit; } -#define ISVALIDCHAR(c) (isalnum(c) || c == '_' || c == '-') +#define ISVALIDCHAR(c) (isalnum((unsigned char)c) || c == '_' || c == '-') for (ext++; *ext; ext++) { if (ISVALIDCHAR(*ext)) { diff --git a/libsemanage/src/parse_utils.c b/libsemanage/src/parse_utils.c index 13837c87..d9b12763 100644 --- a/libsemanage/src/parse_utils.c +++ b/libsemanage/src/parse_utils.c @@ -90,7 +90,7 @@ int parse_skip_space(semanage_handle_t * handle, parse_info_t * info) char *ptr; if (info->ptr) { - while (*(info->ptr) && isspace(*(info->ptr))) + while (*(info->ptr) && isspace((unsigned char)*(info->ptr))) info->ptr++; if (*(info->ptr)) @@ -109,7 +109,7 @@ int parse_skip_space(semanage_handle_t * handle, parse_info_t * info) buffer[len - 1] = '\0'; ptr = buffer; - while (*ptr && isspace(*ptr)) + while (*ptr && isspace((unsigned char)*ptr)) ptr++; /* Skip comments and blank lines */ @@ -156,7 +156,7 @@ int parse_assert_space(semanage_handle_t * handle, parse_info_t * info) if (parse_assert_noeof(handle, info) < 0) return STATUS_ERR; - if (*(info->ptr) && !isspace(*(info->ptr))) { + if (*(info->ptr) && !isspace((unsigned char)*(info->ptr))) { ERR(handle, "missing whitespace (%s: %u):\n%s", info->filename, info->lineno, info->orig_line); return STATUS_ERR; @@ -242,7 +242,7 @@ int parse_fetch_int(semanage_handle_t * handle, if (parse_fetch_string(handle, info, &str, delim, 0) < 0) goto err; - if (!isdigit((int)*str)) { + if (!isdigit((unsigned char)*str)) { ERR(handle, "expected a numeric value: (%s: %u)\n%s", info->filename, info->lineno, info->orig_line); goto err; @@ -277,7 +277,7 @@ int parse_fetch_string(semanage_handle_t * handle, if (parse_assert_noeof(handle, info) < 0) goto err; - while (*(info->ptr) && (allow_spaces || !isspace(*(info->ptr))) && + while (*(info->ptr) && (allow_spaces || !isspace((unsigned char)*(info->ptr))) && (*(info->ptr) != delim)) { info->ptr++; len++; diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 0684b2e8..f5c19e00 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -1409,7 +1409,7 @@ static char **split_args(const char *arg0, char *arg_string, break; } default:{ - if (isspace(*s) && !in_quote && !in_dquote) { + if (isspace((unsigned char)*s) && !in_quote && !in_dquote) { if (arg != NULL) { rc = append_arg(&argv, &num_args, arg); if (rc) @@ -2598,7 +2598,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, /* Skip the whitespace at the front of the line. */ for (i = 0; i < line_len; i++) { - if (!isspace(line_buf[i])) + if (!isspace((unsigned char)line_buf[i])) break; } @@ -2630,7 +2630,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, escape_chars = 0; just_saw_escape = 0; start = i; - while (i < line_len && (!isspace(line_buf[i]))) { + while (i < line_len && (!isspace((unsigned char)line_buf[i]))) { if (line_buf[i] == '\\') { if (!just_saw_escape) { escape_chars++; @@ -2666,7 +2666,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, /* Skip the whitespace after the regular expression. */ for (; i < line_len; i++) { - if (!isspace(line_buf[i])) + if (!isspace((unsigned char)line_buf[i])) break; } if (i == line_len) { @@ -2703,7 +2703,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, /* Skip the whitespace after the type. */ for (; i < line_len; i++) { - if (!isspace(line_buf[i])) + if (!isspace((unsigned char)line_buf[i])) break; } if (i == line_len) { @@ -2719,7 +2719,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, /* Extract the context from the line. */ start = i; - while (i < line_len && (!isspace(line_buf[i]))) + while (i < line_len && (!isspace((unsigned char)line_buf[i]))) i++; finish = i; context_len = finish - start; @@ -2914,7 +2914,7 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, /* Skip the whitespace at the front of the line. */ for (i = 0; i < line_len; i++) { - if (!isspace(line_buf[i])) + if (!isspace((unsigned char)line_buf[i])) break; } @@ -2950,7 +2950,7 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, } /* skip over whitespace */ - for (; offset < line_len && isspace(line_buf[offset]); + for (; offset < line_len && isspace((unsigned char)line_buf[offset]); offset++) ; /* load rule into node */ diff --git a/libsemanage/src/users_base_file.c b/libsemanage/src/users_base_file.c index 8fb00698..f4d15451 100644 --- a/libsemanage/src/users_base_file.c +++ b/libsemanage/src/users_base_file.c @@ -113,7 +113,7 @@ static int user_base_parse(semanage_handle_t * handle, start = info->ptr; while (*(info->ptr) && *(info->ptr) != ';' && - *(info->ptr) != '}' && !isspace(*(info->ptr))) + *(info->ptr) != '}' && !isspace((unsigned char)*(info->ptr))) info->ptr++; delim = *(info->ptr); @@ -122,7 +122,7 @@ static int user_base_parse(semanage_handle_t * handle, if (semanage_user_base_add_role(handle, user, start) < 0) goto err; - if (delim && !isspace(delim)) { + if (delim && !isspace((unsigned char)delim)) { if (islist && delim == '}') break; else if (!islist && delim == ';') From patchwork Mon Nov 11 14:16:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870818 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0A6D119F113 for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334642; cv=none; b=ScuYuINu8Wso9nrjVzeOzbmY0aNOw22j50hD3smY+gm2ot3+GBhTse3H8cgSh0l5jIE9m4ed2IJ8290DsR9APtBC//Fiv2Jnch8VH12lTy8R/5FSlcrlR8+mQbO/17WVkFjFUdlJ4q/v7GSiW62XNdS16g6gXBbdzA4QVckecAg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334642; c=relaxed/simple; bh=8yQf4NvJsNA1/tp0933mk3NUBWO+E+lbBgxlNsXCkfs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=nbIi62v3Mco9O9JH3jlLRMSzWuP3QaNtH8QdhQg8zse5+DzVqoghZT+T8TF7MxdBGqmzpnMDOxMRbhSEab9SXNHZZ5AS6hIV74EnmT21Zlqnb1KkSfzJ1spU1HPPewZwRRFMt7HIp7GIMfGn9BaPcQkI8WKJRKJvFfAp0dgCcIQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=W9dRqXsH; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="W9dRqXsH" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334636; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nDmtPL9C7TYTDpODA7ICoFwr1NgCb6ae14GVdS3YSvM=; b=W9dRqXsH+9xaPfexb+BIas7Guk5HYU44B7G7WwoZF02dRz+7f4jJzI/quETVvt7yv29MP3 Os0lw9p8g4f3B7t+o7wdmNCbYYkGrVfBzH7mX13hmXoMri7e/jyLR5m9lQQRHeAZwWnOuf nI0QQwteQf2Qm2DfbN+q42jWPlk/Uh2hyCMUWtlNZYy7UvOyDWrNkDiZmGkGnM2o4iEcl6 M42bjFaxYaHPJ4sDckeSlem7v+ViXaLmhYrMkF6LIw2wV0GdvJ4tSEu2O3CVoWf/G0ca5T FyP3PMIOV7US7+yFDjrk5UfANBnA+0Iiq3kGfGjdau5f2pHQ6M9r2lf2Q1qTnQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 17/47] libsemanage: drop casts to same type Date: Mon, 11 Nov 2024 15:16:36 +0100 Message-ID: <20241111141706.38039-17-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/genhomedircon.c | 10 +++++----- libsemanage/src/semanage_store.c | 8 ++++---- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 31c9a5bf..29ff4259 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -472,10 +472,10 @@ static int HOME_DIR_PRED(const char *string) /* new names */ static int USERNAME_CONTEXT_PRED(const char *string) { - return (int)( - (strstr(string, TEMPLATE_USERNAME) != NULL) || - (strstr(string, TEMPLATE_USERID) != NULL) - ); + return + strstr(string, TEMPLATE_USERNAME) != NULL || + strstr(string, TEMPLATE_USERID) != NULL + ; } /* This will never match USER if USERNAME or USERID are found. */ @@ -484,7 +484,7 @@ static int USER_CONTEXT_PRED(const char *string) if (USERNAME_CONTEXT_PRED(string)) return 0; - return (int)(strstr(string, TEMPLATE_USER) != NULL); + return strstr(string, TEMPLATE_USER) != NULL; } static int STR_COMPARATOR(const void *a, const void *b) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index f5c19e00..fb3f3cc9 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -2656,7 +2656,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, continue; } - temp->path = (char *)strndup(&line_buf[start], regex_len); + temp->path = strndup(&line_buf[start], regex_len); if (!temp->path) { ERR(sh, "Failure allocating memory."); semanage_fc_node_destroy(temp); @@ -2691,7 +2691,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, /* Record the inode type. */ temp->file_type = - (char *)strndup(&line_buf[i], type_len); + strndup(&line_buf[i], type_len); if (!temp->file_type) { ERR(sh, "Failure allocating memory."); semanage_fc_node_destroy(temp); @@ -2724,7 +2724,7 @@ int semanage_fc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, finish = i; context_len = finish - start; - temp->context = (char *)strndup(&line_buf[start], context_len); + temp->context = strndup(&line_buf[start], context_len); if (!temp->context) { ERR(sh, "Failure allocating memory."); semanage_fc_node_destroy(temp); @@ -2963,7 +2963,7 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, } node->rule = - (char *)strndup(line_buf + offset, line_len - offset); + strndup(line_buf + offset, line_len - offset); node->rule_len = line_len - offset; node->next = NULL; From patchwork Mon Nov 11 14:16:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870820 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5DE841A070E for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334642; cv=none; b=gao/DLUVUR4LXBoMQiqm6XI7du1SfPKGuVaSI9qU5f79K6tp69C5S/w1r19eUZF/aj0+3m230TstategFYZuV9XuHgiFnE45wBuTur2Eh5+Usf26y0CStb4Ug7eN9LdANyVvINyDNy6SZ0T5io06SWpJjKFmWFVuGU5eUl3Ie7E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334642; c=relaxed/simple; bh=4qCEOFCu2qIajZVZjeSLxVHJEUHQfO7yC6sSb8M5q5g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Ece6KLMVz0tIRuQGpXXNtc9sOeIEsSh8hJwuZtP+30qmgZ1OqUKUFaEaw27qvTnb0qWTb6lmuB6TPs+HXHQTMHNf88nWFmGmWu+LSiSTeETtQ+na+U7lXSaNl/xWxKGc01q3smEFB84ufejDy15DMhXjdtZ7tArsgi6XlsBlpyE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=pq1aBRaA; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="pq1aBRaA" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334636; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=iD70GYzyUku4cZWsoZWoMmKmHLAlUXDUa7FcnUk6G3U=; b=pq1aBRaAIYsxCAOvyucHrtjnxUr9jvvdY/+/znupHZi5GIVtDOq5FxZvmjrFhUf5zj8hfo KG8yrSdryI08VLkRCEF7Ij9lTgk/cB3wbEnqbBtiodqoMRuIVyAF2J1TovmM7vi40LA9ne jwqy6vz8JK6Rj2srzdraDbpEuNHG4yy2HVqFBYsj036INkFDmt38cVFMXnTzkfY+MTsp6O vPoE8XSJSXi2zGNRbvI8C3bnpMcyTAFs4eEVjyN6WcQRbrN1JyU1TSnb9nWPdeMQ/K7arI LfGRVGid1vfP5evb8uvygB1zb+75yE7IMXxWlxT0LKcRI4AEm78E3JmPHNzOxQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 18/47] libsemanage: fix asprintf error branch Date: Mon, 11 Nov 2024 15:16:37 +0100 Message-ID: <20241111141706.38039-18-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche The content of the first argument after a failure of asprintf(3) is undefined and must not be used. Signed-off-by: Christian Göttsche --- libsemanage/src/boolean_record.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libsemanage/src/boolean_record.c b/libsemanage/src/boolean_record.c index 40dc6545..7878b04d 100644 --- a/libsemanage/src/boolean_record.c +++ b/libsemanage/src/boolean_record.c @@ -107,8 +107,10 @@ int semanage_bool_set_name(semanage_handle_t * handle, end++; *end = '\0'; rc = asprintf(&newroot, "%s%s%s", prefix, olddir, storename); - if (rc < 0) + if (rc < 0) { + newroot = NULL; goto out; + } if (strcmp(oldroot, newroot)) { rc = selinux_set_policy_root(newroot); From patchwork Mon Nov 11 14:16:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870821 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5DEDB1A0711 for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; cv=none; b=XgWcJgtPew77CoyHEui/dlMCK4PuUZG6SN4fckmv3+rkERS2y3/5aNWVIFy3Zc5W7UFu96r2e9yrsSRXLDRb3Y6UDPSMT/3vAta4iyr3ntecu8TzdcJWHm9C3KW0xCY2kE0Tr26rD1Y2X+GPsfjfGiEtqG4HHwtB5JG+eOFV5yM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; c=relaxed/simple; bh=Hmm1SLGNV2jt8QBZ6erdSbVG6BulDJZVJWIB0HGeFN0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=X0HJStg/AzU3uLkTdmnQksv+MNZPaDDOPzh4/pCwK1vzb6nrOPpBBz+9HSbI2mDJZEiHvHMFGh3gGsNOPY8jXuiYa61mbwGAcJpvQ4h01c3jJfNVfKcXetORrEtwkEFzdUfNzRAzMwosvPYp7dm/I1BlntFK7MWULz2NRBqbkag= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=h13jupHR; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="h13jupHR" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334636; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=C52vXDtb/i1K8dnwT0SVVTwgGruXJ6nrdy2IKOZ6nLg=; b=h13jupHRGdLSKOmqLpBzD6x8ikunuqhoRLfK2L3mJWM//YOTnQAtjqtsdtEAv1aeDb47HK EurhMlAQ62rWoUwUmLeqMIDbuWQKkah48z+hBUK6yYLhAUZ/wCWkxFxhLdWOUZRaNAIxGY L0cMSKmQ08x72ItK32KhLTD9OqTfEVGrOW7tDoXzoIKjQ1l9c7DiybfEFSFvfClkT6AUKi aoPx3gVoRmHc8pswQKtog8NcRB875Etfq2CgZluPOsxwYiKnpRMVFr9hY8nmoeL8RpjRk6 G3kSwMqeqBBjX0rpjx7gGORSlizeTkI7qwOhuQHu0cEvdg/Kmc6JHlvdUhSVMQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 19/47] libsemanage: avoid leak on realloc failure Date: Mon, 11 Nov 2024 15:16:38 +0100 Message-ID: <20241111141706.38039-19-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/direct_api.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index 83addbee..66a6fa66 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -599,12 +599,16 @@ static int read_from_pipe_to_data(semanage_handle_t *sh, size_t initial_len, int while ((read_len = read(fd, data_read + data_read_len, max_len - data_read_len)) > 0) { data_read_len += read_len; if (data_read_len == max_len) { + char *tmp; + max_len *= 2; - data_read = realloc(data_read, max_len); - if (data_read == NULL) { + tmp = realloc(data_read, max_len); + if (tmp == NULL) { ERR(sh, "Failed to realloc, out of memory.\n"); + free(data_read); return -1; } + data_read = tmp; } } From patchwork Mon Nov 11 14:16:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870823 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A62A91A071C for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; cv=none; b=J7hmtp5XA5yJJ29UzsntfTiju80gX4oM0a17Ke/9XvggPhGa7aMse92x7vXPNZx81EDAdafSP7Psx9buyfpBlNXwAxHE8rYL3VhLuw1Iv+1BFFhgVkMqFqnu1TGEGY9xP1UK7YHjRwb1sdiJZB3/tjkxgDvP3KoZveu+6B2d/+8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; c=relaxed/simple; bh=6rC6sOK7Vkj10yqG76kesdjt7P3cxJwjq8rstCbiijA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=rObp4eqxk3fysjI7utbCrOGhQTjopCIau5ieJ/itURrU8S5ulQpf0NaNRyJwKAwDNC4/WJYp4syOtXBKZsGnyBZfMcZ/BaU6V2N5ECI+3rp+DUZN3qx1ESv/lQRI4BJDWhyrRRiZbCSi+JJ5518/IHkPoyUtIYnT20XZ5Vcq+ug= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=H/cx1t5v; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="H/cx1t5v" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334636; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=HMKaJevcQ7ftGpNTFooubHh8N8H+ehR6m1b3JODiHf0=; b=H/cx1t5vEzbZ9pkGSK83RWeCJ+lIfcYRsRMcZUIt54AcEqMEh/WOABchyN284zm34qocsu XRBz9Ig+0NCMxOzrQvnx++5IeIIlUssSDyh9zlHedOb3+TDGZ0NglO7WrAoXhWaGmWu5aF +/uI1M7PmhEg1okCL8cPqJkc+lS+3lfElWNwzru7mYGfT8Uvt5aEfgtkwrfX3E70kQT5y9 850kHOuvMK5VaUHd/xrk4Hw2B1Njyb5eyujH+8OwD5ZvcoRVeALBJmbdJO0nlHP2Lz2kA6 sT2iZzdRO6j9mDmTcyYlQeRmSh78Nq6MnqhwcCG0lbeoFF3s0Ec/4QqyaIg7Ig== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 20/47] libsemanage: use strtok_r for thread safety Date: Mon, 11 Nov 2024 15:16:39 +0100 Message-ID: <20241111141706.38039-20-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Use strtok_r(3) for thread safety, not only against concurrent usage within libsemanage but also other linked libraries in the application. Signed-off-by: Christian Göttsche --- libsemanage/src/genhomedircon.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 29ff4259..5e7315d8 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -144,10 +144,10 @@ static void ignore_free(void) { } static int ignore_setup(char *ignoredirs) { - char *tok; + char *tok, *saveptr = NULL; ignoredir_t *ptr = NULL; - tok = strtok(ignoredirs, ";"); + tok = strtok_r(ignoredirs, ";", &saveptr); while(tok) { ptr = calloc(1, sizeof(ignoredir_t)); if (!ptr) @@ -159,7 +159,7 @@ static int ignore_setup(char *ignoredirs) { ptr->next = ignore_head; ignore_head = ptr; - tok = strtok(NULL, ";"); + tok = strtok_r(NULL, ";", &saveptr); } return 0; From patchwork Mon Nov 11 14:16:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870825 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C75F91A071E for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; cv=none; b=mFI6w3d+r4h0ZwQFQ566Ecbi9I++4gnyGlU4dFKWN85ZbzphCcb7JrjLYooNUwcd7QC/MkXtTrqHxKhVhGDu7l/rSIfgchw3TarnhGNzuEFGJyk5c1IiL/nFIuvKXndzCIvUNJxMTBv5f2nD43WUSBuxfZpz/vmVgW0J02VJinw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; c=relaxed/simple; bh=NgIXJRoCJBeWazQ9Uh7zYzHT2DHr15wc3S/jQwU6+nc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=IyhoD8bIYBRFic71D+3m6bUyW/Xr+C8FXXv3+4t/mQ/bpsN2fW8DlMABc+Q5D9fUoTc3z+zKqkM7mwSi3kO6oFK9k3y9J2ScatqHmWG2fJzdHwNt6xcSYcTlY3wUwP5khMIJIZ8qeU5f3qfpKJBZPEjzVnKGjmCB0FPW+gGhOPc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=PYkW9HFL; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="PYkW9HFL" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334636; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xZqOO2qEkP9MzUnFTSK/Pw60wAPzqnFLJtvJueEXL+4=; b=PYkW9HFLFrgwn3+mzD+bqu9IZzRAybrAhLmmCaG40YijH28Bfivr9g1Y875AhLiLzup1ph UBI532O4fCpXzZQGtGqukvvIFvkEh6V7FklAiB+GUa6chhaBHHpFjRZsjFt62YKecNQYIc +4zqSOdP2GZzjeRBYoWCN4mlb8uu456WmaA4F0rDAY2Xb0x9Dhhnf2alhYH0UAfzr9VNbD BwkDUxv+Kn9j2XIE523WqJzPZKYISn9zs3yyb5WwdhaV31umqVLbMCALnGU+dXXmQmbtFH K+A+w3KQtnvf9+bO1/U9epQRGUHHBlERzbN4MWBQRrMXPlVkippJWkq81xe2ew== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 21/47] libsemanage: handle cil_set_handle_unknown() failure Date: Mon, 11 Nov 2024 15:16:40 +0100 Message-ID: <20241111141706.38039-21-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/direct_api.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index 66a6fa66..a262fe09 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -1353,7 +1353,9 @@ static int semanage_direct_commit(semanage_handle_t * sh) cil_set_policy_version(cildb, sh->conf->policyvers); if (sh->conf->handle_unknown != -1) { - cil_set_handle_unknown(cildb, sh->conf->handle_unknown); + retval = cil_set_handle_unknown(cildb, sh->conf->handle_unknown); + if (retval < 0) + goto cleanup; } retval = semanage_load_files(sh, cildb, mod_filenames, num_modinfos); From patchwork Mon Nov 11 14:16:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870830 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D2F991A0721 for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334644; cv=none; b=SpdR9VsscKJzDJ1iSma7kMNUFi6JqcHSU5giL+BigZn23kstQDSYIz4zR+9G0iSYxKXD4PxC1KehGqnvE5zfpeoYGLB/NoiYA5bww9wPhpdGJPMUwof/x6ER7keLBsZTo614APNMY+GIgI9s6WGW1yyqcMWK4MfgiAB6Xec46Bw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334644; c=relaxed/simple; bh=Gc/1q3VKbWRM/C3IwC9jUGDHohr3fYVYRU1NvUQtmB0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=DrGxShc3VQvIBPfWt6TyKbCVTaJy2fKa5a+EGTr85DKo2lvLzPk7umuO4Rpm+3Vq0aQ5oFqsEprHJL6RO2ibaSxxtF6qUqkEIdT2SeOb1B6BLrX+QlUbe2L9BzFarl34m3RA0MGYnuvZSW96vMmfNgYxlaVkNQ8TDn8sgPCWknE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=rpy6TzVe; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="rpy6TzVe" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334637; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=VZpBwwbly1+1nfkmJzE4u7V79GtAviKmPHPtUFNfR3Y=; b=rpy6TzVeoCWqVfDqtZAQiXpx9sCdHmrxlkaiY+LFvp0/XS9LUy2TUiYcp1m1HUS4kZO48s Pu70B9AdwqggBEqmMoz9+uti1g4Tjv+5hu4Icbf8CfdnJTo+Twa7GIr4kcceMiflyizWLr 7AVtYspIag+zEngD/X62cu74yEidaIEFuodKeRtDxahm1L7/QLZdgdr8Xq3+dlgFEwx6SX wr/9ncG3iUPHQTGwZVGfSrygu9K7FbnJByQe1NneS8SUFWsdcuzdfLILqu+Cbrwz8/wueS 7LWXX//Nmhpr5qfxSc9mwNfjpO64wvCkhlCScda8T0R+5au2EroSsW8mM83gHg== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 22/47] libsemanage: free ibdev names in semanage_ibendport_validate_local() Date: Mon, 11 Nov 2024 15:16:41 +0100 Message-ID: <20241111141706.38039-22-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/ibendports_local.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/libsemanage/src/ibendports_local.c b/libsemanage/src/ibendports_local.c index e696fdca..feebfa63 100644 --- a/libsemanage/src/ibendports_local.c +++ b/libsemanage/src/ibendports_local.c @@ -80,8 +80,8 @@ int semanage_ibendport_validate_local(semanage_handle_t *handle) semanage_ibendport_t **ibendports = NULL; unsigned int nibendports = 0; unsigned int i = 0, j = 0; - char *ibdev_name; - char *ibdev_name2; + char *ibdev_name = NULL; + char *ibdev_name2 = NULL; int port; int port2; @@ -97,6 +97,8 @@ int semanage_ibendport_validate_local(semanage_handle_t *handle) while (i < nibendports) { int stop = 0; + free(ibdev_name); + ibdev_name = NULL; if (STATUS_SUCCESS != semanage_ibendport_get_ibdev_name(handle, ibendports[i], @@ -114,6 +116,8 @@ int semanage_ibendport_validate_local(semanage_handle_t *handle) if (j == nibendports - 1) goto next; j++; + free(ibdev_name2); + ibdev_name2 = NULL; if (STATUS_SUCCESS != semanage_ibendport_get_ibdev_name(handle, ibendports[j], @@ -136,6 +140,8 @@ next: j = i; } + free(ibdev_name); + free(ibdev_name2); for (i = 0; i < nibendports; i++) semanage_ibendport_free(ibendports[i]); free(ibendports); @@ -145,6 +151,8 @@ err: ERR(handle, "could not complete ibendports validity check"); invalid: + free(ibdev_name); + free(ibdev_name2); for (i = 0; i < nibendports; i++) semanage_ibendport_free(ibendports[i]); free(ibendports); From patchwork Mon Nov 11 14:16:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870826 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D4CEE1A0724 for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; cv=none; b=jz/NbThWg/+6g3sCwb7kQ9pTkw3e8IiBkWkERMq6cOeXenG9cYc2wVmfFkLaPRycxG3KDqm2HLw6aCQJLdpt4KdIAIG5AmDcQGS7PEUHTO0LIGesfyCFIK8FGFpAEqQmm2D75tUVEey7kX17AyU2FM/1qOimhU6unRbUXbynJEM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334643; c=relaxed/simple; bh=1gdGxskphYrF5dJA4o2/5iJc0jUN4f9BA+ThanKTGXU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=qJa20aGYhrtgJtLMXSvXeXRsF2zor9sowB+wfqD8MUV85GNEsHlKfgXLPeABK9d7VSRo61INqrJMb2dR3UvUymKdOHHMUwXvJGXbpN7USFQnvwqcswslfhINZGfw9Akf75shwdO2mYGZbXhYeRxo2Ks+36tA8TvaS3pSL9k4OH8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=ROtQ5bd6; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="ROtQ5bd6" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334637; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GfcPvZ6nZNBC1kZFNVrFRGuEZ5TbDiUHKFx+d4jovDU=; b=ROtQ5bd6EVT6GO2b32a+mbV0RT0ThGmI5AJVON9VGJMK1wgu+pxhtyV9LZh1elNBm4VP11 vReOBcP92AOwHNJUDToQfrlvboAaJunw88KUmEUI3cKrQ17Pl+oCL/eLcLrx5hsoniokCv d9ykNU/mgyppbgn/vw/4FranUYdhVUcTveeLic3xrMZzQ/h/gkGzCAH0vSd6PWX9a+sJIZ BfxQXA9q+bivx5quImZ9hQtWdNyHTamAozoaS/fhgCSXpGzDELGhAEcIMorLGM88kH7Ir9 dkKws0PFkvqU+pOeVEMXqxVwZ2Y1Yp9NPmQMqRUxkKsX9C9RVdGlKvWteevatQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 23/47] libsemanage: simplify malloc plus strcpy via strndup Date: Mon, 11 Nov 2024 15:16:42 +0100 Message-ID: <20241111141706.38039-23-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/parse_utils.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/libsemanage/src/parse_utils.c b/libsemanage/src/parse_utils.c index d9b12763..d3bc148b 100644 --- a/libsemanage/src/parse_utils.c +++ b/libsemanage/src/parse_utils.c @@ -290,14 +290,12 @@ int parse_fetch_string(semanage_handle_t * handle, goto err; } - tmp_str = (char *)malloc(len + 1); + tmp_str = strndup(start, len); if (!tmp_str) { ERR(handle, "out of memory"); goto err; } - strncpy(tmp_str, start, len); - *(tmp_str + len) = '\0'; *str = tmp_str; return STATUS_SUCCESS; From patchwork Mon Nov 11 14:16:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870827 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E4FAB19CC1C for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334644; cv=none; b=oApgGjr/8yCs6fk4X2CPXXaGcnSVP6WpUXhqtKOQLLUWC/RVcT08ttqjQXCdH1kpovQSeUzEYs+UBjmH0t0L3mgj4oAZp6HPLOKA3u9Ud0Ipn4RvzmoxPukVVvqftcwuN7cSLLl+lGpSGD5FSuLs239clZQ4jTrgDE6+Ix3oqF4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334644; c=relaxed/simple; bh=8cU5PGK6f2sjoWR5k5DC9/rigj/R0rfGIoW6+M5cf5k=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ppDdJFfWkeYIAAkZ/69qxH1OqPy3CFQNQ7wJtJSj4R8npx3/Ak/LWv//K7T80uQmEyn2D0lZo8yb/ExYiOic0xowG/qXCqMqN1msTwaRexF+tiXYyR0+NZDfxB2wQ12GJwqE1ifC7lqkMZBVUzrMq1XUrH1apeOUd9vK73m+7h8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=VnI20vn4; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="VnI20vn4" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334637; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=i4C9MllQ/dsLPOxpK0SHGLkwloY2UGLglHoKDi5bCzo=; b=VnI20vn4o2kbktDHH3rx76v+j4PHT3MFWc9rGXlaOUJrASJXjs5SMP4MudWSudHEk0m9OY mdF8qj10dYTtUdTiW7oBExF77gSbeL7w43Z/ey6AkxZGN+/P39EX8XuM39QeAGFFUIhL6t rzpjclgjy9KsmIU9Qk+6iRz7kc52fVMUbFg2wqRdX/BdYgZpH8WPO22kTDXqo0Et3EjOuT jii6yHSZ3NkXq8Lg5uOvKXzjOrJOowFg7d+7qifqyUt0FE8DLXn6Du8WTJyR/t/i7goVrD YhiSYA+dGceHm/midyT17tj77JFAD0MH27Fowhq8Qr7ZukBqRPAogtA3zQheXg== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 24/47] libsemanage: check for path formatting failures Date: Mon, 11 Nov 2024 15:16:43 +0100 Message-ID: <20241111141706.38039-24-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/semanage_store.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index fb3f3cc9..c9bb9c97 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -798,7 +798,7 @@ static int semanage_copy_dir(const char *src, const char *dst) * well. Returns 0 on success, -1 on error. */ static int semanage_copy_dir_flags(const char *src, const char *dst, int flag) { - int i, len = 0, retval = -1; + int i, len = 0, rc, retval = -1; struct stat sb; struct dirent **names = NULL; char path[PATH_MAX], path2[PATH_MAX]; @@ -822,13 +822,21 @@ static int semanage_copy_dir_flags(const char *src, const char *dst, int flag) } for (i = 0; i < len; i++) { - snprintf(path, sizeof(path), "%s/%s", src, names[i]->d_name); + rc = snprintf(path, sizeof(path), "%s/%s", src, names[i]->d_name); + if (rc < 0 || (size_t)rc >= sizeof(path)) { + errno = EOVERFLOW; + goto cleanup; + } /* stat() to see if this entry is a file or not since * d_type isn't set properly on XFS */ if (stat(path, &sb)) { goto cleanup; } - snprintf(path2, sizeof(path2), "%s/%s", dst, names[i]->d_name); + rc = snprintf(path2, sizeof(path2), "%s/%s", dst, names[i]->d_name); + if (rc < 0 || (size_t)rc >= sizeof(path2)) { + errno = EOVERFLOW; + goto cleanup; + } if (S_ISDIR(sb.st_mode)) { mask = umask(0077); if (mkdir(path2, 0700) == -1 || @@ -862,7 +870,7 @@ static int semanage_copy_dir_flags(const char *src, const char *dst, int flag) int semanage_remove_directory(const char *path) { struct dirent **namelist = NULL; - int num_entries, i; + int num_entries, i, rc; if ((num_entries = scandir(path, &namelist, semanage_filename_select, NULL)) == -1) { return -1; @@ -870,7 +878,11 @@ int semanage_remove_directory(const char *path) for (i = 0; i < num_entries; i++) { char s[PATH_MAX]; struct stat buf; - snprintf(s, sizeof(s), "%s/%s", path, namelist[i]->d_name); + rc = snprintf(s, sizeof(s), "%s/%s", path, namelist[i]->d_name); + if (rc < 0 || (size_t)rc >= sizeof(s)) { + errno = EOVERFLOW; + return -2; + } if (stat(s, &buf) == -1) { return -2; } From patchwork Mon Nov 11 14:16:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870828 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 40CBF19F40B for ; Mon, 11 Nov 2024 14:17:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334644; cv=none; b=GYASPDIqwQsrx9qBIv8b8z8hUhvhKOCAfFDrniUcedcF9Cmd39QJyka21rvPyyjLHh3ntvm6WXudOPupuT0qPnJHGdsT4mWaAchV3N3EVbaHECV0y2fstbRnNZ/hNRF4rCgUUW4w0o6oR4qielhhi7ZRbdOqJgUzbIkFRBCtatc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334644; c=relaxed/simple; bh=J7cClXYUb42bTY6cfWKfzMv4BOMAKLmlAtGBT0ex4mY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=J0jZshoUx3QRQ2/3ok+PJQ7xgCS5OY3dt8yFraf09KYG7UZVeG7g369e9J/bpSMn3e2DEChGXO/GghRfOzQeJzYBAk9cKLTp7rGjMjUYVc6/6ksxynoDFla+4sZ6bQJDVQaivf+xC7eAdIvqotey+iSZ4Jonk9b/miWdjHctuDo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=fsrPfnoe; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="fsrPfnoe" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334637; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=orNI8J48+YhCYxBBaTtNLr4E87A//lL/3P9E5bYyOIM=; b=fsrPfnoeCF8fYSirReVpkhwDPVXYaX2VvzrN8F2H2dtlaecW/P+bdGpSI5Ze7bWOuLenkd jbdxp3aNUynwxlgNeaw9HaI4Xar10AOdOqpT0OKqP8ymkj4YQPHWr0OEdvmKrZRwc/5DUY zskLnREvxXnUwNxcNOfupTce6doQzPuby/iEVaqapVJIVye80eLh22PeTv6NMcIPwRueCl mvz9V9GVylXErfM03Eo1FTEV4gXtg2+Wp1MJ7iiuVFSsS3KJxH61U3gWoGh7E4cR1XkxE0 emqxAlI/O/TgPS5UxOaG4RFGVkpHffF36rfEoqcYr5+EBk71hzPH4OhX0ZR6PA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 25/47] libsemanage: introduce write_full wrapper Date: Mon, 11 Nov 2024 15:16:44 +0100 Message-ID: <20241111141706.38039-25-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche write(2) can return early with the input buffer only partially written. Add a wrapper to call write(2) until the full buffer has been written or an error has occurred. Signed-off-by: Christian Göttsche --- libsemanage/src/direct_api.c | 4 ++-- libsemanage/src/semanage_store.c | 8 ++++---- libsemanage/src/utilities.c | 22 ++++++++++++++++++++++ libsemanage/src/utilities.h | 13 +++++++++++++ 4 files changed, 41 insertions(+), 6 deletions(-) diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index a262fe09..aa1485e3 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -462,7 +462,7 @@ static int write_file(semanage_handle_t * sh, ERR(sh, "Could not open %s for writing.", filename); return -1; } - if (write(out, data, num_bytes) == -1) { + if (write_full(out, data, num_bytes) == -1) { ERR(sh, "Error while writing to %s.", filename); close(out); return -1; @@ -724,7 +724,7 @@ static int semanage_pipe_data(semanage_handle_t *sh, char *path, char *in_data, goto cleanup; } - retval = write(input_fd[PIPE_WRITE], in_data, in_data_len); + retval = write_full(input_fd[PIPE_WRITE], in_data, in_data_len); if (retval == -1) { ERR(sh, "Failed to write data to input pipe: %s\n", strerror(errno)); goto cleanup; diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index c9bb9c97..cb5bc149 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -739,7 +739,7 @@ int semanage_copy_file(const char *src, const char *dst, mode_t mode, } umask(mask); while (retval == 0 && (amount_read = read(in, buf, sizeof(buf))) > 0) { - if (write(out, buf, amount_read) != amount_read) { + if (write_full(out, buf, amount_read) == -1) { if (errno) errsv = errno; else @@ -1555,14 +1555,14 @@ int semanage_split_fc(semanage_handle_t * sh) !strncmp(buf, "HOME_ROOT", 9) || strstr(buf, "ROLE") || strstr(buf, "USER")) { /* This contains one of the template variables, write it to homedir.template */ - if (write(hd, buf, strlen(buf)) < 0) { + if (write_full(hd, buf, strlen(buf)) < 0) { ERR(sh, "Write to %s failed.", semanage_path(SEMANAGE_TMP, SEMANAGE_HOMEDIR_TMPL)); goto cleanup; } } else { - if (write(fc, buf, strlen(buf)) < 0) { + if (write_full(fc, buf, strlen(buf)) < 0) { ERR(sh, "Write to %s failed.", semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC)); goto cleanup; @@ -1764,7 +1764,7 @@ static int semanage_commit_sandbox(semanage_handle_t * sh) commit_filename); return -1; } - amount_written = write(fd, write_buf, sizeof(write_buf)); + amount_written = write_full(fd, write_buf, sizeof(write_buf)); if (amount_written == -1) { ERR(sh, "Error while writing commit number to %s.", commit_filename); diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c index 3702cbe1..4beccb5b 100644 --- a/libsemanage/src/utilities.c +++ b/libsemanage/src/utilities.c @@ -25,6 +25,7 @@ #include #include #include +#include #include #define TRUE 1 @@ -328,3 +329,24 @@ semanage_list_t *semanage_slurp_file_filter(FILE * file, return head.next; } + +int write_full(int fd, const void *buf, size_t len) +{ + ssize_t w; + const unsigned char *p = buf; + + while (len > 0) { + w = write(fd, p, len); + if (w == -1) { + if (errno == EINTR) + continue; + + return -1; + } + + p += w; + len -= (size_t)w; + } + + return 0; +} diff --git a/libsemanage/src/utilities.h b/libsemanage/src/utilities.h index 6bbe9f5b..78f1f96e 100644 --- a/libsemanage/src/utilities.h +++ b/libsemanage/src/utilities.h @@ -144,4 +144,17 @@ void semanage_keep_until_space(char *data); semanage_list_t *semanage_slurp_file_filter(FILE * file, int (*pred) (const char *)) WARN_UNUSED; + +/** + * Wrapper around write(2), which retries on short writes. + * + * @param fd file descriptor to write to + * @param buf buffer to be written + * @param len number of bytes to be written from buffer + * + * @return 0 on success, -1 else (with errno set) + */ + +int write_full(int fd, const void *buf, size_t len) WARN_UNUSED; + #endif From patchwork Mon Nov 11 14:16:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870829 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E03271A0739 for ; Mon, 11 Nov 2024 14:17:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334644; cv=none; b=e0uLfmvAtaq7krKKsy/QOtpgCDYtYt47a4VqfNdRH/BxJ/seiTL/rnN+0o+jByMz6LavLa4IYZTybr+ejHsVVildzW2aXyjIr8Wq5TH1Eu5uiBiVVhG3ILafZaGrLCl3KngDP1mYfg174IJY7hpYLs0u7uuTOPG+hQOWmtZYMcs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334644; c=relaxed/simple; bh=ZbyLeGCSbngFiWA0hTedladW9hdyVCIFS/FvutSfTpE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=oGlKcN1iYOXfCFPFvGFBB3+Jkt/liZ31wYiELy11Gq0YvwRrEoQ6Ga0WtjVeT6ek1cTNMCKYDUkVNw2wzooA+zd862Bg9mvCjAZnUd/m1NUQKzU67hPBzQ/DTzEsHOS1OJGs+dOT79MPgUV7hnsGS70QIVp25JE1xJJoKY+apsc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=G6k0nmof; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="G6k0nmof" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334637; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=wJ6B3YFncbxVbxIYFO2omBl/KcuEbZxwzNm+I9LQSzU=; b=G6k0nmofmSHxWaRgTVs3Rb2IWhMs5g88VZwriIySCJJ6yDdShskZDjuiCtrYXV94VBTNfj /fghJm2eCCAvHU4eHj/gcYEtj7qT5hyvoErGoyOPX+8EiuYnc0f+BW36miUJWlpfuOk7Gm vvjbS8riHwgseS2Tv2PKA/OlOZDGvEu1alh27WVDV5JbcGlEpUSQa/J6a7ApOpLXQuR7b8 +jbwfl6H7GdqCnHFE3rBtMjlIxNkW+x9+cSgrl8KkgXY2Ka3ex9TpcCXPGkhSgc+6O2k9Z WVuu6YRck+t4luzHtUSiY3Rqy9FmsZhy0TjDktQ8FyvBIOwx82nh0BxUvqm9/Q== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 26/47] libsemanage: more strict value parsing Date: Mon, 11 Nov 2024 15:16:45 +0100 Message-ID: <20241111141706.38039-26-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Be more strict when parsing values from semanage.conf, especially numeric ones. Signed-off-by: Christian Göttsche --- libsemanage/src/conf-parse.y | 44 ++++++++++++++++++++++++++---------- 1 file changed, 32 insertions(+), 12 deletions(-) diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y index 9c806fdd..83aa3402 100644 --- a/libsemanage/src/conf-parse.y +++ b/libsemanage/src/conf-parse.y @@ -26,6 +26,7 @@ #include #include +#include #include #include #include @@ -139,13 +140,15 @@ ignore_module_cache: IGNORE_MODULE_CACHE '=' ARG { ; version: VERSION '=' ARG { - current_conf->policyvers = atoi($3); + char *endptr; + long value; + errno = 0; + value = strtol($3, &endptr, 10); + if (*endptr != '\0' || errno != 0 || value < sepol_policy_kern_vers_min() || value > sepol_policy_kern_vers_max()) + yyerror("policy-version must be a valid policy version"); + else + current_conf->policyvers = value; free($3); - if (current_conf->policyvers < sepol_policy_kern_vers_min() || - current_conf->policyvers > sepol_policy_kern_vers_max()) { - parse_errors++; - YYABORT; - } } ; @@ -162,13 +165,27 @@ target_platform: TARGET_PLATFORM '=' ARG { ; expand_check: EXPAND_CHECK '=' ARG { - current_conf->expand_check = atoi($3); + char *endptr; + long value; + errno = 0; + value = strtol($3, &endptr, 10); + if (*endptr != '\0' || errno != 0 || (value != 0 && value != 1)) + yyerror("expand-check can only be '1' or '0'"); + else + current_conf->expand_check = value; free($3); } ; file_mode: FILE_MODE '=' ARG { - current_conf->file_mode = strtoul($3, NULL, 8); + char *endptr; + long value; + errno = 0; + value = strtol($3, &endptr, 8); + if (*endptr != '\0' || errno != 0 || value < 0 || value > 0777) + yyerror("file-mode must be a valid permission mode"); + else + current_conf->file_mode = value; free($3); } ; @@ -239,12 +256,15 @@ handle_unknown: HANDLE_UNKNOWN '=' ARG { } bzip_blocksize: BZIP_BLOCKSIZE '=' ARG { - int blocksize = atoi($3); - free($3); - if (blocksize > 9) + char *endptr; + long value; + errno = 0; + value = strtol($3, &endptr, 10); + if (*endptr != '\0' || errno != 0 || value < 0 || value > 9) yyerror("bzip-blocksize can only be in the range 0-9"); else - current_conf->bzip_blocksize = blocksize; + current_conf->bzip_blocksize = value; + free($3); } bzip_small: BZIP_SMALL '=' ARG { From patchwork Mon Nov 11 14:16:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870834 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DDCE81A0737 for ; Mon, 11 Nov 2024 14:17:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; cv=none; b=sOetjdbQzkp7mOetGAi/mfk2CRYqKzwZpo44bplpcaFtv5FFliMQpz+UMYhwzxkZgnerfwQ7zWVdok9UUVNSl1kc/kRz6nNTnO5eVIJYT+Wjf18aPzAOduot26gf/k4LbVIRHqmY8QXVDhY4/1w0p3CezYlHr772l7K1qS3DsAw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; c=relaxed/simple; bh=z71ZbhSXb3pdrGo/puFOy/FT5LRgkypnoJXUuhnBmrw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=u6Gyq2rhKdBHWHLVo92UgQl/nbmwUObXIEiPMw1V+wBqbH3t+G2cP400W/fdpZ/fz8THdf6rHUwt2RxIldJn1r7ISb0IAvuX1pTTVhVxyT3UHv5/+roKVrV0e26uCVCWEXc7vYVtqGaHjFiujgZ/RotTTwVAK4BzgU8QnLVRtio= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=mpMANdjR; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="mpMANdjR" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334637; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NEXDTBY/cZU686vPOZx+gpsYbSxS0dOl8HGyds6+N9s=; b=mpMANdjRqxJDe9l8Cjg6McRdnsqwLfn1SbH/sbbQTiv3xcpXKGYlZw1idxhqGqWhjvhveD iLp4UJJD2Vv8SnW8Z4OoSysugaIbf9umejMu1UBlNP5uyKM+i3xTXpPx2o7N4aIzbeu8ri FDaNQMI/rWtKQ3iNSE+Qq7UNDA2UKs9fUDXIwQsJ+u1oUg+U0AohphOm6tNtX7E9PviHTv u2VfuhlkxLW0d24LRskGRRYmxwInPvK9dt6qnnSvoybWYoeXdO6HL9zbhzfttsdnUV0YZq hgc1a3eORPkR5h7ziH/f3rqZig4fm/pXQbcWv+bnCnBXA46DedqSzfKexyetUQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 27/47] libsemanage: constify function pointer structures Date: Mon, 11 Nov 2024 15:16:46 +0100 Message-ID: <20241111141706.38039-27-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Declare the read-only function pointer structures. Signed-off-by: Christian Göttsche --- libsemanage/src/boolean_internal.h | 2 +- libsemanage/src/boolean_record.c | 2 +- libsemanage/src/booleans_activedb.c | 2 +- libsemanage/src/booleans_file.c | 2 +- libsemanage/src/booleans_policydb.c | 2 +- libsemanage/src/database.h | 4 ++-- libsemanage/src/database_activedb.c | 16 +++++++------- libsemanage/src/database_activedb.h | 6 ++--- libsemanage/src/database_file.c | 14 ++++++------ libsemanage/src/database_file.h | 6 ++--- libsemanage/src/database_join.c | 32 +++++++++++++-------------- libsemanage/src/database_join.h | 6 ++--- libsemanage/src/database_llist.h | 10 ++++----- libsemanage/src/database_policydb.c | 14 ++++++------ libsemanage/src/database_policydb.h | 6 ++--- libsemanage/src/direct_api.c | 2 +- libsemanage/src/fcontext_internal.h | 2 +- libsemanage/src/fcontext_record.c | 2 +- libsemanage/src/fcontexts_file.c | 2 +- libsemanage/src/handle.h | 2 +- libsemanage/src/ibendport_internal.h | 2 +- libsemanage/src/ibendport_record.c | 2 +- libsemanage/src/ibendports_file.c | 2 +- libsemanage/src/ibendports_policydb.c | 2 +- libsemanage/src/ibpkey_internal.h | 2 +- libsemanage/src/ibpkey_record.c | 2 +- libsemanage/src/ibpkeys_file.c | 2 +- libsemanage/src/ibpkeys_policydb.c | 2 +- libsemanage/src/iface_internal.h | 2 +- libsemanage/src/iface_record.c | 2 +- libsemanage/src/interfaces_file.c | 2 +- libsemanage/src/interfaces_policydb.c | 2 +- libsemanage/src/node_internal.h | 2 +- libsemanage/src/node_record.c | 2 +- libsemanage/src/nodes_file.c | 2 +- libsemanage/src/nodes_policydb.c | 2 +- libsemanage/src/policy_components.c | 12 +++++----- libsemanage/src/port_internal.h | 2 +- libsemanage/src/port_record.c | 2 +- libsemanage/src/ports_file.c | 2 +- libsemanage/src/ports_policydb.c | 2 +- libsemanage/src/seuser_internal.h | 2 +- libsemanage/src/seuser_record.c | 2 +- libsemanage/src/seusers_file.c | 2 +- libsemanage/src/user_base_record.c | 2 +- libsemanage/src/user_extra_record.c | 2 +- libsemanage/src/user_internal.h | 6 ++--- libsemanage/src/user_record.c | 2 +- libsemanage/src/users_base_file.c | 2 +- libsemanage/src/users_base_policydb.c | 2 +- libsemanage/src/users_extra_file.c | 2 +- libsemanage/src/users_join.c | 2 +- 52 files changed, 106 insertions(+), 106 deletions(-) diff --git a/libsemanage/src/boolean_internal.h b/libsemanage/src/boolean_internal.h index 8d1c20dc..63a46b80 100644 --- a/libsemanage/src/boolean_internal.h +++ b/libsemanage/src/boolean_internal.h @@ -9,7 +9,7 @@ #include "handle.h" /* BOOL RECORD: method table */ -extern record_table_t SEMANAGE_BOOL_RTABLE; +extern const record_table_t SEMANAGE_BOOL_RTABLE; extern int bool_file_dbase_init(semanage_handle_t * handle, const char *path_ro, diff --git a/libsemanage/src/boolean_record.c b/libsemanage/src/boolean_record.c index 7878b04d..2cbdd09b 100644 --- a/libsemanage/src/boolean_record.c +++ b/libsemanage/src/boolean_record.c @@ -181,7 +181,7 @@ void semanage_bool_free(semanage_bool_t * boolean) /* Record base functions */ -record_table_t SEMANAGE_BOOL_RTABLE = { +const record_table_t SEMANAGE_BOOL_RTABLE = { .create = semanage_bool_create, .key_extract = semanage_bool_key_extract, .key_free = semanage_bool_key_free, diff --git a/libsemanage/src/booleans_activedb.c b/libsemanage/src/booleans_activedb.c index 1d4e33b4..0ac0c3fb 100644 --- a/libsemanage/src/booleans_activedb.c +++ b/libsemanage/src/booleans_activedb.c @@ -141,7 +141,7 @@ static int bool_commit_list(semanage_handle_t * handle, } /* BOOL RECORD: ACTIVEDB extension: method table */ -static record_activedb_table_t SEMANAGE_BOOL_ACTIVEDB_RTABLE = { +static const record_activedb_table_t SEMANAGE_BOOL_ACTIVEDB_RTABLE = { .read_list = bool_read_list, .commit_list = bool_commit_list, }; diff --git a/libsemanage/src/booleans_file.c b/libsemanage/src/booleans_file.c index dae42ffb..52628b63 100644 --- a/libsemanage/src/booleans_file.c +++ b/libsemanage/src/booleans_file.c @@ -101,7 +101,7 @@ static int bool_parse(semanage_handle_t * handle, } /* BOOL RECORD: FILE extension: method table */ -static record_file_table_t SEMANAGE_BOOL_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_BOOL_FILE_RTABLE = { .parse = bool_parse, .print = bool_print, }; diff --git a/libsemanage/src/booleans_policydb.c b/libsemanage/src/booleans_policydb.c index e838c3eb..23ede869 100644 --- a/libsemanage/src/booleans_policydb.c +++ b/libsemanage/src/booleans_policydb.c @@ -36,7 +36,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* BOOLEAN RECRORD (SEPOL): POLICYDB extension: method table */ -static record_policydb_table_t SEMANAGE_BOOL_POLICYDB_RTABLE = { +static const record_policydb_table_t SEMANAGE_BOOL_POLICYDB_RTABLE = { .add = NULL, .modify = NULL, /* FIXME: these casts depend on structs in libsepol matching structs diff --git a/libsemanage/src/database.h b/libsemanage/src/database.h index 8bd894df..1950b63d 100644 --- a/libsemanage/src/database.h +++ b/libsemanage/src/database.h @@ -166,7 +166,7 @@ typedef struct dbase_table { /* Retrieves the record table for this database, * which specifies how to perform basic operations * on each record. */ - record_table_t *(*get_rtable) (dbase_t * dbase); + const record_table_t *(*get_rtable) (dbase_t * dbase); } dbase_table_t; @@ -176,7 +176,7 @@ typedef struct dbase_config { dbase_t *dbase; /* Database methods */ - dbase_table_t *dtable; + const dbase_table_t *dtable; } dbase_config_t; diff --git a/libsemanage/src/database_activedb.c b/libsemanage/src/database_activedb.c index e0369963..8ba23aad 100644 --- a/libsemanage/src/database_activedb.c +++ b/libsemanage/src/database_activedb.c @@ -26,15 +26,15 @@ struct dbase_activedb { dbase_llist_t llist; /* ACTIVEDB extension */ - record_activedb_table_t *ratable; + const record_activedb_table_t *ratable; }; static int dbase_activedb_cache(semanage_handle_t * handle, dbase_activedb_t * dbase) { - record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); - record_activedb_table_t *ratable = dbase->ratable; + const record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + const record_activedb_table_t *ratable = dbase->ratable; record_t **records = NULL; unsigned int rcount = 0; @@ -77,8 +77,8 @@ static int dbase_activedb_flush(semanage_handle_t * handle, dbase_activedb_t * dbase) { - record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); - record_activedb_table_t *ratable = dbase->ratable; + const record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + const record_activedb_table_t *ratable = dbase->ratable; record_t **records = NULL; unsigned int rcount = 0; @@ -111,8 +111,8 @@ static int dbase_activedb_flush(semanage_handle_t * handle, } int dbase_activedb_init(semanage_handle_t * handle, - record_table_t * rtable, - record_activedb_table_t * ratable, + const record_table_t * rtable, + const record_activedb_table_t * ratable, dbase_activedb_t ** dbase) { @@ -147,7 +147,7 @@ void dbase_activedb_release(dbase_activedb_t * dbase) } /* ACTIVEDB dbase - method table implementation */ -dbase_table_t SEMANAGE_ACTIVEDB_DTABLE = { +const dbase_table_t SEMANAGE_ACTIVEDB_DTABLE = { /* Cache/Transactions */ .cache = dbase_activedb_cache, diff --git a/libsemanage/src/database_activedb.h b/libsemanage/src/database_activedb.h index 37196c99..2f31b504 100644 --- a/libsemanage/src/database_activedb.h +++ b/libsemanage/src/database_activedb.h @@ -24,14 +24,14 @@ typedef struct record_activedb_table { /* ACTIVEDB - initialization */ extern int dbase_activedb_init(semanage_handle_t * handle, - record_table_t * rtable, - record_activedb_table_t * ratable, + const record_table_t * rtable, + const record_activedb_table_t * ratable, dbase_activedb_t ** dbase); /* ACTIVEDB - release */ extern void dbase_activedb_release(dbase_activedb_t * dbase); /* ACTIVEDB - method table implementation */ -extern dbase_table_t SEMANAGE_ACTIVEDB_DTABLE; +extern const dbase_table_t SEMANAGE_ACTIVEDB_DTABLE; #endif diff --git a/libsemanage/src/database_file.c b/libsemanage/src/database_file.c index 716f54e7..a54c5aee 100644 --- a/libsemanage/src/database_file.c +++ b/libsemanage/src/database_file.c @@ -34,14 +34,14 @@ struct dbase_file { const char *path[2]; /* FILE extension */ - record_file_table_t *rftable; + const record_file_table_t *rftable; }; static int dbase_file_cache(semanage_handle_t * handle, dbase_file_t * dbase) { - record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); - record_file_table_t *rftable = dbase->rftable; + const record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + const record_file_table_t *rftable = dbase->rftable; record_t *process_record = NULL; int pstatus = STATUS_SUCCESS; @@ -114,7 +114,7 @@ static int dbase_file_cache(semanage_handle_t * handle, dbase_file_t * dbase) static int dbase_file_flush(semanage_handle_t * handle, dbase_file_t * dbase) { - record_file_table_t *rftable = dbase->rftable; + const record_file_table_t *rftable = dbase->rftable; cache_entry_t *ptr; const char *fname = NULL; @@ -163,8 +163,8 @@ static int dbase_file_flush(semanage_handle_t * handle, dbase_file_t * dbase) int dbase_file_init(semanage_handle_t * handle, const char *path_ro, const char *path_rw, - record_table_t * rtable, - record_file_table_t * rftable, dbase_file_t ** dbase) + const record_table_t * rtable, + const record_file_table_t * rftable, dbase_file_t ** dbase) { dbase_file_t *tmp_dbase = (dbase_file_t *) malloc(sizeof(dbase_file_t)); @@ -199,7 +199,7 @@ void dbase_file_release(dbase_file_t * dbase) } /* FILE dbase - method table implementation */ -dbase_table_t SEMANAGE_FILE_DTABLE = { +dbase_table_t const SEMANAGE_FILE_DTABLE = { /* Cache/Transactions */ .cache = dbase_file_cache, diff --git a/libsemanage/src/database_file.h b/libsemanage/src/database_file.h index dbd11bc1..c65a9f9a 100644 --- a/libsemanage/src/database_file.h +++ b/libsemanage/src/database_file.h @@ -30,14 +30,14 @@ typedef struct record_file_table { extern int dbase_file_init(semanage_handle_t * handle, const char *path_ro, const char *path_rw, - record_table_t * rtable, - record_file_table_t * rftable, + const record_table_t * rtable, + const record_file_table_t * rftable, dbase_file_t ** dbase); /* FILE - release */ extern void dbase_file_release(dbase_file_t * dbase); /* FILE - method table implementation */ -extern dbase_table_t SEMANAGE_FILE_DTABLE; +extern const dbase_table_t SEMANAGE_FILE_DTABLE; #endif diff --git a/libsemanage/src/database_join.c b/libsemanage/src/database_join.c index bf260952..3e97f432 100644 --- a/libsemanage/src/database_join.c +++ b/libsemanage/src/database_join.c @@ -31,7 +31,7 @@ struct dbase_join { dbase_config_t *join2; /* JOIN extension */ - record_join_table_t *rjtable; + const record_join_table_t *rjtable; }; static int dbase_join_cache(semanage_handle_t * handle, dbase_join_t * dbase) @@ -40,12 +40,12 @@ static int dbase_join_cache(semanage_handle_t * handle, dbase_join_t * dbase) /* Extract all the object tables information */ dbase_t *dbase1 = dbase->join1->dbase; dbase_t *dbase2 = dbase->join2->dbase; - dbase_table_t *dtable1 = dbase->join1->dtable; - dbase_table_t *dtable2 = dbase->join2->dtable; - record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); - record_join_table_t *rjtable = dbase->rjtable; - record_table_t *rtable1 = dtable1->get_rtable(dbase1); - record_table_t *rtable2 = dtable2->get_rtable(dbase2); + const dbase_table_t *dtable1 = dbase->join1->dtable; + const dbase_table_t *dtable2 = dbase->join2->dtable; + const record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + const record_join_table_t *rjtable = dbase->rjtable; + const record_table_t *rtable1 = dtable1->get_rtable(dbase1); + const record_table_t *rtable2 = dtable2->get_rtable(dbase2); record_key_t *rkey = NULL; record_t *record = NULL; @@ -176,12 +176,12 @@ static int dbase_join_flush(semanage_handle_t * handle, dbase_join_t * dbase) /* Extract all the object tables information */ dbase_t *dbase1 = dbase->join1->dbase; dbase_t *dbase2 = dbase->join2->dbase; - dbase_table_t *dtable1 = dbase->join1->dtable; - dbase_table_t *dtable2 = dbase->join2->dtable; - record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); - record_join_table_t *rjtable = dbase->rjtable; - record_table_t *rtable1 = dtable1->get_rtable(dbase1); - record_table_t *rtable2 = dtable2->get_rtable(dbase2); + const dbase_table_t *dtable1 = dbase->join1->dtable; + const dbase_table_t *dtable2 = dbase->join2->dtable; + const record_table_t *rtable = dbase_llist_get_rtable(&dbase->llist); + const record_join_table_t *rjtable = dbase->rjtable; + const record_table_t *rtable1 = dtable1->get_rtable(dbase1); + const record_table_t *rtable2 = dtable2->get_rtable(dbase2); cache_entry_t *ptr; record_key_t *rkey = NULL; @@ -240,8 +240,8 @@ static int dbase_join_flush(semanage_handle_t * handle, dbase_join_t * dbase) } int dbase_join_init(semanage_handle_t * handle, - record_table_t * rtable, - record_join_table_t * rjtable, + const record_table_t * rtable, + const record_join_table_t * rjtable, dbase_config_t * join1, dbase_config_t * join2, dbase_t ** dbase) { @@ -279,7 +279,7 @@ void dbase_join_release(dbase_join_t * dbase) } /* JOIN dbase - method table implementation */ -dbase_table_t SEMANAGE_JOIN_DTABLE = { +const dbase_table_t SEMANAGE_JOIN_DTABLE = { /* Cache/Transactions */ .cache = dbase_join_cache, diff --git a/libsemanage/src/database_join.h b/libsemanage/src/database_join.h index d477fc41..b28e6422 100644 --- a/libsemanage/src/database_join.h +++ b/libsemanage/src/database_join.h @@ -33,8 +33,8 @@ typedef struct record_join_table { /* JOIN - initialization */ extern int dbase_join_init(semanage_handle_t * handle, - record_table_t * rtable, - record_join_table_t * rjtable, + const record_table_t * rtable, + const record_join_table_t * rjtable, dbase_config_t * join1, dbase_config_t * join2, dbase_join_t ** dbase); @@ -42,6 +42,6 @@ extern int dbase_join_init(semanage_handle_t * handle, extern void dbase_join_release(dbase_join_t * dbase); /* JOIN - method table implementation */ -extern dbase_table_t SEMANAGE_JOIN_DTABLE; +extern const dbase_table_t SEMANAGE_JOIN_DTABLE; #endif diff --git a/libsemanage/src/database_llist.h b/libsemanage/src/database_llist.h index 84994ef2..639b784d 100644 --- a/libsemanage/src/database_llist.h +++ b/libsemanage/src/database_llist.h @@ -17,8 +17,8 @@ typedef struct cache_entry { typedef struct dbase_llist { /* Method tables */ - record_table_t *rtable; - dbase_table_t *dtable; + const record_table_t *rtable; + const dbase_table_t *dtable; /* In-memory representation (cache) */ cache_entry_t *cache; @@ -42,8 +42,8 @@ static inline void dbase_llist_cache_init(dbase_llist_t * dbase) } static inline void dbase_llist_init(dbase_llist_t * dbase, - record_table_t * rtable, - dbase_table_t * dtable) + const record_table_t * rtable, + const dbase_table_t * dtable) { dbase->rtable = rtable; @@ -76,7 +76,7 @@ static inline int dbase_llist_is_modified(dbase_llist_t * dbase) } /* LLIST - polymorphism */ -static inline record_table_t *dbase_llist_get_rtable(dbase_llist_t * dbase) +static inline const record_table_t *dbase_llist_get_rtable(dbase_llist_t * dbase) { return dbase->rtable; } diff --git a/libsemanage/src/database_policydb.c b/libsemanage/src/database_policydb.c index 6e922b5e..62467d15 100644 --- a/libsemanage/src/database_policydb.c +++ b/libsemanage/src/database_policydb.c @@ -29,10 +29,10 @@ struct dbase_policydb { const char *path[2]; /* Base record table */ - record_table_t *rtable; + const record_table_t *rtable; /* Policy extensions */ - record_policydb_table_t *rptable; + const record_policydb_table_t *rptable; sepol_policydb_t *policydb; @@ -178,8 +178,8 @@ static int dbase_policydb_is_modified(dbase_policydb_t * dbase) int dbase_policydb_init(semanage_handle_t * handle, const char *path_ro, const char *path_rw, - record_table_t * rtable, - record_policydb_table_t * rptable, + const record_table_t * rtable, + const record_policydb_table_t * rptable, dbase_policydb_t ** dbase) { @@ -377,7 +377,7 @@ static int dbase_policydb_iterate(semanage_handle_t * handle, struct list_handler_arg { semanage_handle_t *handle; - record_table_t *rtable; + const record_table_t *rtable; record_t **records; int pos; }; @@ -444,14 +444,14 @@ static int dbase_policydb_list(semanage_handle_t * handle, return STATUS_ERR; } -static record_table_t *dbase_policydb_get_rtable(dbase_policydb_t * dbase) +static const record_table_t *dbase_policydb_get_rtable(dbase_policydb_t * dbase) { return dbase->rtable; } /* POLICYDB dbase - method table implementation */ -dbase_table_t SEMANAGE_POLICYDB_DTABLE = { +const dbase_table_t SEMANAGE_POLICYDB_DTABLE = { /* Cache/Transactions */ .cache = dbase_policydb_cache, diff --git a/libsemanage/src/database_policydb.h b/libsemanage/src/database_policydb.h index 8cb66f71..f032e53f 100644 --- a/libsemanage/src/database_policydb.h +++ b/libsemanage/src/database_policydb.h @@ -88,8 +88,8 @@ typedef struct record_policydb_table { extern int dbase_policydb_init(semanage_handle_t * handle, const char *path_ro, const char *path_rw, - record_table_t * rtable, - record_policydb_table_t * rptable, + const record_table_t * rtable, + const record_policydb_table_t * rptable, dbase_policydb_t ** dbase); /* Attach to a shared policydb. @@ -107,6 +107,6 @@ extern void dbase_policydb_detach(dbase_policydb_t * dbase); extern void dbase_policydb_release(dbase_policydb_t * dbase); /* POLICYDB database - method table implementation */ -extern dbase_table_t SEMANAGE_POLICYDB_DTABLE; +extern const dbase_table_t SEMANAGE_POLICYDB_DTABLE; #endif diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index aa1485e3..b71e8e81 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -104,7 +104,7 @@ static int semanage_direct_install_info(semanage_handle_t *sh, static int semanage_direct_remove_key(semanage_handle_t *sh, const semanage_module_key_t *modkey); -static struct semanage_policy_table direct_funcs = { +static const struct semanage_policy_table direct_funcs = { .get_serial = semanage_direct_get_serial, .destroy = semanage_direct_destroy, .disconnect = semanage_direct_disconnect, diff --git a/libsemanage/src/fcontext_internal.h b/libsemanage/src/fcontext_internal.h index 7ae20f12..decce01f 100644 --- a/libsemanage/src/fcontext_internal.h +++ b/libsemanage/src/fcontext_internal.h @@ -9,7 +9,7 @@ #include "handle.h" /* FCONTEXT RECORD: method table */ -extern record_table_t SEMANAGE_FCONTEXT_RTABLE; +extern const record_table_t SEMANAGE_FCONTEXT_RTABLE; extern int fcontext_file_dbase_init(semanage_handle_t * handle, const char *path_ro, diff --git a/libsemanage/src/fcontext_record.c b/libsemanage/src/fcontext_record.c index ae1b0324..f36e8317 100644 --- a/libsemanage/src/fcontext_record.c +++ b/libsemanage/src/fcontext_record.c @@ -289,7 +289,7 @@ void semanage_fcontext_free(semanage_fcontext_t * fcontext) /* Record base functions */ -record_table_t SEMANAGE_FCONTEXT_RTABLE = { +const record_table_t SEMANAGE_FCONTEXT_RTABLE = { .create = semanage_fcontext_create, .key_extract = semanage_fcontext_key_extract, .key_free = semanage_fcontext_key_free, diff --git a/libsemanage/src/fcontexts_file.c b/libsemanage/src/fcontexts_file.c index 16380fe3..e4ef1672 100644 --- a/libsemanage/src/fcontexts_file.c +++ b/libsemanage/src/fcontexts_file.c @@ -158,7 +158,7 @@ static int fcontext_parse(semanage_handle_t * handle, } /* FCONTEXT RECORD: FILE extension: method table */ -static record_file_table_t SEMANAGE_FCONTEXT_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_FCONTEXT_FILE_RTABLE = { .parse = fcontext_parse, .print = fcontext_print, }; diff --git a/libsemanage/src/handle.h b/libsemanage/src/handle.h index 2853ca39..cfc47354 100644 --- a/libsemanage/src/handle.h +++ b/libsemanage/src/handle.h @@ -80,7 +80,7 @@ struct semanage_handle { /* these function pointers will point to the appropriate * routine given the connection type. think of these as * simulating polymorphism for non-OO languages. */ - struct semanage_policy_table *funcs; + const struct semanage_policy_table *funcs; /* Object databases */ #define DBASE_COUNT 24 diff --git a/libsemanage/src/ibendport_internal.h b/libsemanage/src/ibendport_internal.h index eada2d4b..04e0da5a 100644 --- a/libsemanage/src/ibendport_internal.h +++ b/libsemanage/src/ibendport_internal.h @@ -8,7 +8,7 @@ #include "handle.h" /* IBENDPORT RECORD: method table */ -extern record_table_t SEMANAGE_IBENDPORT_RTABLE; +extern const record_table_t SEMANAGE_IBENDPORT_RTABLE; extern int ibendport_file_dbase_init(semanage_handle_t *handle, const char *path_ro, diff --git a/libsemanage/src/ibendport_record.c b/libsemanage/src/ibendport_record.c index a8cb125d..6afe8975 100644 --- a/libsemanage/src/ibendport_record.c +++ b/libsemanage/src/ibendport_record.c @@ -129,7 +129,7 @@ void semanage_ibendport_free(semanage_ibendport_t *ibendport) /*key base functions */ -record_table_t SEMANAGE_IBENDPORT_RTABLE = { +const record_table_t SEMANAGE_IBENDPORT_RTABLE = { .create = semanage_ibendport_create, .key_extract = semanage_ibendport_key_extract, .key_free = semanage_ibendport_key_free, diff --git a/libsemanage/src/ibendports_file.c b/libsemanage/src/ibendports_file.c index 8ae02a9c..2bebbdcf 100644 --- a/libsemanage/src/ibendports_file.c +++ b/libsemanage/src/ibendports_file.c @@ -129,7 +129,7 @@ err: } /* IBENDPORT RECORD: FILE extension: method table */ -static record_file_table_t SEMANAGE_IBENDPORT_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_IBENDPORT_FILE_RTABLE = { .parse = ibendport_parse, .print = ibendport_print, }; diff --git a/libsemanage/src/ibendports_policydb.c b/libsemanage/src/ibendports_policydb.c index 67c4e905..83862346 100644 --- a/libsemanage/src/ibendports_policydb.c +++ b/libsemanage/src/ibendports_policydb.c @@ -30,7 +30,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* IBENDPORT RECORD (SEPOL): POLICYDB extension : method table */ -static record_policydb_table_t SEMANAGE_IBENDPORT_POLICYDB_RTABLE = { +static const record_policydb_table_t SEMANAGE_IBENDPORT_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t)sepol_ibendport_modify, .set = NULL, diff --git a/libsemanage/src/ibpkey_internal.h b/libsemanage/src/ibpkey_internal.h index 1e206b62..c1d97876 100644 --- a/libsemanage/src/ibpkey_internal.h +++ b/libsemanage/src/ibpkey_internal.h @@ -8,7 +8,7 @@ #include "handle.h" /* PKEY RECORD: method table */ -extern record_table_t SEMANAGE_IBPKEY_RTABLE; +extern const record_table_t SEMANAGE_IBPKEY_RTABLE; extern int ibpkey_file_dbase_init(semanage_handle_t *handle, const char *path_ro, diff --git a/libsemanage/src/ibpkey_record.c b/libsemanage/src/ibpkey_record.c index bb7fa6ea..9a47f53b 100644 --- a/libsemanage/src/ibpkey_record.c +++ b/libsemanage/src/ibpkey_record.c @@ -153,7 +153,7 @@ void semanage_ibpkey_free(semanage_ibpkey_t *ibpkey) /* key base functions */ -record_table_t SEMANAGE_IBPKEY_RTABLE = { +const record_table_t SEMANAGE_IBPKEY_RTABLE = { .create = semanage_ibpkey_create, .key_extract = semanage_ibpkey_key_extract, .key_free = semanage_ibpkey_key_free, diff --git a/libsemanage/src/ibpkeys_file.c b/libsemanage/src/ibpkeys_file.c index a45c6d3f..7a7c5772 100644 --- a/libsemanage/src/ibpkeys_file.c +++ b/libsemanage/src/ibpkeys_file.c @@ -153,7 +153,7 @@ err: } /* IBPKEY RECORD: FILE extension: method table */ -static record_file_table_t SEMANAGE_IBPKEY_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_IBPKEY_FILE_RTABLE = { .parse = ibpkey_parse, .print = ibpkey_print, }; diff --git a/libsemanage/src/ibpkeys_policydb.c b/libsemanage/src/ibpkeys_policydb.c index ac16bcb6..01dd673f 100644 --- a/libsemanage/src/ibpkeys_policydb.c +++ b/libsemanage/src/ibpkeys_policydb.c @@ -30,7 +30,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* PKEY RECORD (SEPOL): POLICYDB extension : method table */ -static record_policydb_table_t SEMANAGE_IBPKEY_POLICYDB_RTABLE = { +static const record_policydb_table_t SEMANAGE_IBPKEY_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t)sepol_ibpkey_modify, .set = NULL, diff --git a/libsemanage/src/iface_internal.h b/libsemanage/src/iface_internal.h index df38fb0f..de39ba33 100644 --- a/libsemanage/src/iface_internal.h +++ b/libsemanage/src/iface_internal.h @@ -8,7 +8,7 @@ #include "handle.h" /* IFACE RECORD: method table */ -extern record_table_t SEMANAGE_IFACE_RTABLE; +extern const record_table_t SEMANAGE_IFACE_RTABLE; extern int iface_policydb_dbase_init(semanage_handle_t * handle, dbase_config_t * dconfig); diff --git a/libsemanage/src/iface_record.c b/libsemanage/src/iface_record.c index e54cdd2d..b94afa04 100644 --- a/libsemanage/src/iface_record.c +++ b/libsemanage/src/iface_record.c @@ -144,7 +144,7 @@ void semanage_iface_free(semanage_iface_t * iface) /* Record base functions */ -record_table_t SEMANAGE_IFACE_RTABLE = { +const record_table_t SEMANAGE_IFACE_RTABLE = { .create = semanage_iface_create, .key_extract = semanage_iface_key_extract, .key_free = semanage_iface_key_free, diff --git a/libsemanage/src/interfaces_file.c b/libsemanage/src/interfaces_file.c index 29badb54..d61010ee 100644 --- a/libsemanage/src/interfaces_file.c +++ b/libsemanage/src/interfaces_file.c @@ -145,7 +145,7 @@ static int iface_parse(semanage_handle_t * handle, } /* IFACE RECORD: FILE extension: method table */ -static record_file_table_t SEMANAGE_IFACE_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_IFACE_FILE_RTABLE = { .parse = iface_parse, .print = iface_print, }; diff --git a/libsemanage/src/interfaces_policydb.c b/libsemanage/src/interfaces_policydb.c index 8a02751a..c5936504 100644 --- a/libsemanage/src/interfaces_policydb.c +++ b/libsemanage/src/interfaces_policydb.c @@ -36,7 +36,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* INTERFACE RECRORD (SEPOL): POLICYDB extension: method table */ -static record_policydb_table_t SEMANAGE_IFACE_POLICYDB_RTABLE = { +static const record_policydb_table_t SEMANAGE_IFACE_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t) sepol_iface_modify, .set = NULL, diff --git a/libsemanage/src/node_internal.h b/libsemanage/src/node_internal.h index 234143b4..24041101 100644 --- a/libsemanage/src/node_internal.h +++ b/libsemanage/src/node_internal.h @@ -8,7 +8,7 @@ #include "handle.h" /* NODE RECORD: method table */ -extern record_table_t SEMANAGE_NODE_RTABLE; +extern const record_table_t SEMANAGE_NODE_RTABLE; extern int node_file_dbase_init(semanage_handle_t * handle, const char *path_ro, diff --git a/libsemanage/src/node_record.c b/libsemanage/src/node_record.c index e1c6e03a..9a018d4b 100644 --- a/libsemanage/src/node_record.c +++ b/libsemanage/src/node_record.c @@ -208,7 +208,7 @@ void semanage_node_free(semanage_node_t * node) /* Port base functions */ -record_table_t SEMANAGE_NODE_RTABLE = { +const record_table_t SEMANAGE_NODE_RTABLE = { .create = semanage_node_create, .key_extract = semanage_node_key_extract, .key_free = semanage_node_key_free, diff --git a/libsemanage/src/nodes_file.c b/libsemanage/src/nodes_file.c index e6e108cb..3ed34be1 100644 --- a/libsemanage/src/nodes_file.c +++ b/libsemanage/src/nodes_file.c @@ -154,7 +154,7 @@ static int node_parse(semanage_handle_t * handle, } /* NODE RECORD: FILE extension: method table */ -static record_file_table_t SEMANAGE_NODE_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_NODE_FILE_RTABLE = { .parse = node_parse, .print = node_print, }; diff --git a/libsemanage/src/nodes_policydb.c b/libsemanage/src/nodes_policydb.c index 23464cf6..a32fde97 100644 --- a/libsemanage/src/nodes_policydb.c +++ b/libsemanage/src/nodes_policydb.c @@ -35,7 +35,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* NODE RECORD (SEPOL): POLICYDB extension : method table */ -static record_policydb_table_t SEMANAGE_NODE_POLICYDB_RTABLE = { +static const record_policydb_table_t SEMANAGE_NODE_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t) sepol_node_modify, .set = NULL, diff --git a/libsemanage/src/policy_components.c b/libsemanage/src/policy_components.c index 69835550..bd3747b6 100644 --- a/libsemanage/src/policy_components.c +++ b/libsemanage/src/policy_components.c @@ -21,9 +21,9 @@ static int clear_obsolete(semanage_handle_t * handle, record_key_t *key = NULL; unsigned int i; - dbase_table_t *src_dtable = src->dtable; - dbase_table_t *dst_dtable = dst->dtable; - record_table_t *rtable = src_dtable->get_rtable(src->dbase); + const dbase_table_t *src_dtable = src->dtable; + const dbase_table_t *dst_dtable = dst->dtable; + const record_table_t *rtable = src_dtable->get_rtable(src->dbase); for (i = 0; i < nrecords; i++) { int exists; @@ -65,8 +65,8 @@ static int load_records(semanage_handle_t * handle, record_key_t *rkey = NULL; dbase_t *dbase = dst->dbase; - dbase_table_t *dtable = dst->dtable; - record_table_t *rtable = dtable->get_rtable(dbase); + const dbase_table_t *dtable = dst->dtable; + const record_table_t *rtable = dtable->get_rtable(dbase); for (i = 0; i < nrecords; i++) { @@ -154,7 +154,7 @@ int semanage_base_merge_components(semanage_handle_t * handle) dbase_config_t *src = components[i].src; dbase_config_t *dst = components[i].dst; int mode = components[i].mode; - record_table_t *rtable = src->dtable->get_rtable(src->dbase); + const record_table_t *rtable = src->dtable->get_rtable(src->dbase); /* Must invoke cache function first */ if (src->dtable->cache(handle, src->dbase) < 0) diff --git a/libsemanage/src/port_internal.h b/libsemanage/src/port_internal.h index 67017472..3699ac7f 100644 --- a/libsemanage/src/port_internal.h +++ b/libsemanage/src/port_internal.h @@ -8,7 +8,7 @@ #include "handle.h" /* PORT RECORD: method table */ -extern record_table_t SEMANAGE_PORT_RTABLE; +extern const record_table_t SEMANAGE_PORT_RTABLE; extern int port_file_dbase_init(semanage_handle_t * handle, const char *path_ro, diff --git a/libsemanage/src/port_record.c b/libsemanage/src/port_record.c index f8a1633e..d93e68f6 100644 --- a/libsemanage/src/port_record.c +++ b/libsemanage/src/port_record.c @@ -164,7 +164,7 @@ void semanage_port_free(semanage_port_t * port) /* Port base functions */ -record_table_t SEMANAGE_PORT_RTABLE = { +const record_table_t SEMANAGE_PORT_RTABLE = { .create = semanage_port_create, .key_extract = semanage_port_key_extract, .key_free = semanage_port_key_free, diff --git a/libsemanage/src/ports_file.c b/libsemanage/src/ports_file.c index 6158cb63..64f0c79d 100644 --- a/libsemanage/src/ports_file.c +++ b/libsemanage/src/ports_file.c @@ -161,7 +161,7 @@ static int port_parse(semanage_handle_t * handle, } /* PORT RECORD: FILE extension: method table */ -static record_file_table_t SEMANAGE_PORT_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_PORT_FILE_RTABLE = { .parse = port_parse, .print = port_print, }; diff --git a/libsemanage/src/ports_policydb.c b/libsemanage/src/ports_policydb.c index e7f4fc0d..11ca53ab 100644 --- a/libsemanage/src/ports_policydb.c +++ b/libsemanage/src/ports_policydb.c @@ -35,7 +35,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* PORT RECORD (SEPOL): POLICYDB extension : method table */ -static record_policydb_table_t SEMANAGE_PORT_POLICYDB_RTABLE = { +static const record_policydb_table_t SEMANAGE_PORT_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t) sepol_port_modify, .set = NULL, diff --git a/libsemanage/src/seuser_internal.h b/libsemanage/src/seuser_internal.h index fdb52ef9..80ac77a4 100644 --- a/libsemanage/src/seuser_internal.h +++ b/libsemanage/src/seuser_internal.h @@ -9,7 +9,7 @@ #include "handle.h" /* SEUSER RECORD: method table */ -extern record_table_t SEMANAGE_SEUSER_RTABLE; +extern const record_table_t SEMANAGE_SEUSER_RTABLE; extern int seuser_file_dbase_init(semanage_handle_t * handle, const char *path_ro, diff --git a/libsemanage/src/seuser_record.c b/libsemanage/src/seuser_record.c index 69ebea51..bfaa0d7a 100644 --- a/libsemanage/src/seuser_record.c +++ b/libsemanage/src/seuser_record.c @@ -246,7 +246,7 @@ void semanage_seuser_free(semanage_seuser_t * seuser) /* Record base functions */ -record_table_t SEMANAGE_SEUSER_RTABLE = { +const record_table_t SEMANAGE_SEUSER_RTABLE = { .create = semanage_seuser_create, .key_extract = semanage_seuser_key_extract, .key_free = semanage_seuser_key_free, diff --git a/libsemanage/src/seusers_file.c b/libsemanage/src/seusers_file.c index 7eb3f427..ed3bcb31 100644 --- a/libsemanage/src/seusers_file.c +++ b/libsemanage/src/seusers_file.c @@ -109,7 +109,7 @@ static int seuser_parse(semanage_handle_t * handle, } /* SEUSER RECORD: FILE extension: method table */ -static record_file_table_t SEMANAGE_SEUSER_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_SEUSER_FILE_RTABLE = { .parse = seuser_parse, .print = seuser_print, }; diff --git a/libsemanage/src/user_base_record.c b/libsemanage/src/user_base_record.c index 47037665..3c20aa46 100644 --- a/libsemanage/src/user_base_record.c +++ b/libsemanage/src/user_base_record.c @@ -172,7 +172,7 @@ static int semanage_user_base_compare2_qsort(const semanage_user_base_t ** user, } /* Record base functions */ -record_table_t SEMANAGE_USER_BASE_RTABLE = { +const record_table_t SEMANAGE_USER_BASE_RTABLE = { .create = semanage_user_base_create, .key_extract = semanage_user_base_key_extract, .key_free = semanage_user_key_free, diff --git a/libsemanage/src/user_extra_record.c b/libsemanage/src/user_extra_record.c index d2707224..25349a9b 100644 --- a/libsemanage/src/user_extra_record.c +++ b/libsemanage/src/user_extra_record.c @@ -185,7 +185,7 @@ static int semanage_user_extra_compare2_qsort(const semanage_user_extra_t ** } /* Record base functions */ -record_table_t SEMANAGE_USER_EXTRA_RTABLE = { +const record_table_t SEMANAGE_USER_EXTRA_RTABLE = { .create = semanage_user_extra_create, .key_extract = semanage_user_extra_key_extract, .key_free = semanage_user_key_free, diff --git a/libsemanage/src/user_internal.h b/libsemanage/src/user_internal.h index 678a73a5..65633572 100644 --- a/libsemanage/src/user_internal.h +++ b/libsemanage/src/user_internal.h @@ -9,13 +9,13 @@ #include "handle.h" /* USER record: method table */ -extern record_table_t SEMANAGE_USER_RTABLE; +extern const record_table_t SEMANAGE_USER_RTABLE; /* USER BASE record: method table */ -extern record_table_t SEMANAGE_USER_BASE_RTABLE; +extern const record_table_t SEMANAGE_USER_BASE_RTABLE; /* USER EXTRA record: method table */ -extern record_table_t SEMANAGE_USER_EXTRA_RTABLE; +extern const record_table_t SEMANAGE_USER_EXTRA_RTABLE; /* ============ Init/Release functions ========== */ diff --git a/libsemanage/src/user_record.c b/libsemanage/src/user_record.c index b22c5c1c..325c719d 100644 --- a/libsemanage/src/user_record.c +++ b/libsemanage/src/user_record.c @@ -382,7 +382,7 @@ void semanage_user_free(semanage_user_t * user) } /* Record base functions */ -record_table_t SEMANAGE_USER_RTABLE = { +const record_table_t SEMANAGE_USER_RTABLE = { .create = semanage_user_create, .key_extract = semanage_user_key_extract, .key_free = semanage_user_key_free, diff --git a/libsemanage/src/users_base_file.c b/libsemanage/src/users_base_file.c index f4d15451..bbce4eed 100644 --- a/libsemanage/src/users_base_file.c +++ b/libsemanage/src/users_base_file.c @@ -195,7 +195,7 @@ static int user_base_parse(semanage_handle_t * handle, } /* USER BASE record: FILE extension: method table */ -static record_file_table_t SEMANAGE_USER_BASE_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_USER_BASE_FILE_RTABLE = { .parse = user_base_parse, .print = user_base_print, }; diff --git a/libsemanage/src/users_base_policydb.c b/libsemanage/src/users_base_policydb.c index 2e2ea522..2c871739 100644 --- a/libsemanage/src/users_base_policydb.c +++ b/libsemanage/src/users_base_policydb.c @@ -35,7 +35,7 @@ typedef struct dbase_policydb dbase_t; #include "semanage_store.h" /* USER BASE record: POLICYDB extension: method table */ -static record_policydb_table_t SEMANAGE_USER_BASE_POLICYDB_RTABLE = { +static const record_policydb_table_t SEMANAGE_USER_BASE_POLICYDB_RTABLE = { .add = NULL, .modify = (record_policydb_table_modify_t) sepol_user_modify, .set = NULL, diff --git a/libsemanage/src/users_extra_file.c b/libsemanage/src/users_extra_file.c index b3a15da2..8f2f7139 100644 --- a/libsemanage/src/users_extra_file.c +++ b/libsemanage/src/users_extra_file.c @@ -100,7 +100,7 @@ static int user_extra_parse(semanage_handle_t * handle, } /* USER EXTRA RECORD: FILE extension: method table */ -static record_file_table_t SEMANAGE_USER_EXTRA_FILE_RTABLE = { +static const record_file_table_t SEMANAGE_USER_EXTRA_FILE_RTABLE = { .parse = user_extra_parse, .print = user_extra_print, }; diff --git a/libsemanage/src/users_join.c b/libsemanage/src/users_join.c index dba96f3d..5ca98677 100644 --- a/libsemanage/src/users_join.c +++ b/libsemanage/src/users_join.c @@ -22,7 +22,7 @@ typedef struct dbase_join dbase_t; #include "debug.h" /* USER record: JOIN extension: method table */ -static record_join_table_t SEMANAGE_USER_JOIN_RTABLE = { +static const record_join_table_t SEMANAGE_USER_JOIN_RTABLE = { .join = semanage_user_join, .split = semanage_user_split, }; From patchwork Mon Nov 11 14:16:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870838 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E87F51A073F for ; Mon, 11 Nov 2024 14:17:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; cv=none; b=T+eh/iDM5xSC74mMmb5CFXRGcylf7/l3Nm/w09euK4GNojEYlgRrukGI7l88cWgcr6q8Uo1kC6rthcxKlpBZwUOBSDVDyOFG6qn/tE+Q5ULs4LgPTOR6saGGxwDDA1KkNzFyIId6REBjXpE/xS8SCnPcvDwztR9/5rt6yoXrwLg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; c=relaxed/simple; bh=RcIq0lH04/oh7lll7PFZKiM06kjROEW4eS1nLWwhCmY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=kdvpkmURklfC8AhXtBo5ZplChLfMxcL3bhTp3SLsNubYmQPTm+bfWo7SxebdbJuMVIiuAfVXlUsl51RU/zt+hhgbD7bOgJFhsVeb9koczpbIr5m7kL6dDlPfJdSPyM6uO5yMh0tHf2xNdRLEbiI02UCQryGCYhXozq+pWmSN+nY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=HpoChdG4; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="HpoChdG4" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334638; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=p76SP1HW9r3xchycI0IfrEVrF+BxcE4KDvSV9oxdi5o=; b=HpoChdG4srF8wPqFRPamdQYk5IxQc3BTpTXTAxKVgus3lwHc4lAuUsgZZnt/R2y0jUTq1p eTUQ+Kw7E7wn8Phwmo13n3xc3lJTgb3bw7aqC+0iCftY6hzlPh5s72rFKcahtXUGDWWGB6 Oet394blnIhXeGXLzIrWcAEmQvAFen//WrJMYl/D9L7Hba5/3e2wjZJAZKVh7w78og+8oV RncaU/FSq5BJ9ntbDk+549uqCIkp+kyDGr4AppGrY8SzYA3Axtolf9cV7bcDJmjD9TTxtj n6yjhF5uKUgfRSlnJlPal7LftB1nBPMOf6u0205nXxUI4mZWU+mISK9BZGMTeg== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 28/47] libsemanage: simplify loop exit Date: Mon, 11 Nov 2024 15:16:47 +0100 Message-ID: <20241111141706.38039-28-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Simplify the loop condition and make the loop exit more explicit to avoid static analyzers reporting a potential uninitialized variable. Signed-off-by: Christian Göttsche --- libsemanage/src/semanage_store.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index cb5bc149..c84ca43b 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -738,13 +738,14 @@ int semanage_copy_file(const char *src, const char *dst, mode_t mode, goto out; } umask(mask); - while (retval == 0 && (amount_read = read(in, buf, sizeof(buf))) > 0) { + while ((amount_read = read(in, buf, sizeof(buf))) > 0) { if (write_full(out, buf, amount_read) == -1) { if (errno) errsv = errno; else errsv = EIO; retval = -1; + break; } } if (amount_read < 0) { From patchwork Mon Nov 11 14:16:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870832 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E798A19F41B for ; Mon, 11 Nov 2024 14:17:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334645; cv=none; b=Ro3qEQuJutvKOXuSDf/X7XPktHTDxKbt8PiYpZdAF2uh5Zclnja6lHh6BjT54sPCftlqLE3kdJxobER06GMHKTAdpaImIDJ8nj92WBLVw8k3C6ooGUiU3ZK3jeZKBFEO4oxj8Y/7ZGazBJ/I5XdczKW4TUKGoakpARyV5kH8A5c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334645; c=relaxed/simple; bh=mIYzz/3frDMJqOCbgZ9H5V+XrzrCBwBCGAKhx6VP+z4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=uAdI08j7oUc3sXgQSvWPRvLwbMWAJipoQHHxRYuYjANijZ48ykzlY1TsdDRrV1AuGuX6N4X23N/QR6GOW67rxRUOXHBmM+x+5oGYPZTEV7jg34zl1STr9eqOocthsFCfXpLql6RmTQt3g6aVHA77XyFewCMBrOelCBFgW13eq+E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=LZP6m+wp; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="LZP6m+wp" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334638; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AEzBNfEpNfiPDgohy/Jb1uo9aHSZrzIEXLSExTZ60b8=; b=LZP6m+wpBzZ4MCsu5eKICK0haCzHUtUvUWYBExVBZHQylZrhltv/9Fj3WIveJ3bcFgzwnT N4UjttrclWGa7ldhcpKlokJJUWEgQ+nyz0GRmGF06TOXe3VDKKuYzEFhxidwosDzzUPDrs H/xL62JTl38naGGqpZOrobE/cpTdcmzYoBMcxR2+nl++MDT07VvgRH6HsaIe3jlrohFi3A kVceTlV//iDYBn5xa3fZhyH17mwWKoj/VD6HRc6GrwbC8w7N/JvnUH3YTfunI+2XhHAHrD 0aQtW/lJjuiovvVpkyGGBDN6xNJhLVV9m+Eau8dBUh9Ee/+Z3cbniRmbL7nfeA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 29/47] libsemanage: constify read only parameters and variables Date: Mon, 11 Nov 2024 15:16:48 +0100 Message-ID: <20241111141706.38039-29-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/include/semanage/handle.h | 4 ++-- libsemanage/src/booleans_file.c | 2 +- libsemanage/src/database.c | 2 +- libsemanage/src/database_file.h | 2 +- libsemanage/src/database_llist.h | 4 ++-- libsemanage/src/direct_api.c | 8 ++++---- libsemanage/src/fcontexts_file.c | 2 +- libsemanage/src/genhomedircon.c | 12 ++++++------ libsemanage/src/handle.c | 4 ++-- libsemanage/src/ibendports_file.c | 5 +++-- libsemanage/src/ibpkeys_file.c | 5 +++-- libsemanage/src/interfaces_file.c | 2 +- libsemanage/src/nodes_file.c | 2 +- libsemanage/src/parse_utils.c | 2 +- libsemanage/src/policy_components.c | 4 ++-- libsemanage/src/ports_file.c | 2 +- libsemanage/src/semanage_store.c | 16 ++++++++-------- libsemanage/src/seusers_file.c | 2 +- libsemanage/src/users_base_file.c | 4 ++-- libsemanage/src/users_extra_file.c | 2 +- libsemanage/src/utilities.c | 4 ++-- 21 files changed, 46 insertions(+), 44 deletions(-) diff --git a/libsemanage/include/semanage/handle.h b/libsemanage/include/semanage/handle.h index 41db000f..a5ea31de 100644 --- a/libsemanage/include/semanage/handle.h +++ b/libsemanage/include/semanage/handle.h @@ -51,7 +51,7 @@ enum semanage_connect_type { * It must be called after semanage_handle_create but before * semanage_connect. The argument should be the full path to the store. */ -extern void semanage_select_store(semanage_handle_t * handle, char *path, +extern void semanage_select_store(semanage_handle_t * handle, const char *path, enum semanage_connect_type storetype); /* Just reload the policy */ @@ -74,7 +74,7 @@ extern void semanage_set_check_ext_changes(semanage_handle_t * handle, int do_ch /* Fills *compiler_path with the location of the hll compiler sh->conf->compiler_directory_path * corresponding to lang_ext. * Upon success returns 0, -1 on error. */ -extern int semanage_get_hll_compiler_path(semanage_handle_t *sh, char *lang_ext, char **compiler_path); +extern int semanage_get_hll_compiler_path(semanage_handle_t *sh, const char *lang_ext, char **compiler_path); /* create the store if it does not exist, this only has an effect on * direct connections and must be called before semanage_connect diff --git a/libsemanage/src/booleans_file.c b/libsemanage/src/booleans_file.c index 52628b63..9f2ad1f2 100644 --- a/libsemanage/src/booleans_file.c +++ b/libsemanage/src/booleans_file.c @@ -21,7 +21,7 @@ typedef struct dbase_file dbase_t; #include "debug.h" static int bool_print(semanage_handle_t * handle, - semanage_bool_t * boolean, FILE * str) + const semanage_bool_t * boolean, FILE * str) { const char *name = semanage_bool_get_name(boolean); diff --git a/libsemanage/src/database.c b/libsemanage/src/database.c index fc4f7179..921a4052 100644 --- a/libsemanage/src/database.c +++ b/libsemanage/src/database.c @@ -6,7 +6,7 @@ #include "database.h" #include "debug.h" -static int assert_init(semanage_handle_t * handle, dbase_config_t * dconfig) +static int assert_init(semanage_handle_t * handle, const dbase_config_t * dconfig) { if (dconfig->dtable == NULL) { diff --git a/libsemanage/src/database_file.h b/libsemanage/src/database_file.h index c65a9f9a..f5d9d81b 100644 --- a/libsemanage/src/database_file.h +++ b/libsemanage/src/database_file.h @@ -22,7 +22,7 @@ typedef struct record_file_table { /* Print record to stream */ int (*print) (semanage_handle_t * handle, - record_t * record, FILE * str); + const record_t * record, FILE * str); } record_file_table_t; diff --git a/libsemanage/src/database_llist.h b/libsemanage/src/database_llist.h index 639b784d..de843683 100644 --- a/libsemanage/src/database_llist.h +++ b/libsemanage/src/database_llist.h @@ -69,14 +69,14 @@ static inline void dbase_llist_set_modified(dbase_llist_t * dbase, int status) /* LLIST - cache/transactions */ extern void dbase_llist_drop_cache(dbase_llist_t * dbase); -static inline int dbase_llist_is_modified(dbase_llist_t * dbase) +static inline int dbase_llist_is_modified(const dbase_llist_t * dbase) { return dbase->modified; } /* LLIST - polymorphism */ -static inline const record_table_t *dbase_llist_get_rtable(dbase_llist_t * dbase) +static inline const record_table_t *dbase_llist_get_rtable(const dbase_llist_t * dbase) { return dbase->rtable; } diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index b71e8e81..3b2ab449 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -618,7 +618,7 @@ static int read_from_pipe_to_data(semanage_handle_t *sh, size_t initial_len, int return 0; } -static int semanage_pipe_data(semanage_handle_t *sh, char *path, char *in_data, size_t in_data_len, char **out_data, size_t *out_data_len, char **err_data, size_t *err_data_len) +static int semanage_pipe_data(semanage_handle_t *sh, const char *path, const char *in_data, size_t in_data_len, char **out_data, size_t *out_data_len, char **err_data, size_t *err_data_len) { int input_fd[2] = {-1, -1}; int output_fd[2] = {-1, -1}; @@ -1722,8 +1722,8 @@ static int semanage_direct_install_file(semanage_handle_t * sh, int retval = -1; char *path = NULL; - char *filename; - char *lang_ext = NULL; + const char *filename; + const char *lang_ext = NULL; char *module_name = NULL; char *separator; char *version = NULL; @@ -2215,7 +2215,7 @@ static int semanage_direct_get_module_info(semanage_handle_t *sh, semanage_module_info_t *modinfos = NULL; int modinfos_len = 0; - semanage_module_info_t *highest = NULL; + const semanage_module_info_t *highest = NULL; /* check module name */ ret = semanage_module_validate_name(modkey->name); diff --git a/libsemanage/src/fcontexts_file.c b/libsemanage/src/fcontexts_file.c index e4ef1672..c3c1fc4f 100644 --- a/libsemanage/src/fcontexts_file.c +++ b/libsemanage/src/fcontexts_file.c @@ -43,7 +43,7 @@ static const char *type_str(int type) } static int fcontext_print(semanage_handle_t * handle, - semanage_fcontext_t * fcontext, FILE * str) + const semanage_fcontext_t * fcontext, FILE * str) { char *con_str = NULL; diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 5e7315d8..2fabbbd8 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -170,7 +170,7 @@ err: } static int ignore(const char *homedir) { - ignoredir_t *ptr = ignore_head; + const ignoredir_t *ptr = ignore_head; while (ptr) { if (strcmp(ptr->dir, homedir) == 0) { return 1; @@ -685,7 +685,7 @@ fail: static int write_home_dir_context(genhomedircon_settings_t * s, FILE * out, semanage_list_t * tpl, const genhomedircon_user_entry_t *user) { - replacement_pair_t repl[] = { + const replacement_pair_t repl[] = { {.search_for = TEMPLATE_HOME_DIR,.replace_with = user->home}, {.search_for = TEMPLATE_ROLE,.replace_with = user->prefix}, {NULL, NULL} @@ -703,9 +703,9 @@ static int write_home_dir_context(genhomedircon_settings_t * s, FILE * out, } static int write_home_root_context(genhomedircon_settings_t * s, FILE * out, - semanage_list_t * tpl, char *homedir) + semanage_list_t * tpl, const char *homedir) { - replacement_pair_t repl[] = { + const replacement_pair_t repl[] = { {.search_for = TEMPLATE_HOME_ROOT,.replace_with = homedir}, {NULL, NULL} }; @@ -717,7 +717,7 @@ static int write_username_context(genhomedircon_settings_t * s, FILE * out, semanage_list_t * tpl, const genhomedircon_user_entry_t *user) { - replacement_pair_t repl[] = { + const replacement_pair_t repl[] = { {.search_for = TEMPLATE_USERNAME,.replace_with = user->name}, {.search_for = TEMPLATE_USERID,.replace_with = user->uid}, {.search_for = TEMPLATE_ROLE,.replace_with = user->prefix}, @@ -730,7 +730,7 @@ static int write_username_context(genhomedircon_settings_t * s, FILE * out, static int write_user_context(genhomedircon_settings_t * s, FILE * out, semanage_list_t * tpl, const genhomedircon_user_entry_t *user) { - replacement_pair_t repl[] = { + const replacement_pair_t repl[] = { {.search_for = TEMPLATE_USER,.replace_with = user->name}, {.search_for = TEMPLATE_ROLE,.replace_with = user->prefix}, {NULL, NULL} diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c index 9bb84546..4577ac35 100644 --- a/libsemanage/src/handle.c +++ b/libsemanage/src/handle.c @@ -138,7 +138,7 @@ void semanage_set_check_ext_changes(semanage_handle_t * sh, int do_check) } int semanage_get_hll_compiler_path(semanage_handle_t *sh, - char *lang_ext, + const char *lang_ext, char **compiler_path) { assert(sh != NULL); @@ -272,7 +272,7 @@ int semanage_is_connected(semanage_handle_t * sh) return sh->is_connected; } -void semanage_select_store(semanage_handle_t * sh, char *storename, +void semanage_select_store(semanage_handle_t * sh, const char *storename, enum semanage_connect_type storetype) { diff --git a/libsemanage/src/ibendports_file.c b/libsemanage/src/ibendports_file.c index 2bebbdcf..b0f0aa96 100644 --- a/libsemanage/src/ibendports_file.c +++ b/libsemanage/src/ibendports_file.c @@ -20,9 +20,10 @@ typedef struct dbase_file dbase_t; #include "debug.h" static int ibendport_print(semanage_handle_t *handle, - semanage_ibendport_t *ibendport, + const semanage_ibendport_t *ibendport, FILE *str) { + const semanage_context_t *con; char *con_str = NULL; char *ibdev_name_str = NULL; int port = semanage_ibendport_get_port(ibendport); @@ -30,7 +31,7 @@ static int ibendport_print(semanage_handle_t *handle, if (semanage_ibendport_get_ibdev_name(handle, ibendport, &ibdev_name_str) != 0) goto err; - semanage_context_t *con = semanage_ibendport_get_con(ibendport); + con = semanage_ibendport_get_con(ibendport); if (fprintf(str, "ibendportcon %s ", ibdev_name_str) < 0) goto err; diff --git a/libsemanage/src/ibpkeys_file.c b/libsemanage/src/ibpkeys_file.c index 7a7c5772..8dad8d47 100644 --- a/libsemanage/src/ibpkeys_file.c +++ b/libsemanage/src/ibpkeys_file.c @@ -20,8 +20,9 @@ typedef struct dbase_file dbase_t; #include "debug.h" static int ibpkey_print(semanage_handle_t *handle, - semanage_ibpkey_t *ibpkey, FILE *str) + const semanage_ibpkey_t *ibpkey, FILE *str) { + const semanage_context_t *con; char *con_str = NULL; char *subnet_prefix_str = NULL; @@ -31,7 +32,7 @@ static int ibpkey_print(semanage_handle_t *handle, if (semanage_ibpkey_get_subnet_prefix(handle, ibpkey, &subnet_prefix_str) != 0) goto err; - semanage_context_t *con = semanage_ibpkey_get_con(ibpkey); + con = semanage_ibpkey_get_con(ibpkey); if (fprintf(str, "ibpkeycon %s ", subnet_prefix_str) < 0) goto err; diff --git a/libsemanage/src/interfaces_file.c b/libsemanage/src/interfaces_file.c index d61010ee..9b49e30d 100644 --- a/libsemanage/src/interfaces_file.c +++ b/libsemanage/src/interfaces_file.c @@ -19,7 +19,7 @@ typedef struct dbase_file dbase_t; #include "debug.h" static int iface_print(semanage_handle_t * handle, - semanage_iface_t * iface, FILE * str) + const semanage_iface_t * iface, FILE * str) { char *con_str = NULL; diff --git a/libsemanage/src/nodes_file.c b/libsemanage/src/nodes_file.c index 3ed34be1..781da0e7 100644 --- a/libsemanage/src/nodes_file.c +++ b/libsemanage/src/nodes_file.c @@ -20,7 +20,7 @@ typedef struct dbase_file dbase_t; #include "debug.h" static int node_print(semanage_handle_t * handle, - semanage_node_t * node, FILE * str) + const semanage_node_t * node, FILE * str) { char *con_str = NULL; diff --git a/libsemanage/src/parse_utils.c b/libsemanage/src/parse_utils.c index d3bc148b..d57e59c9 100644 --- a/libsemanage/src/parse_utils.c +++ b/libsemanage/src/parse_utils.c @@ -270,7 +270,7 @@ int parse_fetch_string(semanage_handle_t * handle, parse_info_t * info, char **str, char delim, int allow_spaces) { - char *start = info->ptr; + const char *start = info->ptr; int len = 0; char *tmp_str = NULL; diff --git a/libsemanage/src/policy_components.c b/libsemanage/src/policy_components.c index bd3747b6..ca3fbd20 100644 --- a/libsemanage/src/policy_components.c +++ b/libsemanage/src/policy_components.c @@ -115,7 +115,7 @@ int semanage_base_merge_components(semanage_handle_t * handle) /* Order is important here - change things carefully. * System components first, local next. Verify runs with * mutual dependencies are ran after everything is merged */ - load_table_t components[] = { + const load_table_t components[] = { {semanage_user_base_dbase_local(handle), semanage_user_base_dbase_policy(handle), MODE_MODIFY}, @@ -210,7 +210,7 @@ int semanage_commit_components(semanage_handle_t * handle) { int i; - dbase_config_t *components[] = { + const dbase_config_t *components[] = { semanage_iface_dbase_local(handle), semanage_bool_dbase_local(handle), semanage_user_base_dbase_local(handle), diff --git a/libsemanage/src/ports_file.c b/libsemanage/src/ports_file.c index 64f0c79d..e2b6b5d5 100644 --- a/libsemanage/src/ports_file.c +++ b/libsemanage/src/ports_file.c @@ -20,7 +20,7 @@ typedef struct dbase_file dbase_t; #include "debug.h" static int port_print(semanage_handle_t * handle, - semanage_port_t * port, FILE * str) + const semanage_port_t * port, FILE * str) { char *con_str = NULL; diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index c84ca43b..427952a1 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -78,13 +78,13 @@ static char *semanage_files[SEMANAGE_NUM_FILES] = { NULL }; static int semanage_paths_initialized = 0; /* These are paths relative to the bottom of the module store */ -static const char *semanage_relative_files[SEMANAGE_NUM_FILES] = { +static const char *const semanage_relative_files[SEMANAGE_NUM_FILES] = { "", "/semanage.trans.LOCK", "/semanage.read.LOCK" }; -static const char *semanage_store_paths[SEMANAGE_NUM_STORES] = { +static const char *const semanage_store_paths[SEMANAGE_NUM_STORES] = { "/active", "/previous", "/tmp" @@ -92,7 +92,7 @@ static const char *semanage_store_paths[SEMANAGE_NUM_STORES] = { /* relative path names to enum sandbox_paths for special files within * a sandbox */ -static const char *semanage_sandbox_paths[SEMANAGE_STORE_NUM_PATHS] = { +static const char *const semanage_sandbox_paths[SEMANAGE_STORE_NUM_PATHS] = { "", "/modules", "/policy.linked", @@ -1152,7 +1152,7 @@ int semanage_get_active_modules(semanage_handle_t * sh, int j = 0; semanage_list_t *list = NULL; - semanage_list_t *found = NULL; + const semanage_list_t *found = NULL; semanage_module_info_t *all_modinfos = NULL; int all_modinfos_len = 0; @@ -2093,7 +2093,7 @@ int semanage_direct_get_serial(semanage_handle_t * sh) int semanage_load_files(semanage_handle_t * sh, cil_db_t *cildb, char **filenames, int numfiles) { int i, retval; - char *filename; + const char *filename; struct file_contents contents = {}; for (i = 0; i < numfiles; i++) { @@ -2218,7 +2218,7 @@ int semanage_verify_modules(semanage_handle_t * sh, return 0; } for (i = 0; i < num_modules; i++) { - char *module = module_filenames[i]; + const char *module = module_filenames[i]; external_prog_t *e; for (e = conf->mod_prog; e != NULL; e = e->next) { if (semanage_exec_prog(sh, e, module, "$<") != 0) { @@ -2331,8 +2331,8 @@ static void semanage_fc_bucket_list_destroy(semanage_file_context_bucket_t * x) * now. A proper comparison would determine which (if either) * regular expression is a subset of the other. */ -static int semanage_fc_compare(semanage_file_context_node_t * a, - semanage_file_context_node_t * b) +static int semanage_fc_compare(const semanage_file_context_node_t * a, + const semanage_file_context_node_t * b) { int a_has_meta = (a->meta >= 0); int b_has_meta = (b->meta >= 0); diff --git a/libsemanage/src/seusers_file.c b/libsemanage/src/seusers_file.c index ed3bcb31..9e463e35 100644 --- a/libsemanage/src/seusers_file.c +++ b/libsemanage/src/seusers_file.c @@ -20,7 +20,7 @@ typedef struct dbase_file dbase_t; #include "handle.h" static int seuser_print(semanage_handle_t * handle, - semanage_seuser_t * seuser, FILE * str) + const semanage_seuser_t * seuser, FILE * str) { const char *name = semanage_seuser_get_name(seuser); diff --git a/libsemanage/src/users_base_file.c b/libsemanage/src/users_base_file.c index bbce4eed..b9998b37 100644 --- a/libsemanage/src/users_base_file.c +++ b/libsemanage/src/users_base_file.c @@ -21,7 +21,7 @@ typedef struct dbase_file dbase_t; #include "debug.h" static int user_base_print(semanage_handle_t * handle, - semanage_user_base_t * user, FILE * str) + const semanage_user_base_t * user, FILE * str) { const char **roles = NULL; @@ -68,7 +68,7 @@ static int user_base_parse(semanage_handle_t * handle, int islist; char *str = NULL; - char *start; + const char *start; char *name_str = NULL; if (parse_skip_space(handle, info) < 0) diff --git a/libsemanage/src/users_extra_file.c b/libsemanage/src/users_extra_file.c index 8f2f7139..d7b2df05 100644 --- a/libsemanage/src/users_extra_file.c +++ b/libsemanage/src/users_extra_file.c @@ -21,7 +21,7 @@ typedef struct dbase_file dbase_t; #include "handle.h" static int user_extra_print(semanage_handle_t * handle, - semanage_user_extra_t * user_extra, FILE * str) + const semanage_user_extra_t * user_extra, FILE * str) { const char *name = semanage_user_extra_get_name(user_extra); diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c index 4beccb5b..ec578340 100644 --- a/libsemanage/src/utilities.c +++ b/libsemanage/src/utilities.c @@ -73,7 +73,7 @@ int semanage_is_prefix(const char *str, const char *prefix) char *semanage_split_on_space(const char *str) { /* as per the man page, these are the isspace() chars */ - const char *seps = "\f\n\r\t\v "; + const char *const seps = "\f\n\r\t\v "; size_t off = 0; if (!str) @@ -88,7 +88,7 @@ char *semanage_split_on_space(const char *str) char *semanage_split(const char *str, const char *delim) { - char *retval; + const char *retval; if (!str) return NULL; From patchwork Mon Nov 11 14:16:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870833 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3ABA61A08A3 for ; Mon, 11 Nov 2024 14:17:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334645; cv=none; b=eK7eGaiUDX+zrrhm8paooLgkLscubWkCbD5yYDp/YnNGYLDgXr9wKb6zS/rxrhwINL9smvWO+uDz3LOMBLCKau+6b7EtNb3yQSYgnwDpuy/3OL4wU6+B3Hoj7SuMCIqoupGCDnqa3ceEQQJEyhrSwTx4b0RLTzA6Q9z33oetmPc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334645; c=relaxed/simple; bh=QpP3lG3OTkKbciCe5Jo2aIlHtEiXCq5nWe1UMCEMYIw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=R9shSys/x8/Klzt+QVgZ/bs6kGFOaalxfuyEkl0PWhkbzInJKaMTMMJ4yxnIKUMgkV0HAfK6YSuIIcBFnkpBJuiB70hhEHLuSz+ZItBuLZqDKLMCEbMQSr/AJ8KhWInfzGlw0Q4RbhRwT1tcuVOVVhPRXs9qk93d/VRV0fdd9bQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=quDJg2Hx; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="quDJg2Hx" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334638; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=bRF8X5JJqpASKAzaf0T9f2wPz7QehjAVj2xI0bmt4v8=; b=quDJg2Hx+z8Xg8V9d5PsI76lZK3KcDx3BNE12vOFHelDrS/6Nah1qCz/1c6GXn1SeJSKgW XiHH5M+FKIGA5wJ44ipQtoTVCSX8zASBs1vBns2lr7eAO0iojtGWH3qBXGxQebElZP2p1z 3fzxeGD/763VqjAhYcaZNhCPUDcXUJLO3Ny9rf5AlJfJIQLrDDES7p2MACw/1dSTjk9w+l IdWvMaRr/32xJPF7QMuSntyVZYtJhadoDSOS6lihUarcXOnH5/OpyMwJfEaOhP28LTQGPD X4vnP5p5xlvPFVNSCsGUqkZTT1oCEj19netX0qwABWd9zNSStBCvTOTzSTro7A== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 30/47] libsemanage: avoid misc function pointer casts Date: Mon, 11 Nov 2024 15:16:49 +0100 Message-ID: <20241111141706.38039-30-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Function pointer casts are strictly speaking undefined behavior. Signed-off-by: Christian Göttsche --- libsemanage/src/boolean_record.c | 7 ++++--- libsemanage/src/database.h | 2 +- libsemanage/src/database_join.c | 6 ++---- libsemanage/src/fcontext_record.c | 9 ++++----- libsemanage/src/genhomedircon.c | 21 ++++++++++++--------- libsemanage/src/ibendport_internal.h | 3 +-- libsemanage/src/ibendport_record.c | 8 +++++--- libsemanage/src/ibendports_local.c | 4 +--- libsemanage/src/ibpkey_internal.h | 3 +-- libsemanage/src/ibpkey_record.c | 8 +++++--- libsemanage/src/ibpkeys_local.c | 4 +--- libsemanage/src/iface_record.c | 8 +++++--- libsemanage/src/node_internal.h | 3 +-- libsemanage/src/node_record.c | 7 ++++--- libsemanage/src/policy_components.c | 4 +--- libsemanage/src/port_internal.h | 3 +-- libsemanage/src/port_record.c | 7 ++++--- libsemanage/src/ports_local.c | 4 +--- libsemanage/src/seuser_record.c | 7 ++++--- libsemanage/src/seusers_local.c | 3 ++- libsemanage/src/user_base_record.c | 8 ++++---- libsemanage/src/user_extra_record.c | 9 ++++----- libsemanage/src/user_record.c | 7 ++++--- libsemanage/src/utilities.c | 10 ++++++---- libsemanage/src/utilities.h | 3 +-- 25 files changed, 79 insertions(+), 79 deletions(-) diff --git a/libsemanage/src/boolean_record.c b/libsemanage/src/boolean_record.c index 2cbdd09b..41632052 100644 --- a/libsemanage/src/boolean_record.c +++ b/libsemanage/src/boolean_record.c @@ -64,11 +64,12 @@ int semanage_bool_compare2(const semanage_bool_t * boolean, } -static int semanage_bool_compare2_qsort(const semanage_bool_t ** boolean, - const semanage_bool_t ** boolean2) +static int semanage_bool_compare2_qsort(const void *p1, const void *p2) { + const semanage_bool_t *const *boolean1 = p1; + const semanage_bool_t *const *boolean2 = p2; - return sepol_bool_compare2(*boolean, *boolean2); + return sepol_bool_compare2(*boolean1, *boolean2); } /* Name */ diff --git a/libsemanage/src/database.h b/libsemanage/src/database.h index 1950b63d..33348e2e 100644 --- a/libsemanage/src/database.h +++ b/libsemanage/src/database.h @@ -43,7 +43,7 @@ typedef struct record_table { /* Same as above, but dereferences the pointer first. * This function is intenteded to be used as a qsort * comparator. */ - int (*compare2_qsort) (const record_t ** rec, const record_t ** rec2); + int (*compare2_qsort) (const void * rec, const void * rec2); /* Deep-copy clone of this record */ int (*clone) (struct semanage_handle * handle, diff --git a/libsemanage/src/database_join.c b/libsemanage/src/database_join.c index 3e97f432..abe6c43c 100644 --- a/libsemanage/src/database_join.c +++ b/libsemanage/src/database_join.c @@ -78,12 +78,10 @@ static int dbase_join_cache(semanage_handle_t * handle, dbase_join_t * dbase) /* Sort for quicker merge later */ if (rcount1 > 0) { - qsort(records1, rcount1, sizeof(record1_t *), - (int (*)(const void *, const void *))rtable1->compare2_qsort); + qsort(records1, rcount1, sizeof(record1_t *), rtable1->compare2_qsort); } if (rcount2 > 0) { - qsort(records2, rcount2, sizeof(record2_t *), - (int (*)(const void *, const void *))rtable2->compare2_qsort); + qsort(records2, rcount2, sizeof(record2_t *), rtable2->compare2_qsort); } /* Now merge into this dbase */ diff --git a/libsemanage/src/fcontext_record.c b/libsemanage/src/fcontext_record.c index f36e8317..cc6932eb 100644 --- a/libsemanage/src/fcontext_record.c +++ b/libsemanage/src/fcontext_record.c @@ -121,13 +121,12 @@ int semanage_fcontext_compare2(const semanage_fcontext_t * fcontext, } -static int semanage_fcontext_compare2_qsort(const semanage_fcontext_t ** - fcontext, - const semanage_fcontext_t ** - fcontext2) +static int semanage_fcontext_compare2_qsort(const void *p1, const void *p2) { + const semanage_fcontext_t *const *fcontext1 = p1; + const semanage_fcontext_t *const *fcontext2 = p2; - return semanage_fcontext_compare2(*fcontext, *fcontext2); + return semanage_fcontext_compare2(*fcontext1, *fcontext2); } /* Create */ diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 2fabbbd8..53673645 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -757,14 +757,20 @@ static int seuser_sort_func(const void *arg1, const void *arg2) return strcmp(name1, name2); } -static int user_sort_func(semanage_user_t ** arg1, semanage_user_t ** arg2) +static int user_sort_func(const void *arg1, const void *arg2) { - return strcmp(semanage_user_get_name(*arg1), - semanage_user_get_name(*arg2)); + const semanage_user_t *const *user1 = arg1; + const semanage_user_t *const *user2 = arg2; + + return strcmp(semanage_user_get_name(*user1), + semanage_user_get_name(*user2)); } -static int name_user_cmp(char *key, semanage_user_t ** val) +static int name_user_cmp(const void *arg1, const void *arg2) { + const char *key = arg1; + const semanage_user_t *const *val = arg2; + return strcmp(key, semanage_user_get_name(*val)); } @@ -1184,8 +1190,7 @@ static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s, qsort(seuser_list, nseusers, sizeof(semanage_seuser_t *), &seuser_sort_func); - qsort(user_list, nusers, sizeof(semanage_user_t *), - (int (*)(const void *, const void *))&user_sort_func); + qsort(user_list, nusers, sizeof(semanage_user_t *), user_sort_func); for (i = 0; i < nseusers; i++) { seuname = semanage_seuser_get_sename(seuser_list[i]); @@ -1195,9 +1200,7 @@ static genhomedircon_user_entry_t *get_users(genhomedircon_settings_t * s, continue; /* find the user structure given the name */ - u = bsearch(seuname, user_list, nusers, sizeof(semanage_user_t *), - (int (*)(const void *, const void *)) - &name_user_cmp); + u = bsearch(seuname, user_list, nusers, sizeof(semanage_user_t *), name_user_cmp); /* %groupname syntax */ if (name[0] == '%') { diff --git a/libsemanage/src/ibendport_internal.h b/libsemanage/src/ibendport_internal.h index 04e0da5a..946c262a 100644 --- a/libsemanage/src/ibendport_internal.h +++ b/libsemanage/src/ibendport_internal.h @@ -26,7 +26,6 @@ extern int semanage_ibendport_validate_local(semanage_handle_t *handle); /* ==== Internal (to ibendports) API === */ - int semanage_ibendport_compare2_qsort(const semanage_ibendport_t **ibendport, - const semanage_ibendport_t **ibendport2); + int semanage_ibendport_compare2_qsort(const void *p1, const void *p2); #endif diff --git a/libsemanage/src/ibendport_record.c b/libsemanage/src/ibendport_record.c index 6afe8975..38f1a4b0 100644 --- a/libsemanage/src/ibendport_record.c +++ b/libsemanage/src/ibendport_record.c @@ -37,10 +37,12 @@ int semanage_ibendport_compare2(const semanage_ibendport_t *ibendport, } - int semanage_ibendport_compare2_qsort(const semanage_ibendport_t **ibendport, - const semanage_ibendport_t **ibendport2) + int semanage_ibendport_compare2_qsort(const void *p1, const void *p2) { - return sepol_ibendport_compare2(*ibendport, *ibendport2); + const semanage_ibendport_t *const *ibendport1 = p1; + const semanage_ibendport_t *const *ibendport2 = p2; + + return sepol_ibendport_compare2(*ibendport1, *ibendport2); } int semanage_ibendport_key_create(semanage_handle_t *handle, diff --git a/libsemanage/src/ibendports_local.c b/libsemanage/src/ibendports_local.c index feebfa63..0b8c14d2 100644 --- a/libsemanage/src/ibendports_local.c +++ b/libsemanage/src/ibendports_local.c @@ -89,9 +89,7 @@ int semanage_ibendport_validate_local(semanage_handle_t *handle) if (semanage_ibendport_list_local(handle, &ibendports, &nibendports) < 0) goto err; - qsort(ibendports, nibendports, sizeof(semanage_ibendport_t *), - (int (*)(const void *, const void *)) - &semanage_ibendport_compare2_qsort); + qsort(ibendports, nibendports, sizeof(semanage_ibendport_t *), semanage_ibendport_compare2_qsort); /* Test each ibendport */ while (i < nibendports) { diff --git a/libsemanage/src/ibpkey_internal.h b/libsemanage/src/ibpkey_internal.h index c1d97876..8761b5af 100644 --- a/libsemanage/src/ibpkey_internal.h +++ b/libsemanage/src/ibpkey_internal.h @@ -26,7 +26,6 @@ extern int semanage_ibpkey_validate_local(semanage_handle_t *handle); /* ==== Internal (to ibpkeys) API === */ - int semanage_ibpkey_compare2_qsort(const semanage_ibpkey_t **ibpkey, - const semanage_ibpkey_t **ibpkey2); + int semanage_ibpkey_compare2_qsort(const void *p1, const void *p2); #endif diff --git a/libsemanage/src/ibpkey_record.c b/libsemanage/src/ibpkey_record.c index 9a47f53b..e015663f 100644 --- a/libsemanage/src/ibpkey_record.c +++ b/libsemanage/src/ibpkey_record.c @@ -37,10 +37,12 @@ int semanage_ibpkey_compare2(const semanage_ibpkey_t *ibpkey, } - int semanage_ibpkey_compare2_qsort(const semanage_ibpkey_t **ibpkey, - const semanage_ibpkey_t **ibpkey2) + int semanage_ibpkey_compare2_qsort(const void *p1, const void *p2) { - return sepol_ibpkey_compare2(*ibpkey, *ibpkey2); + const semanage_ibpkey_t *const *ibpkey1 = p1; + const semanage_ibpkey_t *const *ibpkey2 = p2; + + return sepol_ibpkey_compare2(*ibpkey1, *ibpkey2); } int semanage_ibpkey_key_create(semanage_handle_t *handle, diff --git a/libsemanage/src/ibpkeys_local.c b/libsemanage/src/ibpkeys_local.c index 6d05d125..6848bd0d 100644 --- a/libsemanage/src/ibpkeys_local.c +++ b/libsemanage/src/ibpkeys_local.c @@ -91,9 +91,7 @@ int semanage_ibpkey_validate_local(semanage_handle_t *handle) if (semanage_ibpkey_list_local(handle, &ibpkeys, &nibpkeys) < 0) goto err; - qsort(ibpkeys, nibpkeys, sizeof(semanage_ibpkey_t *), - (int (*)(const void *, const void *)) - &semanage_ibpkey_compare2_qsort); + qsort(ibpkeys, nibpkeys, sizeof(semanage_ibpkey_t *), semanage_ibpkey_compare2_qsort); /* Test each ibpkey for overlap */ while (i < nibpkeys) { diff --git a/libsemanage/src/iface_record.c b/libsemanage/src/iface_record.c index b94afa04..15c3175e 100644 --- a/libsemanage/src/iface_record.c +++ b/libsemanage/src/iface_record.c @@ -40,11 +40,13 @@ int semanage_iface_compare2(const semanage_iface_t * iface, } -static int semanage_iface_compare2_qsort(const semanage_iface_t ** iface, - const semanage_iface_t ** iface2) +static int semanage_iface_compare2_qsort(const void *p1, + const void *p2) { + const semanage_iface_t *const *iface1 = p1; + const semanage_iface_t *const *iface2 = p2; - return sepol_iface_compare2(*iface, *iface2); + return sepol_iface_compare2(*iface1, *iface2); } int semanage_iface_key_create(semanage_handle_t * handle, diff --git a/libsemanage/src/node_internal.h b/libsemanage/src/node_internal.h index 24041101..632e41e5 100644 --- a/libsemanage/src/node_internal.h +++ b/libsemanage/src/node_internal.h @@ -26,7 +26,6 @@ extern int semanage_node_validate_local(semanage_handle_t * handle); /* ==== Internal (to nodes) API === */ - int semanage_node_compare2_qsort(const semanage_node_t ** node, - const semanage_node_t ** node2); + int semanage_node_compare2_qsort(const void *p1, const void *p2); #endif diff --git a/libsemanage/src/node_record.c b/libsemanage/src/node_record.c index 9a018d4b..4d9bca42 100644 --- a/libsemanage/src/node_record.c +++ b/libsemanage/src/node_record.c @@ -41,11 +41,12 @@ int semanage_node_compare2(const semanage_node_t * node, } - int semanage_node_compare2_qsort(const semanage_node_t ** node, - const semanage_node_t ** node2) + int semanage_node_compare2_qsort(const void *p1, const void *p2) { + const semanage_node_t *const *node1 = p1; + const semanage_node_t *const *node2 = p2; - return sepol_node_compare2(*node, *node2); + return sepol_node_compare2(*node1, *node2); } int semanage_node_key_create(semanage_handle_t * handle, diff --git a/libsemanage/src/policy_components.c b/libsemanage/src/policy_components.c index ca3fbd20..6557bb18 100644 --- a/libsemanage/src/policy_components.c +++ b/libsemanage/src/policy_components.c @@ -169,9 +169,7 @@ int semanage_base_merge_components(semanage_handle_t * handle) /* Sort records on MODE_SORT */ if (mode & MODE_SORT) { - qsort(records, nrecords, sizeof(record_t *), - (int (*)(const void *, const void *))rtable-> - compare2_qsort); + qsort(records, nrecords, sizeof(record_t *), rtable->compare2_qsort); } /* Clear obsolete ones for MODE_SET */ diff --git a/libsemanage/src/port_internal.h b/libsemanage/src/port_internal.h index 3699ac7f..25c1f511 100644 --- a/libsemanage/src/port_internal.h +++ b/libsemanage/src/port_internal.h @@ -26,7 +26,6 @@ extern int semanage_port_validate_local(semanage_handle_t * handle); /* ==== Internal (to ports) API === */ - int semanage_port_compare2_qsort(const semanage_port_t ** port, - const semanage_port_t ** port2); + int semanage_port_compare2_qsort(const void* p1, const void *p2); #endif diff --git a/libsemanage/src/port_record.c b/libsemanage/src/port_record.c index d93e68f6..2ea138ce 100644 --- a/libsemanage/src/port_record.c +++ b/libsemanage/src/port_record.c @@ -40,11 +40,12 @@ int semanage_port_compare2(const semanage_port_t * port, } - int semanage_port_compare2_qsort(const semanage_port_t ** port, - const semanage_port_t ** port2) + int semanage_port_compare2_qsort(const void *p1, const void *p2) { + const semanage_port_t *const * port1 = p1; + const semanage_port_t *const * port2 = p2; - return sepol_port_compare2(*port, *port2); + return sepol_port_compare2(*port1, *port2); } int semanage_port_key_create(semanage_handle_t * handle, diff --git a/libsemanage/src/ports_local.c b/libsemanage/src/ports_local.c index 0261b07f..7d4d0768 100644 --- a/libsemanage/src/ports_local.c +++ b/libsemanage/src/ports_local.c @@ -82,9 +82,7 @@ int semanage_port_validate_local(semanage_handle_t * handle) /* List and sort the ports */ if (semanage_port_list_local(handle, &ports, &nports) < 0) goto err; - qsort(ports, nports, sizeof(semanage_port_t *), - (int (*)(const void *, const void *)) - &semanage_port_compare2_qsort); + qsort(ports, nports, sizeof(semanage_port_t *), semanage_port_compare2_qsort); /* Test each port for overlap */ while (i < nports) { diff --git a/libsemanage/src/seuser_record.c b/libsemanage/src/seuser_record.c index bfaa0d7a..3a8ebfe0 100644 --- a/libsemanage/src/seuser_record.c +++ b/libsemanage/src/seuser_record.c @@ -99,11 +99,12 @@ int semanage_seuser_compare2(const semanage_seuser_t * seuser, } -static int semanage_seuser_compare2_qsort(const semanage_seuser_t ** seuser, - const semanage_seuser_t ** seuser2) +static int semanage_seuser_compare2_qsort(const void *p1, const void *p2) { + const semanage_seuser_t *const *seuser1 = p1; + const semanage_seuser_t *const *seuser2 = p2; - return strcmp((*seuser)->name, (*seuser2)->name); + return semanage_seuser_compare2(*seuser1, *seuser2); } /* Name */ diff --git a/libsemanage/src/seusers_local.c b/libsemanage/src/seusers_local.c index ec7bfb08..eb3f82bc 100644 --- a/libsemanage/src/seusers_local.c +++ b/libsemanage/src/seusers_local.c @@ -126,7 +126,8 @@ int semanage_seuser_modify_local(semanage_handle_t * handle, const semanage_seuser_t * data) { int rc; - void *callback = (void *) handle->msg_callback; + __attribute__((format(printf, 3, 4))) + void (*callback) (void*, semanage_handle_t*, const char*, ...) = handle->msg_callback; dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); const char *sename = semanage_seuser_get_sename(data); const char *mls_range = semanage_seuser_get_mlsrange(data); diff --git a/libsemanage/src/user_base_record.c b/libsemanage/src/user_base_record.c index 3c20aa46..ed911de8 100644 --- a/libsemanage/src/user_base_record.c +++ b/libsemanage/src/user_base_record.c @@ -47,12 +47,12 @@ static int semanage_user_base_compare2(const semanage_user_base_t * user, return sepol_user_compare2(user, user2); } -static int semanage_user_base_compare2_qsort(const semanage_user_base_t ** user, - const semanage_user_base_t ** - user2) +static int semanage_user_base_compare2_qsort(const void *p1, const void *p2) { + const semanage_user_base_t *const *user1 = p1; + const semanage_user_base_t *const *user2 = p2; - return sepol_user_compare2(*user, *user2); + return sepol_user_compare2(*user1, *user2); } /* Name */ diff --git a/libsemanage/src/user_extra_record.c b/libsemanage/src/user_extra_record.c index 25349a9b..a948114a 100644 --- a/libsemanage/src/user_extra_record.c +++ b/libsemanage/src/user_extra_record.c @@ -66,13 +66,12 @@ static int semanage_user_extra_compare2(const semanage_user_extra_t * return strcmp(user_extra->name, user_extra2->name); } -static int semanage_user_extra_compare2_qsort(const semanage_user_extra_t ** - user_extra, - const semanage_user_extra_t ** - user_extra2) +static int semanage_user_extra_compare2_qsort(const void *p1, const void *p2) { + const semanage_user_extra_t *const *user_extra1 = p1; + const semanage_user_extra_t *const *user_extra2 = p2; - return strcmp((*user_extra)->name, (*user_extra2)->name); + return semanage_user_extra_compare2(*user_extra1, *user_extra2); } /* Name */ diff --git a/libsemanage/src/user_record.c b/libsemanage/src/user_record.c index 325c719d..47e89145 100644 --- a/libsemanage/src/user_record.c +++ b/libsemanage/src/user_record.c @@ -79,11 +79,12 @@ int semanage_user_compare2(const semanage_user_t * user, } -static int semanage_user_compare2_qsort(const semanage_user_t ** user, - const semanage_user_t ** user2) +static int semanage_user_compare2_qsort(const void *p1, const void *p2) { + const semanage_user_t *const *user1 = p1; + const semanage_user_t *const *user2 = p2; - return strcmp((*user)->name, (*user2)->name); + return semanage_user_compare2(*user1, *user2); } /* Name */ diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c index ec578340..a64015f8 100644 --- a/libsemanage/src/utilities.c +++ b/libsemanage/src/utilities.c @@ -183,8 +183,7 @@ int semanage_list_sort(semanage_list_t ** l) array[i++] = temp; } - qsort(array, count, sizeof(semanage_list_t *), - (int (*)(const void *, const void *))&semanage_cmp_plist_t); + qsort(array, count, sizeof(semanage_list_t *), semanage_cmp_plist_t); for (i = 0; i < (count - 1); ++i) { array[i]->next = array[i + 1]; } @@ -195,9 +194,12 @@ int semanage_list_sort(semanage_list_t ** l) return 0; } -int semanage_cmp_plist_t(const semanage_list_t ** x, const semanage_list_t ** y) +int semanage_cmp_plist_t(const void *x, const void *y) { - return strcmp((*x)->data, (*y)->data); + const semanage_list_t *const *l1 = x; + const semanage_list_t *const *l2 = y; + + return strcmp((*l1)->data, (*l2)->data); } int semanage_str_count(const char *data, char what) diff --git a/libsemanage/src/utilities.h b/libsemanage/src/utilities.h index 78f1f96e..4cc41f84 100644 --- a/libsemanage/src/utilities.h +++ b/libsemanage/src/utilities.h @@ -98,8 +98,7 @@ int semanage_list_sort(semanage_list_t ** l) WARN_UNUSED; * returns strcmp(x->data, y->data) * used internally by semanage_list_sort() */ -int semanage_cmp_plist_t(const semanage_list_t ** x, - const semanage_list_t ** y); +int semanage_cmp_plist_t(const void *x, const void *y); /** * @param data a target string * @param what a character From patchwork Mon Nov 11 14:16:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870831 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3AAF41A072A for ; Mon, 11 Nov 2024 14:17:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334645; cv=none; b=RnLoTHVbT8XkZCQRQ1fyQv3bBHb3+xCvDtaa2IgZRu/6Oq9Mu4sPPmcGLif2UyzS9Qqjbb2+dztQpFKudAb/JUVhTjmO2Qn//Vxe8f7/6+FBLy3Nf5YpfT5bxYJm++IzWZljc8ioGvefUch4UyE9x8wGwCw/4yeucjSr/AUqbQM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334645; c=relaxed/simple; bh=jixhs1z319aSFFVMRNS4eQTvnnAaGXnVa9fExrT/Z+k=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=uhAbsDjY84KSoHsq39tKZTCvttHeBq5beU9UNpsnBDu+U0iDkNP72vtUYdk26fUeyvXdj6b26HrIl17LQudDAx3wk+UbrUewThtp6v8YdvZDC3YlMY1dzvdWVhzi/BvZ88EnkeATsR7eV8dMSXlxTjXObNS9/k8VRHVM+uhRI0E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=AiU1L4Nu; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="AiU1L4Nu" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334638; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=g4k3U6c/LIu11hCwplrBAAoRyBkhG09e0AAaUJ7G5D4=; b=AiU1L4Nu7v6WqlmwC+l1sTxVZJNcaXSrSM18GHtL8Q6bOWwOCvtJE6K0tS3JG4RDWa3pD3 ICkwDQW3PYlK3Xt3BSSZtHvus2Qj9noL/aHP4a1aRs+8nN2XUg4QNY7z6YgR9Am/+OtDC7 pcasliTUJNueHDPtefEKZJAB8aKUJ+7qHiT0b8xWgmE0LO8sP+lMpr0KZGGA2BJrJ1EOdw LLM7zVZZWcqZv9sdLQbB915lzB6dSfOLxFTChI4y+MZfKEdY/Xl4uvuQ+iD22L1TO+Ksmp B+zvBpFTgw+g3OoXxMmQY4zY1/QCrGOa1bkuRY08nTbX5J4qtWo40kAAMp5awA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 31/47] libsemanage: adjust sizes to avoid implicit truncations Date: Mon, 11 Nov 2024 15:16:50 +0100 Message-ID: <20241111141706.38039-31-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Use size_t for sizes and align miscellaneous type mismatches. Signed-off-by: Christian Göttsche --- libsemanage/src/compressed_file.c | 2 +- libsemanage/src/handle.c | 2 +- libsemanage/src/parse_utils.c | 4 ++-- libsemanage/src/semanage_store.c | 12 ++++++------ libsemanage/src/utilities.c | 6 +++--- libsemanage/src/utilities.h | 2 +- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/libsemanage/src/compressed_file.c b/libsemanage/src/compressed_file.c index 74185c92..e4a1efb0 100644 --- a/libsemanage/src/compressed_file.c +++ b/libsemanage/src/compressed_file.c @@ -104,7 +104,7 @@ static ssize_t bunzip(semanage_handle_t *sh, FILE *f, void **data) size_t total = 0; uint8_t* uncompress = NULL; uint8_t* tmpalloc = NULL; - int ret = -1; + ssize_t ret = -1; buf = malloc(bufsize); if (buf == NULL) { diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c index 4577ac35..740bc83f 100644 --- a/libsemanage/src/handle.c +++ b/libsemanage/src/handle.c @@ -172,7 +172,7 @@ int semanage_get_hll_compiler_path(semanage_handle_t *sh, } num_printed = snprintf(compiler, len, "%s/%s", sh->conf->compiler_directory_path, lower_lang_ext); - if (num_printed < 0 || (int)num_printed >= (int)len) { + if (num_printed < 0 || (size_t)num_printed >= len) { ERR(sh, "Error creating compiler path."); status = -1; goto cleanup; diff --git a/libsemanage/src/parse_utils.c b/libsemanage/src/parse_utils.c index d57e59c9..d1d6e930 100644 --- a/libsemanage/src/parse_utils.c +++ b/libsemanage/src/parse_utils.c @@ -85,7 +85,7 @@ int parse_skip_space(semanage_handle_t * handle, parse_info_t * info) size_t buf_len = 0; ssize_t len; - int lineno = info->lineno; + unsigned int lineno = info->lineno; char *buffer = NULL; char *ptr; @@ -271,7 +271,7 @@ int parse_fetch_string(semanage_handle_t * handle, { const char *start = info->ptr; - int len = 0; + size_t len = 0; char *tmp_str = NULL; if (parse_assert_noeof(handle, info) < 0) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 427952a1..937089b2 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -137,10 +137,10 @@ typedef struct semanage_file_context_node { char *path; char *file_type; char *context; - int path_len; - int effective_len; - int type_len; - int context_len; + size_t path_len; + size_t effective_len; + size_t type_len; + size_t context_len; int meta; /* position of first meta char in path, -1 if none */ struct semanage_file_context_node *next; } semanage_file_context_node_t; @@ -514,7 +514,7 @@ const char *semanage_final_path(enum semanage_final_defs store, char *semanage_conf_path(void) { char *semanage_conf = NULL; - int len; + size_t len; struct stat sb; len = strlen(semanage_root()) + strlen(selinux_path()) + strlen(SEMANAGE_CONF_FILE); @@ -2895,7 +2895,7 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, /* parsing bits */ const char *priority_names[] = NC_SORT_NAMES; - const int priority_names_len[] = NC_SORT_NAMES_LEN; + const size_t priority_names_len[] = NC_SORT_NAMES_LEN; size_t line_len, buf_remainder, i, offset; const char *line_buf, *line_end; diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c index a64015f8..38ac72e4 100644 --- a/libsemanage/src/utilities.c +++ b/libsemanage/src/utilities.c @@ -202,9 +202,9 @@ int semanage_cmp_plist_t(const void *x, const void *y) return strcmp((*l1)->data, (*l2)->data); } -int semanage_str_count(const char *data, char what) +size_t semanage_str_count(const char *data, char what) { - int count = 0; + size_t count = 0; if (!data) return 0; @@ -219,7 +219,7 @@ int semanage_str_count(const char *data, char what) void semanage_rtrim(char *str, char trim_to) { - int len = 0; + size_t len; if (!str) return; diff --git a/libsemanage/src/utilities.h b/libsemanage/src/utilities.h index 4cc41f84..c2d484a7 100644 --- a/libsemanage/src/utilities.h +++ b/libsemanage/src/utilities.h @@ -104,7 +104,7 @@ int semanage_cmp_plist_t(const void *x, const void *y); * @param what a character * @returns the number of times the char appears in the string */ -int semanage_str_count(const char *data, char what); +size_t semanage_str_count(const char *data, char what); /** * @param - a string * @param the character to trim to From patchwork Mon Nov 11 14:16:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870841 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 60D571A08DC for ; Mon, 11 Nov 2024 14:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; cv=none; b=QsPB4PKNHk9XibUUKgNu1w09gLaCpBEAY+xgIdgZgjgh5Abm/yLufmUjLHa/4VD1SWmCRAnZA0D7lk+b1DyM6aQwXQy9QFmsCPykX+2SzXa4+Bs6Wwrwg4LuWxQb1PloAuRg3ztG20Zwm22apYqZ8aw8mQMHTCs1siASn0hbECk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; c=relaxed/simple; bh=hQPS8/VRaTkf3QeNZYyCrah3TKJ3WCU7fjZsMUxRjCY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=fHo24mPcxvxS5fJkcE0IYhs5syPRLcWOQzB3nQFelLszCG70mXobEYvycNrLxxcQIACAwKfIQGM6YAG7rv7aiOEvAxteWRnqqjgc3VWpEy20Go7zpYe28tn8pzSSHODvi6TDlCH2ox2tbERoSWJFo0GYeQ9h8I2DEgiH6a9CSdY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=ne7KxuTx; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="ne7KxuTx" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334638; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jp5dLhtsqIDDx177LRXP2FSvQsHEoQY0e3nKm7F704U=; b=ne7KxuTxT/uuSmoCvypdt6zIDSPU/dDeaIs2PqHPuEO7JT7g4CYGuGkEzX2RZcb3+/MmBW tgQZ/v3DBrSQgvBlu1EvrRpbOlhlZsF0G6erVFoDkjVyVrB37wgwHZmDYd8hQerWaQG0Oi Z4B+HojnOMkcOki5HCVWZtUQmPEAb0OnxfCjGpPcaAkcwRygX+i5AGpUvucEu/pMgrgU/y LrV+Zu0C66K/pvMhdCA4CznlCDvBq1R+YTwqUq0vBeLlNP8TQiobot996xWVQBbIeyTtx+ 5tbvIGFwIxwJqsYcduwaab8Tkt6IvJooMuSFSGTKAYVC1egXD0taSS4HSljPrw== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 32/47] libsemanage: use asprintf(3) to simplify code Date: Mon, 11 Nov 2024 15:16:51 +0100 Message-ID: <20241111141706.38039-32-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/handle.c | 26 ++-------- libsemanage/src/semanage_store.c | 86 +++++++++----------------------- 2 files changed, 28 insertions(+), 84 deletions(-) diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c index 740bc83f..2f4121db 100644 --- a/libsemanage/src/handle.c +++ b/libsemanage/src/handle.c @@ -141,16 +141,14 @@ int semanage_get_hll_compiler_path(semanage_handle_t *sh, const char *lang_ext, char **compiler_path) { - assert(sh != NULL); - assert(lang_ext != NULL); - - int i; + size_t i; int status = 0; - int num_printed = 0; - size_t len; char *compiler = NULL; char *lower_lang_ext = NULL; + assert(sh != NULL); + assert(lang_ext != NULL); + lower_lang_ext = strdup(lang_ext); if (lower_lang_ext == NULL) { ERR(sh, "Could not create copy of lang_ext. Out of memory.\n"); @@ -162,17 +160,7 @@ int semanage_get_hll_compiler_path(semanage_handle_t *sh, lower_lang_ext[i] = tolower(lower_lang_ext[i]); } - len = strlen(sh->conf->compiler_directory_path) + strlen("/") + strlen(lower_lang_ext) + 1; - - compiler = malloc(len * sizeof(*compiler)); - if (compiler == NULL) { - ERR(sh, "Error allocating space for compiler path."); - status = -1; - goto cleanup; - } - - num_printed = snprintf(compiler, len, "%s/%s", sh->conf->compiler_directory_path, lower_lang_ext); - if (num_printed < 0 || (size_t)num_printed >= len) { + if (asprintf(&compiler, "%s/%s", sh->conf->compiler_directory_path, lower_lang_ext) < 0) { ERR(sh, "Error creating compiler path."); status = -1; goto cleanup; @@ -183,10 +171,6 @@ int semanage_get_hll_compiler_path(semanage_handle_t *sh, cleanup: free(lower_lang_ext); - if (status != 0) { - free(compiler); - } - return status; } diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 937089b2..98ef2524 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -165,21 +165,17 @@ typedef struct semanage_netfilter_context_node { */ static int semanage_init_paths(const char *root) { - size_t len, prefix_len; int i; if (!root) return -1; - prefix_len = strlen(root); - for (i = 0; i < SEMANAGE_NUM_FILES; i++) { - len = (strlen(semanage_relative_files[i]) + prefix_len); - semanage_files[i] = calloc(len + 1, sizeof(char)); - if (!semanage_files[i]) + if (asprintf(&semanage_files[i], "%s%s", + root, semanage_relative_files[i]) < 0) { + semanage_files[i] = NULL; return -1; - sprintf(semanage_files[i], "%s%s", root, - semanage_relative_files[i]); + } } return 0; @@ -191,28 +187,20 @@ static int semanage_init_paths(const char *root) static int semanage_init_store_paths(const char *root) { int i, j; - size_t len; - size_t prefix_len; if (!root) return -1; - prefix_len = strlen(root); - for (i = 0; i < SEMANAGE_NUM_STORES; i++) { for (j = 0; j < SEMANAGE_STORE_NUM_PATHS; j++) { - len = prefix_len + strlen(semanage_store_paths[i]) - + strlen(semanage_sandbox_paths[j]); - semanage_paths[i][j] = calloc(len + 1, sizeof(char)); - if (!semanage_paths[i][j]) - goto cleanup; - sprintf(semanage_paths[i][j], "%s%s%s", root, - semanage_store_paths[i], - semanage_sandbox_paths[j]); + if (asprintf(&semanage_paths[i][j], "%s%s%s", + root, semanage_store_paths[i], semanage_sandbox_paths[j]) < 0) { + semanage_paths[i][j] = NULL; + return -1; + } } } - cleanup: return 0; } @@ -222,48 +210,26 @@ static int semanage_init_final(semanage_handle_t *sh, const char *prefix) assert(prefix); int status = 0; - size_t len; const char *store_path = sh->conf->store_path; - size_t store_len = strlen(store_path); /* SEMANAGE_FINAL_TMP */ - len = strlen(semanage_root()) + - strlen(prefix) + - strlen("/") + - strlen(semanage_final_prefix[SEMANAGE_FINAL_TMP]) + - store_len; - semanage_final[SEMANAGE_FINAL_TMP] = malloc(len + 1); - if (semanage_final[SEMANAGE_FINAL_TMP] == NULL) { + if (asprintf(&semanage_final[SEMANAGE_FINAL_TMP], "%s%s%s/%s", + semanage_root(), prefix, + semanage_final_prefix[SEMANAGE_FINAL_TMP], store_path) < 0) { + semanage_final[SEMANAGE_FINAL_TMP] = NULL; status = -1; goto cleanup; } - sprintf(semanage_final[SEMANAGE_FINAL_TMP], - "%s%s%s/%s", - semanage_root(), - prefix, - semanage_final_prefix[SEMANAGE_FINAL_TMP], - store_path); - /* SEMANAGE_FINAL_SELINUX */ - const char *selinux_root = selinux_path(); - len = strlen(semanage_root()) + - strlen(selinux_root) + - strlen(semanage_final_prefix[SEMANAGE_FINAL_SELINUX]) + - store_len; - semanage_final[SEMANAGE_FINAL_SELINUX] = malloc(len + 1); - if (semanage_final[SEMANAGE_FINAL_SELINUX] == NULL) { + if (asprintf(&semanage_final[SEMANAGE_FINAL_SELINUX], "%s%s%s%s", + semanage_root(), selinux_path(), + semanage_final_prefix[SEMANAGE_FINAL_SELINUX], store_path) < 0) { + semanage_final[SEMANAGE_FINAL_SELINUX] = NULL; status = -1; goto cleanup; } - sprintf(semanage_final[SEMANAGE_FINAL_SELINUX], - "%s%s%s%s", - semanage_root(), - selinux_root, - semanage_final_prefix[SEMANAGE_FINAL_SELINUX], - store_path); - cleanup: if (status != 0) { int i; @@ -386,24 +352,18 @@ static int semanage_init_final_paths(semanage_handle_t *sh) { int status = 0; int i, j; - size_t len; for (i = 0; i < SEMANAGE_FINAL_NUM; i++) { for (j = 0; j < SEMANAGE_FINAL_PATH_NUM; j++) { - len = strlen(semanage_final[i]) - + strlen(semanage_final_suffix[j]); - - semanage_final_paths[i][j] = malloc(len + 1); - if (semanage_final_paths[i][j] == NULL) { + if (asprintf(&semanage_final_paths[i][j], + "%s%s", + semanage_final[i], + semanage_final_suffix[j]) < 0) { + semanage_final_paths[i][j] = NULL; ERR(sh, "Unable to allocate space for policy final path."); status = -1; goto cleanup; - } - - sprintf(semanage_final_paths[i][j], - "%s%s", - semanage_final[i], - semanage_final_suffix[j]); + } } } From patchwork Mon Nov 11 14:16:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870837 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 60C5619CC29 for ; Mon, 11 Nov 2024 14:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; cv=none; b=q2A/oQZI1nNlagSBNuwDIO37QvYD4Bc3IrnJ3SlAUxKAohShqW81uJnCWfP4RkAIKq+eKAP5xPidH5CMky/H0mnbMtvOFp8RkiwWpNKmjgKhQFqF8cskqvdudq1bkI8okfrkjGFOxYycdDFHGdKaiwrJHUd5fO6c8t8faBaKFjw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; c=relaxed/simple; bh=fqZiJyAWqPM3AMSaj2cwuHsg5vUofSU8XyBerpvhpAM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=pSQb62mLWXwBdV70FreNUxzKHt9QjvhQIeGFfNSbAJDlpi6nzXabaUZdqSSp/p0sQK/gZh89sYcvBORBR6GMXKgfnYOsa23POdWlhes5bUdbFXmzEQJ/vNlayNn3F3TYznT4D8/ey0NR2RlXHKGORxohgCDhLPPo3iSmVlh6kME= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=drJXXdmm; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="drJXXdmm" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334639; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5VdB24ENeIT5CWWSeTC2Eg/BlcS/cKwWvX3S4SRQcjs=; b=drJXXdmmuBw7rb1sk8g6168QggGzulXHHnW3d+DGMA6GGRzP5Y6TOsZ1oOn0xHX3dJS139 B7vYQvsDK1xmt+2+sciCOgQ4vTZhFGOMHhVBhAhw1dIH894psbEEyg4fke5xEP88N32EQt jOBDkJPcguFFmkRhdcFrQy7ZpwXawadA/4ofufELR5SKfykxh+AbZDpvKbdwsFRNwIOEUu NwUVE9uK2f0PC/8UGaLiPhwsq1ncimk5W4dSJAIikl3BSzZoEh2Hd8kp708c6jonb4et5j F2zzOJjXWRzatv3R8NBtbRQ/MM2/MDgfvJjTmvdjOp4os9xjZm+BjlMUpVWOaQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 33/47] libsemanage: use size_t for hash input sizes Date: Mon, 11 Nov 2024 15:16:52 +0100 Message-ID: <20241111141706.38039-33-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche It's unlikely any input will every be bigger than 4G, but avoid any potential truncation regardless. Signed-off-by: Christian Göttsche --- libsemanage/src/modules.c | 5 +---- libsemanage/src/sha256.c | 4 ++-- libsemanage/src/sha256.h | 4 ++-- 3 files changed, 5 insertions(+), 8 deletions(-) diff --git a/libsemanage/src/modules.c b/libsemanage/src/modules.c index e6a47362..e569b98d 100644 --- a/libsemanage/src/modules.c +++ b/libsemanage/src/modules.c @@ -996,7 +996,6 @@ int semanage_module_compute_checksum(semanage_handle_t *sh, size_t *checksum_len) { semanage_module_info_t *extract_info = NULL; - Sha256Context context; SHA256_HASH sha256_hash; char *checksum_str; void *data; @@ -1018,9 +1017,7 @@ int semanage_module_compute_checksum(semanage_handle_t *sh, semanage_module_info_destroy(sh, extract_info); free(extract_info); - Sha256Initialise(&context); - Sha256Update(&context, data, data_len); - Sha256Finalise(&context, &sha256_hash); + Sha256Calculate(data, data_len, &sha256_hash); munmap(data, data_len); diff --git a/libsemanage/src/sha256.c b/libsemanage/src/sha256.c index 79664138..9daac285 100644 --- a/libsemanage/src/sha256.c +++ b/libsemanage/src/sha256.c @@ -180,7 +180,7 @@ void ( Sha256Context* Context, // [in out] void const* Buffer, // [in] - uint32_t BufferSize // [in] + size_t BufferSize // [in] ) { uint32_t n; @@ -282,7 +282,7 @@ void Sha256Calculate ( void const* Buffer, // [in] - uint32_t BufferSize, // [in] + size_t BufferSize, // [in] SHA256_HASH* Digest // [in] ) { diff --git a/libsemanage/src/sha256.h b/libsemanage/src/sha256.h index 406ed869..fbabd1f8 100644 --- a/libsemanage/src/sha256.h +++ b/libsemanage/src/sha256.h @@ -58,7 +58,7 @@ void ( Sha256Context* Context, // [in out] void const* Buffer, // [in] - uint32_t BufferSize // [in] + size_t BufferSize // [in] ); //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// @@ -84,6 +84,6 @@ void Sha256Calculate ( void const* Buffer, // [in] - uint32_t BufferSize, // [in] + size_t BufferSize, // [in] SHA256_HASH* Digest // [in] ); From patchwork Mon Nov 11 14:16:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870844 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 60CA319F422 for ; Mon, 11 Nov 2024 14:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334647; cv=none; b=YweVThH1GVv/tmwbDc0+u+XETy/rfj7Vh2zMP1aoJGNQ7izJsU+xk3ouPqpEJnMfhR2ZKSz3aKb2uj5m4Dh0juctuSDsg+vu/nu6W7cHzLuG+xrBBQ0SzpxQR17PbDqf3FpQ3Aqp0tyH46U180UBynstK/asBybHGJ+D5Dgoytk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334647; c=relaxed/simple; bh=Z9+x1NVzAAufmUTepc/LAwzRqkgrYbvHx5y25AjKa2c=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=M2bIDfEA+ENEfIA5dLpsJ/tcLRTmQ5SYAPglUUo0z4RtMfoJTjqwGCoLQQ9PxeFvZi6YKfnrM47i1EU5rdUvPTC+r+LO+1ElYiXRB0pEX2HLCOg/acfxp0ZtOPzejU0LFoyRnnmCIBcRbdGm5DKZm9pBPSoxeXi3lq/bJCWg+Ko= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=kR58ODVG; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="kR58ODVG" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334639; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=7Lo9k/ZhTAZ/EYIZJA2yr6cK46hVqanm3ERq67Q6DTs=; b=kR58ODVGhqCrguePSUOYimV8T1UFqgXqQmqFU9ruK0qdaPMj59cBg5FTZRs6tKH4awniRl nkz8joIMJWiAt4CiypYOf5ht/xfPiuqLVoTKCWTToXLo2SFHZSjPDpp3p5F7H2SUo0ZeGL ofX4fdUz2GOcUapZ1SgTVWnt3IQUv5yPA+AB5KO51mh1xpC8Fdu1kKly7uNmRfxdpRrxv0 P4dNaYc1F9sA9+vWyZIm2rJj/y67lECHNAwH9IX4yAeF2RIi4bRHF16qFpFOJWBGUkVnXq CV9zcZzQpsg3+SCnc/JUzH23oIPDAyqRIKm22XiCVUGOOITM87f9zjpcp6vzRQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 34/47] libsemanage: drop macros used once Date: Mon, 11 Nov 2024 15:16:53 +0100 Message-ID: <20241111141706.38039-34-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/utilities.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c index 38ac72e4..9df7b9c1 100644 --- a/libsemanage/src/utilities.c +++ b/libsemanage/src/utilities.c @@ -28,9 +28,6 @@ #include #include -#define TRUE 1 -#define FALSE 0 - char *semanage_findval(const char *file, const char *var, const char *delim) { FILE *fd; @@ -61,10 +58,10 @@ char *semanage_findval(const char *file, const char *var, const char *delim) int semanage_is_prefix(const char *str, const char *prefix) { if (!str) { - return FALSE; + return 0; } if (!prefix) { - return TRUE; + return 1; } return strncmp(str, prefix, strlen(prefix)) == 0; From patchwork Mon Nov 11 14:16:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870839 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 60D0D1A00D6 for ; Mon, 11 Nov 2024 14:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; cv=none; b=ruWcOuqTj0ADvXeMW390bRLDzeVCxbaQOi9u3W9FBncE4s4Ze1lwE2vglJsn1nUJ/MkvL8ukO56lE1FRBLCEUuf8BL9ghQhpmF+dbw3g5Idpoi1+0oAFPS1EC3gUj2Dfjs+Xgdtats2Rg6c1g3iL+UweWgp63CdMUEMw2pHQNcg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; c=relaxed/simple; bh=L8IGVhYD8htZLNR23bfoQsBM7vC26Vt2xwSuTv6++Hg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=g/4ljqpuh5cl/2GllbYW712TNbpDlrL2uuu3g2cbmaDkk6ETmXGw6K8ksfsWWqd5kTKFWp1gv9xtyyBOwkKRWdpltX/4e5ouE1/CUaeydlOsku+gNDssWiXRbpWqQhcenO6POigaI8+ZEKh59CsfEu8EovP7BYakNh/m5dGTM5A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=VmGCUwFf; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="VmGCUwFf" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334639; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Ptn2dur4Spw/kDJiK3uMrF0jJ9/x1YjXh1diV/fmzwg=; b=VmGCUwFf3rPR8hzZlWZ9W0ybe0Jsx6obEKE2lSno0WAbl6UZuUQOEofNVmlmyBn0MVUDk/ bY7w2vgK1jeecv4bDfrbftai6ZXzWBOaOhODoenPDZ0ExAntUT+RpG+Fjpe2YKR0oRdmgN t1I3zHVn4hRC5qzEHY3LQx7aYTVCuJLEagC5OzjpkkscFCbu2E+ydC/vq3/1VFOyoC479o XoEDD+Wgu6GTMjNKyPjbP6H1dUlKHvhdLkxF1qC8vx96jxyEZzKus22WTj8hmBF/C/AyRO hhDpK3eSlSVTbmTf1HIp0yU3v4Oa1DXEdzbbhgMmZKkGqnMyW8meCrbAp3Z3JQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 35/47] libsemanage: handle shell allocation failure Date: Mon, 11 Nov 2024 15:16:54 +0100 Message-ID: <20241111141706.38039-35-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Return failure instead of silently using a fallback. Signed-off-by: Christian Göttsche --- libsemanage/src/genhomedircon.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 53673645..c38d284b 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -228,7 +228,7 @@ static semanage_list_t *get_shell_list(void) free(temp); semanage_list_destroy(&list); fclose(shells); - return default_shell_list(); + return NULL; } } } @@ -333,7 +333,10 @@ static semanage_list_t *get_home_dirs(genhomedircon_settings_t * s) return homedir_list; shells = get_shell_list(); - assert(shells); + if (!shells) { + ERR(s->h_semanage, "Allocation failure!"); + goto fail; + } path = semanage_findval(PATH_ETC_LOGIN_DEFS, "UID_MIN", NULL); if (path && *path) { From patchwork Mon Nov 11 14:16:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870836 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 720221A0AE1 for ; Mon, 11 Nov 2024 14:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; cv=none; b=rNqkWGUPDjZ/Q4HCEuuBNqPxqjcL7qWavoPjuT0zppQQvtU/loji8MRGW8o2682gMgNUJNyckCHz62E+1iYwxxq14o7NbQ/sv4AbXbKFaEsTOGezwa0qcvP8nyLltVLlqWVrq78C8x218EvzCYPQQ4KXNsz6go3tXsU3DkG+7ik= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; c=relaxed/simple; bh=jy+4uu56ZBI6LRSQoWPHTUp6FhM0zJqVSnWLUB2nPQs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=sxkXBBPnWtdBzgd3t5Eo+IQ7fB7abjfFi9D/28mJ7GQxKuRZRemVwQ9dZMCXGGiTO56C/W41HrmQXQJ8OUy/Vgi3NjIad5uUcqZ/LfXukNJyH2104Q6iTDClBOLmThJGor5f2G47TImYxKhDlBHft5p6zcnBQj7yR7pP2Y0TMgY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=Q4dp2XWo; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="Q4dp2XWo" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334639; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rmjhc1yB/zOEuR/UGia49sz1OrD+jjjZCThVRbuDBfo=; b=Q4dp2XWoEpDGg7PXiLQwo/sFfeAN909/XEepPHJb4BlbFgVVdp+psnrRotvLk1WZVo3B3W 7ZWTXZwM15dOqlKoIf7EqhUBDxsUzwc58D4j7Rcb44oQLG0KX81e4OkxAPPCDRopGi16eI UXXMW+9JeF8+Ryokq7AAGTBBOKjksjqv7zIWMULAW2c03iG5K9sXH4p8XUcZeQLLXlhvwi bFT0OXV00MLRrTnSPG501UualbUzhAQ4ae5Leb/YorEzjDLf0Cn7TYmNmn0ZECIxIcdIdV SOvZ8L+7N3DXNGvhq5/pdDej0UWlfV5Dn3H1T7pXThyx8AIbtG34dzwGfydjzw== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 36/47] libsemanage: drop dead code Date: Mon, 11 Nov 2024 15:16:55 +0100 Message-ID: <20241111141706.38039-36-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche The variable num_modules is already been dereferenced before the NULL check, and also the code is identical for each condition outcome. Signed-off-by: Christian Göttsche --- libsemanage/src/direct_api.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index 3b2ab449..b10e5c8f 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -1958,11 +1958,6 @@ static int semanage_direct_list(semanage_handle_t * sh, goto cleanup; } - if (num_modules == 0) { - retval = semanage_direct_get_serial(sh); - goto cleanup; - } - retval = semanage_direct_get_serial(sh); cleanup: From patchwork Mon Nov 11 14:16:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870835 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D00D119F40B for ; Mon, 11 Nov 2024 14:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; cv=none; b=cF3KDxrA2tHlgsVujQsEnOoOhPZh9pgCr5rdw9RlSAt2f0L4Y5+ciajIf1UkpZIwF95dbSHWqjt2liidl3ZRe1b8EyOPSHjVivZiJhuLZupaw6SSB0nYgAlwrep0x7z93Kk9S20HNeVY460sQH2QOki5t/nmzaMboyS1YY5/1Kc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; c=relaxed/simple; bh=Ew9T5vXFjGUbOfAcrJKejQe8vq4fj/cuGNmDS+zuZKE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=WqiTBS7SRcs7HhzhTYjq2nv0hmO6cpV/n7MQb3jSNnX14RAoHA15rXhSGRsW3ijLpRTaM/Ne1OZ9ci5vnd5wd4ekyYb+R08wQ0Wr9ArwPZuihs5PKRSy1PS8S8cabF2ff8mGiH05e9i0krLDO2oM9KVLw+Cesw1v8iHt4qAU230= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=X1lEeh2G; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="X1lEeh2G" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334639; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=K3AzfBnbeSKlt8eXAwPxGIEqw+5cF/4EyhUIt/fuX4k=; b=X1lEeh2GFMH0cGRJwbfiKVX6JgXhtiscR5/GTG/gloGUC0ztqbDZFlCb/6Xfizv+8ixjlj mrmpt3GvKJr2VuyY7JqGrSBH4A+jbVLJToTZFJ0raiafjVeRiax2yJe4u+0L+nSKtTAKva wrcboQaROvDRwmtWR207wZXMrIf9/yatVKwRDF/TidgL1jCvBFWwMwT/4zDA1nAsZlr3HT vuaP2gffPpHPzkNEeV8YIytnoZbtagRNcnvoG9Emj+ft6+xwGM71tz91pmGcHh5wxxVohX ZH3D/3+Kau1BQh+gM48OS4ZVNzc+aWzA0TZzgpW8It9SCxLlb2JwhdfXqkxOjQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 37/47] libsemanage: preserve errno during internal logging Date: Mon, 11 Nov 2024 15:16:56 +0100 Message-ID: <20241111141706.38039-37-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Signed-off-by: Christian Göttsche --- libsemanage/src/debug.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/libsemanage/src/debug.h b/libsemanage/src/debug.h index a18a95be..506b9db0 100644 --- a/libsemanage/src/debug.h +++ b/libsemanage/src/debug.h @@ -23,6 +23,7 @@ #ifndef _SEMANAGE_INTERNAL_DEBUG_H_ #define _SEMANAGE_INTERNAL_DEBUG_H_ +#include #include #include #include @@ -36,6 +37,8 @@ channel_arg, func_arg, ...) do { \ \ if ((handle_arg)->msg_callback) { \ + int errsv__ = errno; \ + \ (handle_arg)->msg_fname = func_arg; \ (handle_arg)->msg_channel = channel_arg; \ (handle_arg)->msg_level = level_arg; \ @@ -43,6 +46,8 @@ (handle_arg)->msg_callback( \ (handle_arg)->msg_callback_arg, \ handle_arg, __VA_ARGS__); \ + \ + errno = errsv__; \ } \ } while(0) From patchwork Mon Nov 11 14:16:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870840 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E31E21A0AFA for ; Mon, 11 Nov 2024 14:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; cv=none; b=DvmAKBrM9mb6tP2s81AXa558xa4MZFJo3//wb5f1n7qe7/CUEF+XWMQV4mUTL7Ygm4pR/GQBpmXbxYDoK1YihLkkt+qTyhBS/tJwcTF0O6mre8TgcODlLDuK0HWIuhBUHmkSdVhby3LwxD6bmex0uDFvfNNgVJiJJSpS4PgJTeQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334646; c=relaxed/simple; bh=U4G+mP2sCgHQb1JFYaCWdEf/uSv7HUjJY6PU+8KIjg4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=WF7fxYHyO1CssN6mFSpRwpgRfH84MTRJUTwdpqFvvir4wL5KdqWFdhuGnSWubNplEam3cRnLoAL1335CsBNzETdndKFsA9dfj9d909Ooh7g/TUgbwA+CxnNQcJHAvsuSJnvOqyG0w+zxCqh+d+fR/o/skaNPCS1R44Yk5jLTZho= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=CW30iPxQ; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="CW30iPxQ" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334640; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vjl50UKi5rhHt01L3BdcEnxDOBWRdPK/I3dGhkS4keE=; b=CW30iPxQsDdkMN5p/w2+BEsN8XIJFMbRKKnqvJbrNE69JAsC1zWq+h1DeEV5lqW/v0gDxI x+tszJakY/45NNPKgU8H3cuBjRPm3Bv68s+u/wUhxzmewMZa3uOJGiKv6XfJ1KjX6t4vFj /8dkUEwo1Uw47yHulvA+t7naUZTz3okvdmW806DBZnGlUsOFbUxHQjJYi40N9JDAoAY/Te wmiKPLeJMH6UkI30foCSsvbJOJBld9UYDzG7UrufenAzsbWFqOhdJf78LcpEjxyTw8ULLC tWp+GAZqUdbfrT21Vv/Ih4E4F47Z1IKutNs2seeZRt4tmlcjmhMvr4o5uTFgcA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 38/47] libsemanage: avoid strerror(3) Date: Mon, 11 Nov 2024 15:16:57 +0100 Message-ID: <20241111141706.38039-38-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Use the %m printf modifier to format errno in a thread safe way. Signed-off-by: Christian Göttsche --- libsemanage/src/debug.c | 6 ++++-- libsemanage/src/semanage_store.c | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/libsemanage/src/debug.c b/libsemanage/src/debug.c index 1e375694..a2708279 100644 --- a/libsemanage/src/debug.c +++ b/libsemanage/src/debug.c @@ -79,8 +79,10 @@ void semanage_msg_default_handler(void *varg __attribute__ ((unused)), vfprintf(stream, fmt, ap); va_end(ap); - if (errsv && errsv != ENOMEM) - fprintf(stream, " (%s).", strerror(errsv)); + if (errsv && errsv != ENOMEM) { + errno = errsv; + fprintf(stream, " (%m)."); + } fprintf(stream, "\n"); } diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 98ef2524..68bc8c41 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -739,8 +739,8 @@ static int semanage_rename(semanage_handle_t * sh, const char *src, const char * return retval; /* we can't use rename() due to filesystem limitation, lets try to copy files manually */ - WARN(sh, "WARNING: rename(%s, %s) failed: %s, fall back to non-atomic semanage_copy_dir_flags()", - src, dst, strerror(errno)); + WARN(sh, "WARNING: rename(%s, %s) failed: %m, fall back to non-atomic semanage_copy_dir_flags()", + src, dst); if (semanage_copy_dir_flags(src, dst, 1) == -1) { return -1; } From patchwork Mon Nov 11 14:16:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870849 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E32591A0AFB for ; Mon, 11 Nov 2024 14:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334648; cv=none; b=LWY75HlaYz+ok5IyutUyRdXFFjQgRbwDZeUigsE9vn1jADjU3LJoZuafIuedvfsoVy5ZDoqMyeQ5JRwucCpRbecYPX5zkKeliRg4pQaQsloOkbqgZgsjHKzvtTVorFe3x+t9bPbTmgfiH74yCRGpZu5wfPpk3j9ILWPsR47yp1s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334648; c=relaxed/simple; bh=o3KrUK6aW+v016qS7aEi7It8VBXwDNfEeopZlhR44vM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=oOEWnVwyw2YvV4X9wOjpp87E3Au2bxMv1RESqPbt63n5RT+8TBn1Wwt7SLyU7r5kXwijlGq4ybsdKdjwlIx1z/Z65/6VSu87uSLj9xiruhQi5FyM39qbyFQ0G+i2cYUQkCJyVCV2tyh7pUYbWrFAV/opG4ELk6/NIIV7O3cBs8k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=dXLePPcU; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="dXLePPcU" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334640; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=KXVFez3Q0O+ZX/hnSaqWVigvr4yWb/g2D8IoYp4pVss=; b=dXLePPcUojyvf3jHldvdyR/bNzEb84QKhBrpK2uDJEVo5SuqddMQVqDSRXkt3bwbZ8sYHZ ylEChAQutUNGUQY+FVl2tXTEcJsV6aJfCV5V9xBjeWluZLn0BlwlKkHZJSzR8/9k9Bjp6f EuDGWoSAJMNXbZnmKP2IDP/LgTUCA6sC5mLPKLQQJLNbfqSDEb6RM9Zo7tscBbMe/y4QDn DHuXO65Te5+KyAR+JKX9Nt5XgdAonndjwRor1kKm/+lZYbUxz5WSzKpoAv2bYXNos9sxgj /Z/Ob/mlfFR29wCFVwijERM7XmsNUJ+us8ZJi87rvufxuIW1w00kYc1c6isqOQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 39/47] libsemanage: avoid writing directly to stderr Date: Mon, 11 Nov 2024 15:16:58 +0100 Message-ID: <20241111141706.38039-39-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche The client application might have redirected the error output via semanage_msg_set_callback(3), so use the logging macros. Signed-off-by: Christian Göttsche --- libsemanage/src/direct_api.c | 17 ++++++------ libsemanage/src/semanage_store.c | 44 ++++++++++++++++---------------- libsemanage/src/semanage_store.h | 6 ++--- 3 files changed, 34 insertions(+), 33 deletions(-) diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index b10e5c8f..d9cefff5 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -1135,8 +1135,8 @@ static const int semanage_computed_files[] = { /* Copies a file from src to dst. If dst already exists then * overwrite it. If source doesn't exist then return success. * Returns 0 on success, -1 on error. */ -static int copy_file_if_exists(const char *src, const char *dst, mode_t mode){ - int rc = semanage_copy_file(src, dst, mode, false); +static int copy_file_if_exists(semanage_handle_t *sh, const char *src, const char *dst, mode_t mode){ + int rc = semanage_copy_file(sh, src, dst, mode, false); return (rc < 0 && errno != ENOENT) ? rc : 0; } @@ -1432,7 +1432,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) path = semanage_path(SEMANAGE_TMP, SEMANAGE_SEUSERS_LINKED); if (stat(path, &sb) == 0) { - retval = semanage_copy_file(path, + retval = semanage_copy_file(sh, path, semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS), 0, false); @@ -1450,7 +1450,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) path = semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA_LINKED); if (stat(path, &sb) == 0) { - retval = semanage_copy_file(path, + retval = semanage_copy_file(sh, path, semanage_path(SEMANAGE_TMP, SEMANAGE_USERS_EXTRA), 0, false); @@ -1559,28 +1559,28 @@ static int semanage_direct_commit(semanage_handle_t * sh) if (retval < 0) goto cleanup; - retval = semanage_copy_file(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), + retval = semanage_copy_file(sh, semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_KERNEL), semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_KERNEL), sh->conf->file_mode, false); if (retval < 0) { goto cleanup; } - retval = copy_file_if_exists(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL), + retval = copy_file_if_exists(sh, semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_LOCAL), semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL), sh->conf->file_mode); if (retval < 0) { goto cleanup; } - retval = copy_file_if_exists(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC), + retval = copy_file_if_exists(sh, semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC), semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC), sh->conf->file_mode); if (retval < 0) { goto cleanup; } - retval = copy_file_if_exists(semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS), + retval = copy_file_if_exists(sh, semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_SEUSERS), semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_SEUSERS), sh->conf->file_mode); if (retval < 0) { @@ -1598,6 +1598,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) } /* file_contexts.homedirs was created in SEMANAGE_TMP store */ retval = semanage_copy_file( + sh, semanage_path(SEMANAGE_TMP, SEMANAGE_STORE_FC_HOMEDIRS), semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_HOMEDIRS), sh->conf->file_mode, false); diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 68bc8c41..47205148 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -656,7 +656,7 @@ int semanage_store_access_check(void) /********************* other I/O functions *********************/ -static int semanage_copy_dir_flags(const char *src, const char *dst, int flag); +static int semanage_copy_dir_flags(semanage_handle_t * sh, const char *src, const char *dst, int flag); /* Callback used by scandir() to select files. */ static int semanage_filename_select(const struct dirent *d) @@ -670,8 +670,8 @@ static int semanage_filename_select(const struct dirent *d) /* Copies a file from src to dst. If dst already exists then * overwrite it. Returns 0 on success, -1 on error. */ -int semanage_copy_file(const char *src, const char *dst, mode_t mode, - bool syncrequired) +int semanage_copy_file(semanage_handle_t *sh, const char *src, const char *dst, + mode_t mode, bool syncrequired) { int in, out, retval = 0, amount_read, n, errsv = errno; char tmp[PATH_MAX]; @@ -725,7 +725,7 @@ int semanage_copy_file(const char *src, const char *dst, mode_t mode, if (!retval && rename(tmp, dst) == -1) return -1; - semanage_setfiles(dst); + semanage_setfiles(sh, dst); out: errno = errsv; return retval; @@ -741,7 +741,7 @@ static int semanage_rename(semanage_handle_t * sh, const char *src, const char * /* we can't use rename() due to filesystem limitation, lets try to copy files manually */ WARN(sh, "WARNING: rename(%s, %s) failed: %m, fall back to non-atomic semanage_copy_dir_flags()", src, dst); - if (semanage_copy_dir_flags(src, dst, 1) == -1) { + if (semanage_copy_dir_flags(sh, src, dst, 1) == -1) { return -1; } return semanage_remove_directory(src); @@ -749,15 +749,15 @@ static int semanage_rename(semanage_handle_t * sh, const char *src, const char * /* Copies all of the files from src to dst, recursing into * subdirectories. Returns 0 on success, -1 on error. */ -static int semanage_copy_dir(const char *src, const char *dst) +static int semanage_copy_dir(semanage_handle_t * sh, const char *src, const char *dst) { - return semanage_copy_dir_flags(src, dst, 1); + return semanage_copy_dir_flags(sh, src, dst, 1); } /* Copies all of the dirs from src to dst, recursing into * subdirectories. If flag == 1, then copy regular files as * well. Returns 0 on success, -1 on error. */ -static int semanage_copy_dir_flags(const char *src, const char *dst, int flag) +static int semanage_copy_dir_flags(semanage_handle_t * sh, const char *src, const char *dst, int flag) { int i, len = 0, rc, retval = -1; struct stat sb; @@ -766,7 +766,7 @@ static int semanage_copy_dir_flags(const char *src, const char *dst, int flag) mode_t mask; if ((len = scandir(src, &names, semanage_filename_select, NULL)) == -1) { - fprintf(stderr, "Could not read the contents of %s: %s\n", src, strerror(errno)); + ERR(sh, "Could not read the contents of %s.", src); return -1; } @@ -774,12 +774,12 @@ static int semanage_copy_dir_flags(const char *src, const char *dst, int flag) mask = umask(0077); if (mkdir(dst, S_IRWXU) != 0) { umask(mask); - fprintf(stderr, "Could not create %s: %s\n", dst, strerror(errno)); + ERR(sh, "Could not create %s.", dst); goto cleanup; } umask(mask); - semanage_setfiles(dst); + semanage_setfiles(sh, dst); } for (i = 0; i < len; i++) { @@ -801,15 +801,15 @@ static int semanage_copy_dir_flags(const char *src, const char *dst, int flag) if (S_ISDIR(sb.st_mode)) { mask = umask(0077); if (mkdir(path2, 0700) == -1 || - semanage_copy_dir_flags(path, path2, flag) == -1) { + semanage_copy_dir_flags(sh, path, path2, flag) == -1) { umask(mask); goto cleanup; } umask(mask); - semanage_setfiles(path2); + semanage_setfiles(sh, path2); } else if (S_ISREG(sb.st_mode) && flag == 1) { mask = umask(0077); - if (semanage_copy_file(path, path2, sb.st_mode, + if (semanage_copy_file(sh, path, path2, sb.st_mode, false) < 0) { umask(mask); goto cleanup; @@ -912,7 +912,7 @@ int semanage_mkdir(semanage_handle_t *sh, const char *path) } umask(mask); - semanage_setfiles(path); + semanage_setfiles(sh, path); } else { /* check that it really is a directory */ @@ -956,7 +956,7 @@ int semanage_make_sandbox(semanage_handle_t * sh) mask = umask(0077); if (mkdir(sandbox, S_IRWXU) == -1 || - semanage_copy_dir(semanage_path(SEMANAGE_ACTIVE, SEMANAGE_TOPLEVEL), + semanage_copy_dir(sh, semanage_path(SEMANAGE_ACTIVE, SEMANAGE_TOPLEVEL), sandbox) == -1) { umask(mask); ERR(sh, "Could not copy files to sandbox %s.", sandbox); @@ -1589,19 +1589,19 @@ static int semanage_validate_and_compile_fcontexts(semanage_handle_t * sh) semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC)) != 0) { goto cleanup; } - semanage_setfiles(semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_BIN)); + semanage_setfiles(sh, semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_BIN)); if (sefcontext_compile(sh, semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL)) != 0) { goto cleanup; } - semanage_setfiles(semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL_BIN)); + semanage_setfiles(sh, semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_LOCAL_BIN)); if (sefcontext_compile(sh, semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_HOMEDIRS)) != 0) { goto cleanup; } - semanage_setfiles(semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_HOMEDIRS_BIN)); + semanage_setfiles(sh, semanage_final_path(SEMANAGE_FINAL_TMP, SEMANAGE_FC_HOMEDIRS_BIN)); status = 0; cleanup: @@ -1646,7 +1646,7 @@ static int semanage_install_final_tmp(semanage_handle_t * sh) goto cleanup; } - ret = semanage_copy_file(src, dst, sh->conf->file_mode, + ret = semanage_copy_file(sh, src, dst, sh->conf->file_mode, true); if (ret < 0) { ERR(sh, "Could not copy %s to %s.", src, dst); @@ -2996,7 +2996,7 @@ int semanage_nc_sort(semanage_handle_t * sh, const char *buf, size_t buf_len, /* Make sure the file context and ownership of files in the policy * store does not change */ -void semanage_setfiles(const char *path){ +void semanage_setfiles(semanage_handle_t * sh, const char *path){ struct stat sb; int fd; /* Fix the user and role portions of the context, ignore errors @@ -3011,7 +3011,7 @@ void semanage_setfiles(const char *path){ !(S_ISREG(sb.st_mode) && (sb.st_mode & (S_ISUID | S_ISGID))) && (fchown(fd, 0, 0) == -1)) - fprintf(stderr, "Warning! Could not set ownership of %s to root\n", path); + ERR(sh, "Warning! Could not set ownership of %s to root", path); close(fd); } diff --git a/libsemanage/src/semanage_store.h b/libsemanage/src/semanage_store.h index e21dadeb..d9b116e2 100644 --- a/libsemanage/src/semanage_store.h +++ b/libsemanage/src/semanage_store.h @@ -124,7 +124,7 @@ int semanage_get_cil_paths(semanage_handle_t * sh, semanage_module_info_t *modin int semanage_get_active_modules(semanage_handle_t *sh, semanage_module_info_t **modinfo, int *num_modules); -void semanage_setfiles(const char *path); +void semanage_setfiles(semanage_handle_t * sh, const char *path); /* lock file routines */ int semanage_get_trans_lock(semanage_handle_t * sh); @@ -165,7 +165,7 @@ int semanage_nc_sort(semanage_handle_t * sh, size_t buf_len, char **sorted_buf, size_t * sorted_buf_len); -int semanage_copy_file(const char *src, const char *dst, mode_t mode, - bool syncrequired); +int semanage_copy_file(semanage_handle_t * sh, const char *src, const char *dst, + mode_t mode, bool syncrequired); #endif From patchwork Mon Nov 11 14:16:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870848 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 46F2A19F429 for ; Mon, 11 Nov 2024 14:17:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334648; cv=none; b=lKUWQY0Pfin6J07K19CPsutRDKKxdoFxw1K4JjVHQ3wvHEhJap3FZG3CsbMdRXDeYe407G152nvxXpZhwnf+dM4o5MhQafuOGl9kHi1TiHWVN/4hJVpc1NA2L6qgyYO0r09QMqfWzSDiu9sDJtDK5H+xR8EHCYhUtubXRsR/enM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334648; c=relaxed/simple; bh=NySY40SmddbEKKdDUYSohP41eGc0VK2XFKfxJVa4Dcs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=m7EdMxAhBFKZ10wPQCCcn8IIGdNpxsZP7JUbafnb59cSqoLDVm6BHwG4shbI4/MHczrNHyuo4tlzoaibG1Rp8z21fzba86tsbScAa1axZT/tx7m6sd/6cffv+fkM0HPYiQZXmnDEQhYo5WNdZsi8+iljCn3yTphSKSUXcRqnASU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=Lvr3rmrU; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="Lvr3rmrU" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334640; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mcowrvyAF6lT2FWSYYYfxvxsvSsilhGRqia4somMHDU=; b=Lvr3rmrU8yCmJSeHy/k5/dKcsM2mAGf25+3ZT4uSyKVIL1XDj/V8leYbdGDJe3FL08aKv+ ueXlNz91HQ8AAay7cWZtVXf/EkIONUr1LC3Cj11DayF2CVXPOxSeVFrOnRl/QjpJGhGc3/ On7ZXgiFGVAQG5aQOKR7/ekYRTMNtXPIKca0eiUDwSaybVZst6FH40pNyIz+Bs5Y/kExFu V3BW0czMGyC+DQ7VCOfx1uwDIZLDhXz7gvB23T5ysBvVHV6uyFoaJ4xEdrPmR9t0rohIYn 1Qc5bEPCjL/NB8/pFr0ftfGOg1z5ddGrQpNIFIiL5TbggGb+yPxQqECa4KghSw== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 40/47] libsemanage: drop duplicate newlines and error descriptions in error messages Date: Mon, 11 Nov 2024 15:16:59 +0100 Message-ID: <20241111141706.38039-40-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche The ERR macro already appends the errno description and a trailing newline. Signed-off-by: Christian Göttsche --- libsemanage/src/compressed_file.c | 4 +- libsemanage/src/database_file.c | 4 +- libsemanage/src/database_policydb.c | 4 +- libsemanage/src/direct_api.c | 100 +++++++++++++--------------- libsemanage/src/genhomedircon.c | 2 +- libsemanage/src/handle.c | 2 +- libsemanage/src/parse_utils.c | 4 +- libsemanage/src/semanage_store.c | 6 +- 8 files changed, 61 insertions(+), 65 deletions(-) diff --git a/libsemanage/src/compressed_file.c b/libsemanage/src/compressed_file.c index e4a1efb0..4fa5b3e0 100644 --- a/libsemanage/src/compressed_file.c +++ b/libsemanage/src/compressed_file.c @@ -179,13 +179,13 @@ int map_compressed_file(semanage_handle_t *sh, const char *path, fd = open(path, O_RDONLY | O_CLOEXEC); if (fd == -1) { - ERR(sh, "Unable to open %s\n", path); + ERR(sh, "Unable to open %s.", path); return -1; } file = fdopen(fd, "r"); if (file == NULL) { - ERR(sh, "Unable to open %s\n", path); + ERR(sh, "Unable to open %s.", path); close(fd); return -1; } diff --git a/libsemanage/src/database_file.c b/libsemanage/src/database_file.c index a54c5aee..47814254 100644 --- a/libsemanage/src/database_file.c +++ b/libsemanage/src/database_file.c @@ -130,8 +130,8 @@ static int dbase_file_flush(semanage_handle_t * handle, dbase_file_t * dbase) str = fopen(fname, "we"); umask(mask); if (!str) { - ERR(handle, "could not open %s for writing: %s", - fname, strerror(errno)); + ERR(handle, "could not open %s for writing", + fname); goto err; } __fsetlocking(str, FSETLOCKING_BYCALLER); diff --git a/libsemanage/src/database_policydb.c b/libsemanage/src/database_policydb.c index 62467d15..3c346ad7 100644 --- a/libsemanage/src/database_policydb.c +++ b/libsemanage/src/database_policydb.c @@ -113,8 +113,8 @@ static int dbase_policydb_cache(semanage_handle_t * handle, * ENOENT is not fatal - we just create an empty policydb */ fp = fopen(fname, "rbe"); if (fp == NULL && errno != ENOENT) { - ERR(handle, "could not open %s for reading: %s", - fname, strerror(errno)); + ERR(handle, "could not open %s for reading", + fname); goto err; } diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index d9cefff5..b6aff8ca 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -313,7 +313,7 @@ int semanage_direct_connect(semanage_handle_t * sh) /* The file does not exist */ sepol_set_disable_dontaudit(sh->sepolh, 0); } else { - ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); + ERR(sh, "Unable to access %s.", path); goto err; } @@ -592,7 +592,7 @@ static int read_from_pipe_to_data(semanage_handle_t *sh, size_t initial_len, int } data_read = malloc(max_len * sizeof(*data_read)); if (data_read == NULL) { - ERR(sh, "Failed to malloc, out of memory.\n"); + ERR(sh, "Failed to malloc, out of memory."); return -1; } @@ -604,7 +604,7 @@ static int read_from_pipe_to_data(semanage_handle_t *sh, size_t initial_len, int max_len *= 2; tmp = realloc(data_read, max_len); if (tmp == NULL) { - ERR(sh, "Failed to realloc, out of memory.\n"); + ERR(sh, "Failed to realloc, out of memory."); free(data_read); return -1; } @@ -646,93 +646,93 @@ static int semanage_pipe_data(semanage_handle_t *sh, const char *path, const cha retval = pipe2(input_fd, O_CLOEXEC); if (retval == -1) { - ERR(sh, "Unable to create pipe for input pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to create pipe for input pipe."); goto cleanup; } retval = pipe2(output_fd, O_CLOEXEC); if (retval == -1) { - ERR(sh, "Unable to create pipe for output pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to create pipe for output pipe."); goto cleanup; } retval = pipe2(err_fd, O_CLOEXEC); if (retval == -1) { - ERR(sh, "Unable to create pipe for error pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to create pipe for error pipe."); goto cleanup; } pid = fork(); if (pid == -1) { - ERR(sh, "Unable to fork from parent: %s.", strerror(errno)); + ERR(sh, "Unable to fork from parent."); retval = -1; goto cleanup; } else if (pid == 0) { retval = dup2(input_fd[PIPE_READ], STDIN_FILENO); if (retval == -1) { - ERR(sh, "Unable to dup2 input pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to dup2 input pipe."); goto cleanup; } retval = dup2(output_fd[PIPE_WRITE], STDOUT_FILENO); if (retval == -1) { - ERR(sh, "Unable to dup2 output pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to dup2 output pipe."); goto cleanup; } retval = dup2(err_fd[PIPE_WRITE], STDERR_FILENO); if (retval == -1) { - ERR(sh, "Unable to dup2 error pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to dup2 error pipe."); goto cleanup; } retval = close(input_fd[PIPE_WRITE]); if (retval == -1) { - ERR(sh, "Unable to close input pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to close input pipe."); goto cleanup; } retval = close(output_fd[PIPE_READ]); if (retval == -1) { - ERR(sh, "Unable to close output pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to close output pipe."); goto cleanup; } retval = close(err_fd[PIPE_READ]); if (retval == -1) { - ERR(sh, "Unable to close error pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to close error pipe."); goto cleanup; } retval = execl(path, path, NULL); if (retval == -1) { - ERR(sh, "Unable to execute %s : %s\n", path, strerror(errno)); + ERR(sh, "Unable to execute %s.", path); _exit(EXIT_FAILURE); } } else { retval = close(input_fd[PIPE_READ]); input_fd[PIPE_READ] = -1; if (retval == -1) { - ERR(sh, "Unable to close read end of input pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to close read end of input pipe."); goto cleanup; } retval = close(output_fd[PIPE_WRITE]); output_fd[PIPE_WRITE] = -1; if (retval == -1) { - ERR(sh, "Unable to close write end of output pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to close write end of output pipe."); goto cleanup; } retval = close(err_fd[PIPE_WRITE]); err_fd[PIPE_WRITE] = -1; if (retval == -1) { - ERR(sh, "Unable to close write end of error pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to close write end of error pipe."); goto cleanup; } retval = write_full(input_fd[PIPE_WRITE], in_data, in_data_len); if (retval == -1) { - ERR(sh, "Failed to write data to input pipe: %s\n", strerror(errno)); + ERR(sh, "Failed to write data to input pipe."); goto cleanup; } retval = close(input_fd[PIPE_WRITE]); input_fd[PIPE_WRITE] = -1; if (retval == -1) { - ERR(sh, "Unable to close write end of input pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to close write end of input pipe."); goto cleanup; } @@ -744,7 +744,7 @@ static int semanage_pipe_data(semanage_handle_t *sh, const char *path, const cha retval = close(output_fd[PIPE_READ]); output_fd[PIPE_READ] = -1; if (retval == -1) { - ERR(sh, "Unable to close read end of output pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to close read end of output pipe."); goto cleanup; } @@ -756,7 +756,7 @@ static int semanage_pipe_data(semanage_handle_t *sh, const char *path, const cha retval = close(err_fd[PIPE_READ]); err_fd[PIPE_READ] = -1; if (retval == -1) { - ERR(sh, "Unable to close read end of error pipe: %s\n", strerror(errno)); + ERR(sh, "Unable to close read end of error pipe."); goto cleanup; } @@ -923,7 +923,7 @@ static int semanage_compile_module(semanage_handle_t *sh, status = map_compressed_file(sh, hll_path, &hll_contents); if (status < 0) { - ERR(sh, "Unable to read file %s\n", hll_path); + ERR(sh, "Unable to read file %s.", hll_path); goto cleanup; } @@ -933,16 +933,13 @@ static int semanage_compile_module(semanage_handle_t *sh, if (err_data_len > 0) { for (start = end = err_data; end < err_data + err_data_len; end++) { if (*end == '\n') { - fprintf(stderr, "%s: ", modinfo->name); - fwrite(start, 1, end - start + 1, stderr); + ERR(sh, "%s: %.*s.", modinfo->name, (int)(end - start + 1), start); start = end + 1; } } if (end != start) { - fprintf(stderr, "%s: ", modinfo->name); - fwrite(start, 1, end - start, stderr); - fprintf(stderr, "\n"); + ERR(sh, "%s: %.*s.", modinfo->name, (int)(end - start), start); } } if (status != 0) { @@ -956,14 +953,14 @@ static int semanage_compile_module(semanage_handle_t *sh, status = write_compressed_file(sh, cil_path, cil_data, cil_data_len); if (status == -1) { - ERR(sh, "Failed to write %s\n", cil_path); + ERR(sh, "Failed to write %s.", cil_path); goto cleanup; } if (sh->conf->remove_hll == 1) { status = unlink(hll_path); if (status != 0) { - ERR(sh, "Error while removing HLL file %s: %s", hll_path, strerror(errno)); + ERR(sh, "Error while removing HLL file %s.", hll_path); goto cleanup; } @@ -1054,8 +1051,7 @@ static int semanage_compile_hll_modules(semanage_handle_t *sh, unmap_compressed_file(&contents); continue; } else if (errno != ENOENT) { - ERR(sh, "Unable to access %s: %s\n", cil_path, - strerror(errno)); + ERR(sh, "Unable to access %s.", cil_path); return -1; //an error in the "stat" call } } @@ -1080,7 +1076,7 @@ static int semanage_compare_checksum(semanage_handle_t *sh, const char *referenc fd = open(path, O_RDONLY | O_CLOEXEC); if (fd == -1) { if (errno != ENOENT) { - ERR(sh, "Unable to open %s: %s\n", path, strerror(errno)); + ERR(sh, "Unable to open %s.", path); return -1; } /* Checksum file not present - force a rebuild. */ @@ -1088,21 +1084,21 @@ static int semanage_compare_checksum(semanage_handle_t *sh, const char *referenc } if (fstat(fd, &sb) == -1) { - ERR(sh, "Unable to stat %s\n", path); + ERR(sh, "Unable to stat %s.", path); retval = -1; goto out_close; } if (sb.st_size != (off_t)CHECKSUM_CONTENT_SIZE) { /* Incompatible/invalid hash type - just force a rebuild. */ - WARN(sh, "Module checksum invalid - forcing a rebuild\n"); + WARN(sh, "Module checksum invalid - forcing a rebuild."); retval = 1; goto out_close; } data = mmap(NULL, CHECKSUM_CONTENT_SIZE, PROT_READ, MAP_PRIVATE, fd, 0); if (data == MAP_FAILED) { - ERR(sh, "Unable to mmap %s\n", path); + ERR(sh, "Unable to mmap %s.", path); retval = -1; goto out_close; } @@ -1212,7 +1208,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) /* The file does not exist */ do_rebuild |= (sepol_get_disable_dontaudit(sh->sepolh) == 1); } else { - ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); + ERR(sh, "Unable to access %s.", path); retval = -1; goto cleanup; } @@ -1243,7 +1239,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) /* The file does not exist */ do_rebuild |= (sepol_get_preserve_tunables(sh->sepolh) == 1); } else { - ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); + ERR(sh, "Unable to access %s.", path); retval = -1; goto cleanup; } @@ -1279,7 +1275,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) path = semanage_path(SEMANAGE_TMP, semanage_computed_files[i]); if (stat(path, &sb) != 0) { if (errno != ENOENT) { - ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); + ERR(sh, "Unable to access %s.", path); retval = -1; goto cleanup; } @@ -1309,7 +1305,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) retval = semanage_compile_hll_modules(sh, modinfos, num_modinfos, &extra, modules_checksum); if (retval < 0) { - ERR(sh, "Failed to compile hll files into cil files.\n"); + ERR(sh, "Failed to compile hll files into cil files."); goto cleanup; } @@ -1322,7 +1318,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) retval = semanage_write_modules_checksum(sh, modules_checksum); if (retval < 0) { - ERR(sh, "Failed to write module checksum file.\n"); + ERR(sh, "Failed to write module checksum file."); goto cleanup; } } @@ -1443,7 +1439,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) /* The file does not exist */ pseusers->dtable->clear(sh, pseusers->dbase); } else { - ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); + ERR(sh, "Unable to access %s.", path); retval = -1; goto cleanup; } @@ -1461,7 +1457,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) /* The file does not exist */ pusers_extra->dtable->clear(sh, pusers_extra->dbase); } else { - ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); + ERR(sh, "Unable to access %s.", path); retval = -1; goto cleanup; } @@ -1732,13 +1728,13 @@ static int semanage_direct_install_file(semanage_handle_t * sh, retval = map_compressed_file(sh, install_filename, &contents); if (retval < 0) { - ERR(sh, "Unable to read file %s\n", install_filename); + ERR(sh, "Unable to read file %s.", install_filename); goto cleanup; } path = strdup(install_filename); if (path == NULL) { - ERR(sh, "No memory available for strdup.\n"); + ERR(sh, "No memory available for strdup."); retval = -1; goto cleanup; } @@ -1779,12 +1775,12 @@ static int semanage_direct_install_file(semanage_handle_t * sh, if (module_name == NULL) { module_name = strdup(filename); if (module_name == NULL) { - ERR(sh, "No memory available for module_name.\n"); + ERR(sh, "No memory available for module_name."); retval = -1; goto cleanup; } } else if (strcmp(module_name, filename) != 0) { - fprintf(stderr, "Warning: SELinux userspace will refer to the module from %s as %s rather than %s\n", install_filename, module_name, filename); + ERR(sh, "Warning: SELinux userspace will refer to the module from %s as %s rather than %s.", install_filename, module_name, filename); } retval = semanage_direct_install(sh, contents.data, contents.len, @@ -1825,7 +1821,7 @@ static int semanage_direct_extract(semanage_handle_t * sh, } if (stat(module_path, &sb) != 0) { - ERR(sh, "Unable to access %s: %s\n", module_path, strerror(errno)); + ERR(sh, "Unable to access %s.", module_path); rc = -1; goto cleanup; } @@ -1856,7 +1852,7 @@ static int semanage_direct_extract(semanage_handle_t * sh, if (extract_cil == 1 && strcmp(_modinfo->lang_ext, "cil") && stat(input_file, &sb) != 0) { if (errno != ENOENT) { - ERR(sh, "Unable to access %s: %s\n", input_file, strerror(errno)); + ERR(sh, "Unable to access %s.", input_file); rc = -1; goto cleanup; } @@ -2016,7 +2012,7 @@ static int semanage_direct_get_enabled(semanage_handle_t *sh, if (stat(path, &sb) < 0) { if (errno != ENOENT) { - ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); + ERR(sh, "Unable to access %s.", path); status = -1; goto cleanup; } @@ -2349,7 +2345,7 @@ static int semanage_direct_get_module_info(semanage_handle_t *sh, /* set enabled/disabled status */ if (stat(fn, &sb) < 0) { if (errno != ENOENT) { - ERR(sh, "Unable to access %s: %s\n", fn, strerror(errno)); + ERR(sh, "Unable to access %s.", fn); status = -1; goto cleanup; } @@ -2778,7 +2774,7 @@ static int semanage_direct_install_info(semanage_handle_t *sh, /* validate module info */ ret = semanage_module_info_validate(modinfo); if (ret != 0) { - ERR(sh, "%s failed module validation.\n", modinfo->name); + ERR(sh, "%s failed module validation.", modinfo->name); status = -2; goto cleanup; } @@ -2866,7 +2862,7 @@ static int semanage_direct_install_info(semanage_handle_t *sh, if (stat(path, &sb) == 0) { ret = unlink(path); if (ret != 0) { - ERR(sh, "Error while removing cached CIL file %s: %s", path, strerror(errno)); + ERR(sh, "Error while removing cached CIL file %s.", path); status = -3; goto cleanup; } diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index c38d284b..4949bc75 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -1117,7 +1117,7 @@ static int get_group_users(genhomedircon_settings_t * s, goto cleanup; if (group == NULL) { - ERR(s->h_semanage, "Can't find group named %s\n", grname); + ERR(s->h_semanage, "Can't find group named %s.", grname); goto cleanup; } diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c index 2f4121db..faea0606 100644 --- a/libsemanage/src/handle.c +++ b/libsemanage/src/handle.c @@ -151,7 +151,7 @@ int semanage_get_hll_compiler_path(semanage_handle_t *sh, lower_lang_ext = strdup(lang_ext); if (lower_lang_ext == NULL) { - ERR(sh, "Could not create copy of lang_ext. Out of memory.\n"); + ERR(sh, "Could not create copy of lang_ext. Out of memory."); status = -1; goto cleanup; } diff --git a/libsemanage/src/parse_utils.c b/libsemanage/src/parse_utils.c index d1d6e930..cf6a91fa 100644 --- a/libsemanage/src/parse_utils.c +++ b/libsemanage/src/parse_utils.c @@ -47,8 +47,8 @@ int parse_open(semanage_handle_t * handle, parse_info_t * info) info->file_stream = fopen(info->filename, "re"); if (!info->file_stream && (errno != ENOENT)) { - ERR(handle, "could not open file %s: %s", - info->filename, strerror(errno)); + ERR(handle, "could not open file %s.", + info->filename); return STATUS_ERR; } if (info->file_stream) diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 47205148..3cbb6ffa 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -1551,7 +1551,7 @@ static int sefcontext_compile(semanage_handle_t * sh, const char *path) { if (stat(path, &sb) < 0) { if (errno != ENOENT) { - ERR(sh, "Unable to access %s: %s\n", path, strerror(errno)); + ERR(sh, "Unable to access %s.", path); return -1; } @@ -1737,11 +1737,11 @@ static int semanage_commit_sandbox(semanage_handle_t * sh) /* sync changes in sandbox to filesystem */ fd = open(sandbox, O_DIRECTORY | O_CLOEXEC); if (fd == -1) { - ERR(sh, "Error while opening %s for syncfs(): %d", sandbox, errno); + ERR(sh, "Error while opening %s for syncfs().", sandbox); return -1; } if (syncfs(fd) == -1) { - ERR(sh, "Error while syncing %s to filesystem: %d", sandbox, errno); + ERR(sh, "Error while syncing %s to filesystem.", sandbox); close(fd); return -1; } From patchwork Mon Nov 11 14:17:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870842 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 46FE01A0721 for ; Mon, 11 Nov 2024 14:17:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334647; cv=none; b=r9kqnPahWa5f5VlXkpIzRjswL5ALm2mAkyku3WqiUFxB+wAj6MWd3zEg1hdmXb5gXraqR4LvmiJzDPQvPrrlqxc9Wx3In6E1IzTSUSQtjqa/RCG5Sm2n1RSdWjeePlDt+K0J5/TGYFOvg9iaiqCMXa0iXofsXz+kRC9bz2LfmkA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334647; c=relaxed/simple; bh=113nZIRBFWflUIHejc/Y6OpB4AIWdVSf6dAisxih62A=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=u3n9HuyQYo7PNZC8cyofmUDpTorv8hVmzrU/pRg+z9lGcITKNiZ2+kzucQw760/zabpdxAw2aObpGVR7mpZrbSuLUfkHNfbWuihIznnA3+bfEYtCPqc5W1E5NpgD4LOelMiE23QbcHJfpXBaJ++LVHzlTtiEI4Prwqt/U0qcH0w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=eqDSNhMr; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="eqDSNhMr" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334640; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=eSe47u7BpxBqB8yUoIOkJSiSGlXiuliFROqmEs8bBI4=; b=eqDSNhMrMTzvz9VCUgnrZ30QmAoSpjGOQkcUxf3M5orxfLMouWbFjykAkd/0eMsH0HC8aH OW8z1Wkba8AI9WyP6PJzC8mpaynYC7xacumfo483w5CKXyvprFTQ8zg7Kgdyo/nF1XxXeC VbIS5CqB7c2gXVCzMsVyGZHEIz07I9GYLyB7267FCF6cuw8145Fu5VWdFz4w20tsndzOYA 1kC6yjDGgxBd76rgVFZrTGt6li8l+b3K1db+WiMLd1G6pHinYdTc8Z8G+ZY2HvgNVDNF78 1X/wMpp7jLlKPyWSEk/MzDVIf0vBzfABw2sp4XoGIwxCSSrgdVZH1W3TR2cwYA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 41/47] libsemanage: check closing written files Date: Mon, 11 Nov 2024 15:17:00 +0100 Message-ID: <20241111141706.38039-41-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Check that closing a file that has been written to is successful, to avoid potential unsuccessful writes/syncs. Signed-off-by: Christian Göttsche --- libsemanage/src/database_file.c | 5 ++++- libsemanage/src/direct_api.c | 15 +++++++++------ libsemanage/src/genhomedircon.c | 3 ++- libsemanage/src/semanage_store.c | 18 +++++++++++++----- 4 files changed, 28 insertions(+), 13 deletions(-) diff --git a/libsemanage/src/database_file.c b/libsemanage/src/database_file.c index 47814254..214dbe6c 100644 --- a/libsemanage/src/database_file.c +++ b/libsemanage/src/database_file.c @@ -149,7 +149,10 @@ static int dbase_file_flush(semanage_handle_t * handle, dbase_file_t * dbase) } dbase_llist_set_modified(&dbase->llist, 0); - fclose(str); + if (fclose(str) != 0 && errno != EINTR) { + str = NULL; + goto err; + } return STATUS_SUCCESS; err: diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index b6aff8ca..e4ca5f26 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -467,7 +467,10 @@ static int write_file(semanage_handle_t * sh, close(out); return -1; } - close(out); + if (close(out) == -1 && errno != EINTR) { + ERR(sh, "Error while closing %s.", filename); + return -1; + } return 0; } @@ -839,7 +842,7 @@ static int semanage_direct_write_langext(semanage_handle_t *sh, goto cleanup; } - if (fclose(fp) != 0) { + if (fclose(fp) != 0 && errno != EINTR) { ERR(sh, "Unable to close %s module ext file.", modinfo->name); fp = NULL; ret = -1; @@ -1216,7 +1219,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) FILE *touch; touch = fopen(path, "we"); if (touch != NULL) { - if (fclose(touch) != 0) { + if (fclose(touch) != 0 && errno != EINTR) { ERR(sh, "Error attempting to create disable_dontaudit flag."); goto cleanup; } @@ -1248,7 +1251,7 @@ static int semanage_direct_commit(semanage_handle_t * sh) FILE *touch; touch = fopen(path, "we"); if (touch != NULL) { - if (fclose(touch) != 0) { + if (fclose(touch) != 0 && errno != EINTR) { ERR(sh, "Error attempting to create preserve_tunable flag."); goto cleanup; } @@ -2119,7 +2122,7 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh, ret = fclose(fp); fp = NULL; - if (ret != 0) { + if (ret != 0 && errno != EINTR) { ERR(sh, "Unable to close disabled file for module %s", modkey->name); @@ -2320,7 +2323,7 @@ static int semanage_direct_get_module_info(semanage_handle_t *sh, free(tmp); tmp = NULL; - if (fclose(fp) != 0) { + if (fclose(fp) != 0 && errno != EINTR) { fp = NULL; ERR(sh, "Unable to close %s module lang ext file.", diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 4949bc75..19543799 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -1429,7 +1429,8 @@ int semanage_genhomedircon(semanage_handle_t * sh, done: if (out != NULL) - fclose(out); + if (fclose(out) != 0 && errno != EINTR) + retval = STATUS_ERR; while (s.fallback) pop_user_entry(&(s.fallback)); diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 3cbb6ffa..e534a58c 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -717,7 +717,7 @@ int semanage_copy_file(semanage_handle_t *sh, const char *src, const char *dst, errsv = errno; retval = -1; } - if (close(out) < 0) { + if (close(out) < 0 && errno != EINTR) { errsv = errno; retval = -1; } @@ -1536,9 +1536,11 @@ int semanage_split_fc(semanage_handle_t * sh) if (file_con) fclose(file_con); if (fc >= 0) - close(fc); + if (close(fc) == -1 && errno != EINTR) + retval = -1; if (hd >= 0) - close(hd); + if (close(hd) == -1 && errno != EINTR) + retval = -1; return retval; @@ -1732,7 +1734,11 @@ static int semanage_commit_sandbox(semanage_handle_t * sh) close(fd); return -1; } - close(fd); + if (close(fd) == -1 && errno != EINTR) { + ERR(sh, "Error while closing commit number file %s.", + commit_filename); + return -1; + } /* sync changes in sandbox to filesystem */ fd = open(sandbox, O_DIRECTORY | O_CLOEXEC); @@ -2159,7 +2165,9 @@ int semanage_write_policydb(semanage_handle_t * sh, sepol_policydb_t * out, cleanup: if (outfile != NULL) { - fclose(outfile); + if (fclose(outfile) != 0 && errno != EINTR) { + retval = STATUS_ERR; + } } umask(mask); sepol_policy_file_free(pf); From patchwork Mon Nov 11 14:17:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870843 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE2241A072A for ; Mon, 11 Nov 2024 14:17:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334647; cv=none; b=PUBoKWRN6zqSk087kPdUeRxs2hrJGHzwTCOQ+nNBmDctFUxuJWa89JAiTUzLMR56unbH9qisaI+VerNaevf+ucW0f2OhHrG7lo95yxqL19hcGKPB2nvz8BFh+wkLfSXiTOuxcmjGOEi9I5okeFThBBO89o9SGhbrykzPpn0/nqY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334647; c=relaxed/simple; bh=tyr0jGzMXgry1xlE2Y8+wVlz4+AS/fdk+FMT9UutWvo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=VRQkM5D5YsvFManfoWPxW4uhTpXrFtjq4Y3HoQ/i9H8/t0TbmaTkm2Vmjtx6wa3aYrGV0WnMtu4GlfAb6Zhpmuzecb+Mpkz4Q5iD/fKuc4Azrl+QuckPuvkFZly1jIfY8Oi/LhMr8Zek2pmccO7dfZMSHC13M0zR8mn4qjiwhA8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=CV1dZ7cl; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="CV1dZ7cl" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334640; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=GaCHPYdCnicSEkwgNsh0Ck31jbuOQL6fkUIjXnPI6zg=; b=CV1dZ7clfLNEZAQU55mLlUpLP9reaPKqmJ5soulq2kN9WZuWI81W6e47kwdqb10YZcKgqA Z1caBMVEdSlet9YxgrC3X5h1wOWv23Xxykd3EuimPTGw7RJPKZotQv2HiytDouT9Fn5Hho JSLQpvsGPzF4kLbiGGOUOEEa1hm8LjJW/PUmCESFRVrRWrj2+jzABtQ+UNmjdP15N7ov/3 z33pFznW8qQkzoyHAt63/F3TwmNEncepUNPpUd2vC7ByzKHmB0qehZsZKDf/HBOFjF7h6o 8P6EALclZ4v/CeX42E/py6aPs194O9aYt5L5SBC94zBi1DS7MGROfMWrcJf0yw== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 42/47] libsemanage: simplify file deletion Date: Mon, 11 Nov 2024 15:17:01 +0100 Message-ID: <20241111141706.38039-42-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Instead of checking if a file to be deleted exists, just try to delete it and ignore any error for it not existing in the first place. Signed-off-by: Christian Göttsche --- libsemanage/src/direct_api.c | 24 +++++++++--------------- 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index e4ca5f26..2a3cdee9 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -2761,7 +2761,6 @@ static int semanage_direct_install_info(semanage_handle_t *sh, int status = 0; int ret = 0; int type; - struct stat sb; char path[PATH_MAX]; mode_t mask = umask(0077); @@ -2862,13 +2861,11 @@ static int semanage_direct_install_info(semanage_handle_t *sh, goto cleanup; } - if (stat(path, &sb) == 0) { - ret = unlink(path); - if (ret != 0) { - ERR(sh, "Error while removing cached CIL file %s.", path); - status = -3; - goto cleanup; - } + ret = unlink(path); + if (ret != 0 && errno != ENOENT) { + ERR(sh, "Error while removing cached CIL file %s.", path); + status = -3; + goto cleanup; } } @@ -2965,13 +2962,10 @@ static int semanage_direct_remove_key(semanage_handle_t *sh, goto cleanup; } - struct stat sb; - if (stat(path, &sb) == 0) { - ret = unlink(path); - if (ret != 0) { - status = -1; - goto cleanup; - } + ret = unlink(path); + if (ret != 0 && errno != ENOENT) { + status = -1; + goto cleanup; } } else { From patchwork Mon Nov 11 14:17:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870850 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B8861A0BC5 for ; Mon, 11 Nov 2024 14:17:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334649; cv=none; b=PGVziP03/MAkR0VXRPRj4v9lWddpLI3DJzsg/AOX4cF3BBl2AEwx92s8BHgVoU9WhcKTT386AhutHEvhX5HFBCdEYiIsI7OXdeHe2thJdkcYHKwwPFz4ggUBaJjR8yK50CtGSO1Kse6PZMgy6vhfwWEgD5jHBoycJXIhQ8g+6lQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334649; c=relaxed/simple; bh=/Dh1leDHEVHyp6q17kdlvhUV80PCWSmPRvNlgnVZdtA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=fgLV98uoREK3MCgibxXmvfrkDNlXboM237nVJSCrn0bfYo3iFVzFhJ4bKp4SBILAw2Q3iMk5eaOkNMsEyjajLsbmNQKkh/6JHVWPM7KRed5SLCd4JzbF89C+Y85dnWy7VdPgAbqW43YKyJ055zwuJGRD5OA/nw0wQlkVIOST/pA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=FiPpzEcy; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="FiPpzEcy" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334640; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PYk4joFJW3ReicczbIQFVSseJYMsqWheTn/zNr7qYBo=; b=FiPpzEcyG1eWXjWrYcyycviHSvfQ1MzZodn1cl4+HyVdg0Bod75446wvHjHpjxpdwf39dH XGNIDJNv0J96cW27c7n+68Fhw7DK5mwgoQdWezxS2IYrnpxgL2jF9JNJ9IcathpPOnXooH ZqvL9SDebhNI2IgxBDkd7DUf6nKEofofs8PPnkOkOaE1/DgtZk/uVq1cjqLJwOHaxLtXKN 2zRvBMCYyZVf30e/4D/7BO0IW/dMkO3ElqZCYhIe41oDAcCVGG54KKxlxxbuN+BtvKtrJC W5SxP0BLZ/WQEnvFga5olOIGS54+0/+w1QnPQ2jha8NiQ5ItAUI54W05bZ1liQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 43/47] libsemanage: optimize policy by default Date: Mon, 11 Nov 2024 15:17:02 +0100 Message-ID: <20241111141706.38039-43-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Fedora is setting optimize-policy to 1 by default, and there seem to be no bugs related to policy optimizations so far. Signed-off-by: Christian Göttsche --- libsemanage/man/man5/semanage.conf.5 | 2 +- libsemanage/src/conf-parse.y | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/libsemanage/man/man5/semanage.conf.5 b/libsemanage/man/man5/semanage.conf.5 index e6e8e27a..7ac45c96 100644 --- a/libsemanage/man/man5/semanage.conf.5 +++ b/libsemanage/man/man5/semanage.conf.5 @@ -124,7 +124,7 @@ In order to compile the original HLL file into CIL, the same HLL file will need .TP .B optimize-policy When set to "true", the kernel policy will be optimized upon rebuilds. -It can be set to either "true" or "false" and by default it is set to "false". +It can be set to either "true" or "false" and by default it is set to "true". .SH "SEE ALSO" .TP diff --git a/libsemanage/src/conf-parse.y b/libsemanage/src/conf-parse.y index 83aa3402..43179b9d 100644 --- a/libsemanage/src/conf-parse.y +++ b/libsemanage/src/conf-parse.y @@ -384,7 +384,7 @@ static int semanage_conf_init(semanage_conf_t * conf) conf->bzip_small = 0; conf->ignore_module_cache = 0; conf->remove_hll = 0; - conf->optimize_policy = 0; + conf->optimize_policy = 1; conf->save_previous = 0; conf->save_linked = 0; From patchwork Mon Nov 11 14:17:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870845 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C66601A0BC1 for ; Mon, 11 Nov 2024 14:17:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334647; cv=none; b=rBWXKAVSpXc9psC46mpTxuD3R2i9bmHrs5AZYA7Jm9Wu3Yd1qzY+ryFuSjVz59jc11MQeDOqFmdHo50DV8Ma/r4YDKoCEvInyk6XTtkO63vQVlAzceZ+1W2tuerMysqY2hQP4CcV2LzJP5OKJz14he+mkDP3TZvVzb9nkU67rww= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334647; c=relaxed/simple; bh=Qh+jzn1rlZHx8KrTWJrr2EFL44hKYJoctwv32LxQc6w=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=h8cSxEqbm7NN3/T+yNYt/vbfEH/jyoYhq6rqpWd8JRlkDKO+WTU4bhxdFQm7ZTX1zXHddkuQpcZYS85IMjS+tUky+dM0JIe0WJjTJuDljrM71RaVBjzX0mYT660WMLkkY4TiRQriqGbvWGItn1GSs9mezV8aCS24qKUOg6JCM0U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=Dk3rL1Wx; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="Dk3rL1Wx" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334641; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Dz5WPcEybWLeItbioPRD/xbOSwAUAkO2uzjWrJ8shGs=; b=Dk3rL1WxK+8z23tLoRwTvUmqPsNw/vfrkic1z28TPpCuBEf+2PO7FCiHhB7f9JpquoDsop gdxOzXOPd1DTsIqQjOL6xcpN6m7LOEz5Ue4wO+ChwRl/PPEBcZhFXLlC0hd1yzj2ZsaMio 8H0THqpqWIXu7hfqSoNT1Cvu4sc0qPR+xjg22Olwn3mUGoYQ4R85pZSRdPmDrVlDAV6kr3 QS4n1OLchEMp/V2z+2Q43bhqnFClrSvdtbzvQ6ymfEqCeFhQ/M0Q3Q4X/PnWht4zux7Pn2 qayJjphx34xrGZs0mJg8aLhQWVluF3kiajM8tehsBhbGjr+Gifhl8x+VbwRQrQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 44/47] libsemanage/man: add documentation for command overrides Date: Mon, 11 Nov 2024 15:17:03 +0100 Message-ID: <20241111141706.38039-44-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche For example fedora contains the following cdefault configuration: [sefcontext_compile] path = /usr/sbin/sefcontext_compile args = -r $@ [end] Signed-off-by: Christian Göttsche --- libsemanage/man/man5/semanage.conf.5 | 80 ++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) diff --git a/libsemanage/man/man5/semanage.conf.5 b/libsemanage/man/man5/semanage.conf.5 index 7ac45c96..9f4b0454 100644 --- a/libsemanage/man/man5/semanage.conf.5 +++ b/libsemanage/man/man5/semanage.conf.5 @@ -126,6 +126,86 @@ In order to compile the original HLL file into CIL, the same HLL file will need When set to "true", the kernel policy will be optimized upon rebuilds. It can be set to either "true" or "false" and by default it is set to "true". +.RE + +.PP +For certain tasks the SELinux Management library resorts to running +external commands. For the following commands their path and arguments can +be overridden: + +.RS +.RS +.TP +.B load_policy +Command to load a kernel policy. +Requires no argument. +Defaults to +.IR /sbin/load_policy +with no arguments. + +.TP +.B setfiles +Command to verify file context definitions. +Requires two arguments, the path to the kernel policy and the path to the +file context definition file. +Defaults to +.IR /sbin/setfiles +with the arguments '\-q \-c $@ $<'. + +.TP +.B sefcontext_compile +Command to compile a file context definition file. +Requires one argument, the path to the to be compiled file context +definition file. +Defaults to +.IR /sbin/sefcontext_compile +with the argument '$@'. + +.RE +.PP +Either +.IR path +or +.IR args +can be omitted. +The argument string must contain '$@' for the first required argument, +and '$<' for the second one. +The syntax for overriding an external command property is: + +.RS + +[\fIname\fR] +.sp 0 +path = /path/to/command +.sp 0 +args = --flag +.sp 0 +[end] + +.RE + +.TP +Example + +.RS + +[sefcontext_compile] +.sp 0 +path = /usr/sbin/sefcontext_compile +.sp 0 +args = -r $@ +.sp 0 +[end] + +.RE +.PP +Optionally the SELinux Management library can invoke external commands to +verify source modules (\fBverify module\fR), linked modules +(\fBverify linked\fR), and kernel policies (\fBverify kernel\fR). +The syntax is identical to the above command overrides. +The program should exit with a value of 0 on success, and non zero on +failure. + .SH "SEE ALSO" .TP semanage(8) From patchwork Mon Nov 11 14:17:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870846 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4038E1A0BCF for ; Mon, 11 Nov 2024 14:17:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334648; cv=none; b=HaeYaFZaxCQKu1QUZ+5qPAbjwAYYNGoVHoQmNBr/87dWlLSZRCk/5vc8e6CRQNyHrRkyh/zRNtxXv2AK2HIsLOEXKQdz33fmXuUTiPVynnXRhd2TDyUduhgz6NE7hIXje6IS6oLv5ywQpOqQoQf9lS1hERHr+Sp0x2MGUwMXiEo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334648; c=relaxed/simple; bh=uXs6PMPAbUZUtboHxinHAt53lJxop8c+V8+MBZQqA2U=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=DH+/wRUokmD+agwi1V2IXupqaQhR/JxLBJSMswneCs5aunUxAg8feQG36AXy9AAY/Ne21ReHhrHGXr+V3DmaC0Qp8CQo8fw1nunj19fDjABUFcnM/zNt3TuRf0TYZWW/slhja7ecJ/W74QfKqH1YHOe1B6YFPdlMq37MNaRmKDk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=IUrkMMj/; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="IUrkMMj/" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334641; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yrJzP/Hct2jclT3UKxsilWlBCcN1MNY9MJE0gfUnaQE=; b=IUrkMMj//+X9eo49bOQDcAkmIel0Hy5qatWxgf615uNiG0QuplrWCggIo0gut5OsBsYJUQ Rq9W70Q+DArRY0zkeSj6yY3OZ8Ew6Bu2Uw3iV8JtIxQACVr3fffCn/OOLXJfkIV2hLREoF asGtPe0umn+dG6FNBnch2HEGZUXN+a8OkNwcLb6ftd36l6hYogIO7PUG+FYNwqjbTVgP84 4Xsm1GIPM2/oW12o45dG7IrtcZt3lFvLO0EnlSGe3GQiCr83+KSGZIDyO5aIurZaSrTOeJ NoACoRzASekIklNIHHdp4EM0jMHYvtCkY5ctbCDaFA4gttaVASbbx1XFpr/0YA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 45/47] libsemanage: skip sort of empty arrays Date: Mon, 11 Nov 2024 15:17:04 +0100 Message-ID: <20241111141706.38039-45-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche UBSAN triggers if the first argument of qsort(3) is NULL, even if the associated passed size is 0 and thus no actual dereference will happen. Sort only arrays with at least two elements. Signed-off-by: Christian Göttsche --- libsemanage/src/database_join.c | 4 ++-- libsemanage/src/ibendports_local.c | 3 ++- libsemanage/src/ibpkeys_local.c | 3 ++- libsemanage/src/policy_components.c | 2 +- libsemanage/src/ports_local.c | 4 +++- libsemanage/src/utilities.c | 2 +- 6 files changed, 11 insertions(+), 7 deletions(-) diff --git a/libsemanage/src/database_join.c b/libsemanage/src/database_join.c index abe6c43c..afb67618 100644 --- a/libsemanage/src/database_join.c +++ b/libsemanage/src/database_join.c @@ -77,10 +77,10 @@ static int dbase_join_cache(semanage_handle_t * handle, dbase_join_t * dbase) goto err; /* Sort for quicker merge later */ - if (rcount1 > 0) { + if (rcount1 > 1) { qsort(records1, rcount1, sizeof(record1_t *), rtable1->compare2_qsort); } - if (rcount2 > 0) { + if (rcount2 > 1) { qsort(records2, rcount2, sizeof(record2_t *), rtable2->compare2_qsort); } diff --git a/libsemanage/src/ibendports_local.c b/libsemanage/src/ibendports_local.c index 0b8c14d2..acf1a37c 100644 --- a/libsemanage/src/ibendports_local.c +++ b/libsemanage/src/ibendports_local.c @@ -89,7 +89,8 @@ int semanage_ibendport_validate_local(semanage_handle_t *handle) if (semanage_ibendport_list_local(handle, &ibendports, &nibendports) < 0) goto err; - qsort(ibendports, nibendports, sizeof(semanage_ibendport_t *), semanage_ibendport_compare2_qsort); + if (nibendports > 1) + qsort(ibendports, nibendports, sizeof(semanage_ibendport_t *), semanage_ibendport_compare2_qsort); /* Test each ibendport */ while (i < nibendports) { diff --git a/libsemanage/src/ibpkeys_local.c b/libsemanage/src/ibpkeys_local.c index 6848bd0d..eea30c2f 100644 --- a/libsemanage/src/ibpkeys_local.c +++ b/libsemanage/src/ibpkeys_local.c @@ -91,7 +91,8 @@ int semanage_ibpkey_validate_local(semanage_handle_t *handle) if (semanage_ibpkey_list_local(handle, &ibpkeys, &nibpkeys) < 0) goto err; - qsort(ibpkeys, nibpkeys, sizeof(semanage_ibpkey_t *), semanage_ibpkey_compare2_qsort); + if (nibpkeys > 1) + qsort(ibpkeys, nibpkeys, sizeof(semanage_ibpkey_t *), semanage_ibpkey_compare2_qsort); /* Test each ibpkey for overlap */ while (i < nibpkeys) { diff --git a/libsemanage/src/policy_components.c b/libsemanage/src/policy_components.c index 6557bb18..20f743dc 100644 --- a/libsemanage/src/policy_components.c +++ b/libsemanage/src/policy_components.c @@ -168,7 +168,7 @@ int semanage_base_merge_components(semanage_handle_t * handle) goto err; /* Sort records on MODE_SORT */ - if (mode & MODE_SORT) { + if ((mode & MODE_SORT) && nrecords > 1) { qsort(records, nrecords, sizeof(record_t *), rtable->compare2_qsort); } diff --git a/libsemanage/src/ports_local.c b/libsemanage/src/ports_local.c index 7d4d0768..5711bdd8 100644 --- a/libsemanage/src/ports_local.c +++ b/libsemanage/src/ports_local.c @@ -82,7 +82,9 @@ int semanage_port_validate_local(semanage_handle_t * handle) /* List and sort the ports */ if (semanage_port_list_local(handle, &ports, &nports) < 0) goto err; - qsort(ports, nports, sizeof(semanage_port_t *), semanage_port_compare2_qsort); + + if (nports > 1) + qsort(ports, nports, sizeof(semanage_port_t *), semanage_port_compare2_qsort); /* Test each port for overlap */ while (i < nports) { diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c index 9df7b9c1..70b5b677 100644 --- a/libsemanage/src/utilities.c +++ b/libsemanage/src/utilities.c @@ -167,7 +167,7 @@ int semanage_list_sort(semanage_list_t ** l) size_t count = 0; size_t i = 0; - if (!l) + if (!l || !(*l)->next) return 0; for (temp = *l; temp; temp = temp->next) From patchwork Mon Nov 11 14:17:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870847 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5813C1A0BCA for ; Mon, 11 Nov 2024 14:17:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334648; cv=none; b=orMZym78Z5FZJVx7e/ZsneaiyEin1l3j867D3zTXfpvimWcYE2811EjgURza/E590H5kIs9KayhTI+qgTvtp07Ma51j41b8xwKZXRKl49fOhKNE16x2bX5f2piKw91qKV0f2bHeEnaKiaSBnWwoKlBA/NbFdD0nVDsf2g62QFGg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334648; c=relaxed/simple; bh=UgHP+oReoy7OLVBgNQ0IKQJ7ZPFuZlJ3xggYJ7VnxuA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=g11wRCeSiLwaPyGK37ZTB/SJrn9EOvv0sTrtrBsoksSE42YgevJrYsGZiq1oXZTXtb57wf42muqInhIjaacNM2FNUanxQlo9BuWTnBBilCrTeJUtI0CHJ/VgIK/oPhLmjg61hL15lfzkdZhbIV9O8Hny87Agr+YVxaP8k46Y7G0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=A4xCuom/; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="A4xCuom/" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334641; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=woLjiBHNAMrp6exXJNdJmHyi+kmMIyT7H1QJKNDoPBE=; b=A4xCuom//aVpD2MsfEJaWcc5uCTE360BRpDs0qwcRJz7NjoQkQspnWGI6+olRM+gFsR6on RvARkWgMz8GK26leGo5/j8nbkE1yKM3eiLOE/2M1pAnjyDjFtBNwoz0NuK3DIpPJFEuKkP TszlaLopl3/HTuYDx3TVPq+v+vQpddHptyqdxvFr52GGWCFjZAlpzatQQReZDmFcX+mLNB QhfA5ZOeRFx1atOq8tx6vkZdERLZDQw/t0w3PsiVIIqb3mGRioaVlF91d0LngXR/D6jjLa SJl4tdBU5Q4RFV7TDcuPVskhHmkFjI5c3J5obQ8H4UiPM4Y1rN2n2DtpGZwxWQ== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 46/47] libsemanage: respect shell paths with /usr prefix Date: Mon, 11 Nov 2024 15:17:05 +0100 Message-ID: <20241111141706.38039-46-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Consider paths with the prefix /usr for shells by including them in the list of fallback default shells and by extending the check for a nologin shell. Signed-off-by: Christian Göttsche --- libsemanage/src/genhomedircon.c | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c index 19543799..8782e2cb 100644 --- a/libsemanage/src/genhomedircon.c +++ b/libsemanage/src/genhomedircon.c @@ -192,15 +192,23 @@ static semanage_list_t *default_shell_list(void) semanage_list_t *list = NULL; if (semanage_list_push(&list, "/bin/csh") + || semanage_list_push(&list, "/usr/bin/csh") || semanage_list_push(&list, "/bin/tcsh") + || semanage_list_push(&list, "/usr/bin/tcsh") || semanage_list_push(&list, "/bin/ksh") + || semanage_list_push(&list, "/usr/bin/ksh") || semanage_list_push(&list, "/bin/bsh") + || semanage_list_push(&list, "/usr/bin/bsh") || semanage_list_push(&list, "/bin/ash") - || semanage_list_push(&list, "/usr/bin/ksh") + || semanage_list_push(&list, "/usr/bin/ash") + || semanage_list_push(&list, "/bin/pdksh") || semanage_list_push(&list, "/usr/bin/pdksh") || semanage_list_push(&list, "/bin/zsh") + || semanage_list_push(&list, "/usr/bin/zsh") || semanage_list_push(&list, "/bin/sh") - || semanage_list_push(&list, "/bin/bash")) + || semanage_list_push(&list, "/usr/bin/sh") + || semanage_list_push(&list, "/bin/bash") + || semanage_list_push(&list, "/usr/bin/bash")) goto fail; return list; @@ -210,6 +218,12 @@ static semanage_list_t *default_shell_list(void) return NULL; } +static bool is_nologin_shell(const char *path) +{ + return strcmp(path, PATH_NOLOGIN_SHELL) == 0 || + strcmp(path, "/usr" PATH_NOLOGIN_SHELL) == 0; +} + static semanage_list_t *get_shell_list(void) { FILE *shells; @@ -223,13 +237,13 @@ static semanage_list_t *get_shell_list(void) return default_shell_list(); while ((len = getline(&temp, &buff_len, shells)) > 0) { if (temp[len-1] == '\n') temp[len-1] = 0; - if (strcmp(temp, PATH_NOLOGIN_SHELL)) { - if (semanage_list_push(&list, temp)) { - free(temp); - semanage_list_destroy(&list); - fclose(shells); - return NULL; - } + if (is_nologin_shell(temp)) + continue; + if (semanage_list_push(&list, temp)) { + free(temp); + semanage_list_destroy(&list); + fclose(shells); + return NULL; } } free(temp); From patchwork Mon Nov 11 14:17:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13870851 X-Patchwork-Delegate: plautrba@redhat.com Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D9D651A0BE7 for ; Mon, 11 Nov 2024 14:17:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334649; cv=none; b=MPiMAkcn0mLBuUOQ7dWbmQTnl8cUM22uhtW7eG+21eaMcoWMlNUn6JywHWsotkc/8/f59syiN87bfYZB7TxV7rDcWA/UP9PVSQlrxKdUeaNLjPtZC/xpxcWgJIwZb6tGHFadt8fFr2LPUmcSyJO6yIirVKNfdL3mgYAQP8U8f/c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731334649; c=relaxed/simple; bh=cRhZkXsckYaChAkcU5Wz4uatOMbALrwUaOVKArdDHSo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Pfv/3ERQOIVO2yv+r3zRX9jRgeNXASCcoLMj5R+uxGRaSbz8c4k4QImPn79t//qouM4cb3TNCklmEFxyVd3+ohKMkTDfUYtRAL2nL1VWE/CIREAyjbg6/ZCJQ7MXsNxpoxf1qA++NqoqAAgsmvnxNLj6rypO+Grv9wYTeyN3F6s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=pUWYiVkz; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="pUWYiVkz" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1731334642; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=F0EtM2Fv/ey4BXWo5eBfMWWDB5K8gcgA/687gFl8mRQ=; b=pUWYiVkzSPffgV8HIuHMj/Ngcs8M+xw8dklWlYylkjMmnrXcpvmpnq8FkuitQdWOszmaLN bOCe5nlapKtInKT44k4ROO+3aB2sTvxpHwWhnCr1+LS4d+f2oLedw7kODIHyN13hI1/Ew3 itK7QB54sqUNja4/yGtaluxq+qUjIkcuXGQbk6BOxJyXfvRKD5t+QlJhncMnyXpwK7uPXY 5lSaqHHnb+qq9XuU5t3lir7QherwBin12zhBTZQfMI+VajSXklihAj4KGWreCIh7gewUyz Nid1hmY8fOGQzqPmcjFB2yNjQ0Il1LShzhOgi5xAsCnWk5oxbswwOXOZmDG77A== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH 47/47] libsemanage/tests: misc cleanup Date: Mon, 11 Nov 2024 15:17:06 +0100 Message-ID: <20241111141706.38039-47-cgoettsche@seltendoof.de> In-Reply-To: <20241111141706.38039-1-cgoettsche@seltendoof.de> References: <20241111141706.38039-1-cgoettsche@seltendoof.de> Reply-To: cgzones@googlemail.com Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche * Explicitly mark unused function parameters and drop compiler warning override * Move declaration of `semanage_handle_t *sh` from individual source files to utilities.h, since it is defined in utilities.c * Declare file local variables static * Drop unused macros * Avoid casts dropping const qualifier * Avoid usage of reserved identifier names (leading underscores) * Silence UBSAN underflow warning by adding explicit cast Signed-off-by: Christian Göttsche --- libsemanage/tests/Makefile | 2 +- libsemanage/tests/test_bool.c | 12 +++++----- libsemanage/tests/test_fcontext.c | 21 ++++++----------- libsemanage/tests/test_handle.c | 11 +++++---- libsemanage/tests/test_ibendport.c | 18 +++++++-------- libsemanage/tests/test_iface.c | 12 +++++----- libsemanage/tests/test_node.c | 12 +++++----- libsemanage/tests/test_other.c | 4 +--- libsemanage/tests/test_port.c | 12 +++++----- libsemanage/tests/test_semanage_store.c | 13 +++++------ libsemanage/tests/test_user.c | 12 +++++----- libsemanage/tests/test_utilities.c | 2 +- libsemanage/tests/utilities.c | 10 +++++---- libsemanage/tests/utilities.h | 30 +++++++++++++------------ 14 files changed, 81 insertions(+), 90 deletions(-) diff --git a/libsemanage/tests/Makefile b/libsemanage/tests/Makefile index b0869558..241ff17a 100644 --- a/libsemanage/tests/Makefile +++ b/libsemanage/tests/Makefile @@ -5,7 +5,7 @@ CILS = $(sort $(wildcard *.cil)) ########################################################################### EXECUTABLE = libsemanage-tests -CFLAGS += -g -O0 -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute -Wno-unused-parameter +CFLAGS += -g -O0 -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute override CFLAGS += -I../src -I../include override LDLIBS += -lcunit -lbz2 -laudit -lselinux -lsepol diff --git a/libsemanage/tests/test_bool.c b/libsemanage/tests/test_bool.c index 9356a1ae..fdbee733 100644 --- a/libsemanage/tests/test_bool.c +++ b/libsemanage/tests/test_bool.c @@ -55,8 +55,6 @@ static void test_bool_count_local(void); static void test_bool_iterate_local(void); static void test_bool_list_local(void); -extern semanage_handle_t *sh; - int boolean_test_init(void) { if (create_test_store() < 0) { @@ -601,9 +599,10 @@ static void test_bool_count(void) } /* Function bool_iterate */ -unsigned int counter_bool_iterate = 0; +static unsigned int counter_bool_iterate = 0; -static int handler_bool_iterate(const semanage_bool_t *record, void *varg) +static int handler_bool_iterate(__attribute__((unused)) const semanage_bool_t *record, + __attribute__((unused)) void *varg) { counter_bool_iterate++; return 0; @@ -857,9 +856,10 @@ static void test_bool_count_local(void) } /* Function bool_iterate_local */ -unsigned int counter_bool_iterate_local = 0; +static unsigned int counter_bool_iterate_local = 0; -static int handler_bool_iterate_local(const semanage_bool_t *record, void *varg) +static int handler_bool_iterate_local(__attribute__((unused)) const semanage_bool_t *record, + __attribute__((unused)) void *varg) { counter_bool_iterate_local++; return 0; diff --git a/libsemanage/tests/test_fcontext.c b/libsemanage/tests/test_fcontext.c index 8943d741..291ed261 100644 --- a/libsemanage/tests/test_fcontext.c +++ b/libsemanage/tests/test_fcontext.c @@ -21,25 +21,19 @@ #include "utilities.h" #include "test_fcontext.h" -char FCONTEXTS[] = +static const char FCONTEXTS[] = "/etc/selinux(/.*) -s system_u:object_r:first_t:s0\n" "/etc/selinux/targeted -- system_u:object_r:second_t:s0\n" "/etc/selinux(/.*) -b system_u:object_r:third_t:s0\n"; -unsigned int FCONTEXTS_LEN = sizeof(FCONTEXTS); +static const unsigned int FCONTEXTS_LEN = sizeof(FCONTEXTS); #define FCONTEXTS_COUNT 3 #define FCONTEXT1_EXPR "/etc/selinux(/.*)" #define FCONTEXT1_TYPE SEMANAGE_FCONTEXT_SOCK -#define FCONTEXT1_CON "system_u:object_r:first_t:s0" #define FCONTEXT2_EXPR "/etc/selinux/targeted" #define FCONTEXT2_TYPE SEMANAGE_FCONTEXT_REG -#define FCONTEXT2_CON "system_u:object_r:second_t:s0" - -#define FCONTEXT3_EXPR "/etc/selinux(/.*)" -#define FCONTEXT3_TYPE SEMANAGE_FCONTEXT_BLOCK -#define FCONTEXT3_CON "system_u:object_r:third_t:s0" #define FCONTEXT_NONEXISTENT_EXPR "/asdf" #define FCONTEXT_NONEXISTENT_TYPE SEMANAGE_FCONTEXT_ALL @@ -71,8 +65,6 @@ static void test_fcontext_count_local(void); static void test_fcontext_iterate_local(void); static void test_fcontext_list_local(void); -extern semanage_handle_t *sh; - static int write_file_contexts(const char *data, unsigned int data_len) { FILE *fptr = fopen("test-policy/store/active/file_contexts", "w+"); @@ -653,9 +645,10 @@ static void test_fcontext_count(void) } /* Function semanage_fcontext_iterate */ -unsigned int counter_fcontext_iterate = 0; +static unsigned int counter_fcontext_iterate = 0; -static int handler_fcontext_iterate(const semanage_fcontext_t *record, void *varg) +static int handler_fcontext_iterate(const semanage_fcontext_t *record, + __attribute__((unused)) void *varg) { CU_ASSERT_PTR_NOT_NULL(record); counter_fcontext_iterate++; @@ -934,10 +927,10 @@ static void test_fcontext_count_local(void) } /* Function semanage_fcontext_iterate_local */ -unsigned int counter_fcontext_iterate_local = 0; +static unsigned int counter_fcontext_iterate_local = 0; static int handler_fcontext_iterate_local(const semanage_fcontext_t *record, - void *varg) + __attribute__((unused)) void *varg) { CU_ASSERT_PTR_NOT_NULL(record); counter_fcontext_iterate_local++; diff --git a/libsemanage/tests/test_handle.c b/libsemanage/tests/test_handle.c index 00a6cb92..704569eb 100644 --- a/libsemanage/tests/test_handle.c +++ b/libsemanage/tests/test_handle.c @@ -34,8 +34,6 @@ static void test_msg_set_callback(void); static void test_root(void); static void test_select_store(void); -extern semanage_handle_t *sh; - int handle_test_init(void) { if (create_test_store() < 0) { @@ -234,10 +232,11 @@ static void test_mls_enabled(void) } /* Function semanage_set_callback */ -int msg_set_callback_count = 0; +static int msg_set_callback_count = 0; -static void helper_msg_set_callback(void *varg, semanage_handle_t *handle, - const char *fmt, ...) +static void helper_msg_set_callback(__attribute__((unused)) void *varg, + __attribute__((unused)) semanage_handle_t *handle, + __attribute__((unused)) const char *fmt, ...) { msg_set_callback_count++; } @@ -300,7 +299,7 @@ static void helper_select_store(const char *name, enum semanage_connect_type typ /* FIXME: the storename parameter of semanage_select_store should be * 'const char *' */ - semanage_select_store(sh, (char *) name, type); + semanage_select_store(sh, name, type); int res = semanage_connect(sh); diff --git a/libsemanage/tests/test_ibendport.c b/libsemanage/tests/test_ibendport.c index a6ce7a34..ea99c101 100644 --- a/libsemanage/tests/test_ibendport.c +++ b/libsemanage/tests/test_ibendport.c @@ -46,8 +46,6 @@ static void test_ibendport_count_local(void); static void test_ibendport_iterate_local(void); static void test_ibendport_list_local(void); -extern semanage_handle_t *sh; - int ibendport_test_init(void) { if (create_test_store() < 0) { @@ -254,9 +252,9 @@ static void test_ibendport_count(void) } /* Function semanage_ibendport_iterate */ -unsigned int helper_ibendport_iterate_counter = 0; +static unsigned int helper_ibendport_iterate_counter = 0; -static int helper_ibendport_iterate(const semanage_ibendport_t *ibendport, +static int helper_ibendport_iterate(__attribute__((unused)) const semanage_ibendport_t *ibendport, void *fn_arg) { CU_ASSERT(fn_arg == (void *) 42); @@ -264,7 +262,7 @@ static int helper_ibendport_iterate(const semanage_ibendport_t *ibendport, return 0; } -static int helper_ibendport_iterate_error(const semanage_ibendport_t *ibendport, +static int helper_ibendport_iterate_error(__attribute__((unused)) const semanage_ibendport_t *ibendport, void *fn_arg) { CU_ASSERT(fn_arg == (void *) 42); @@ -272,7 +270,7 @@ static int helper_ibendport_iterate_error(const semanage_ibendport_t *ibendport, return -1; } -static int helper_ibendport_iterate_break(const semanage_ibendport_t *ibendport, +static int helper_ibendport_iterate_break(__attribute__((unused)) const semanage_ibendport_t *ibendport, void *fn_arg) { CU_ASSERT(fn_arg == (void *) 42); @@ -439,9 +437,9 @@ static void test_ibendport_count_local(void) } /* Function semanage_ibendport_iterate_local */ -unsigned int helper_ibendport_iterate_local_counter = 0; +static unsigned int helper_ibendport_iterate_local_counter = 0; -static int helper_ibendport_iterate_local(const semanage_ibendport_t *ibendport, +static int helper_ibendport_iterate_local(__attribute__((unused)) const semanage_ibendport_t *ibendport, void *fn_arg) { CU_ASSERT(fn_arg == (void *) 42); @@ -449,7 +447,7 @@ static int helper_ibendport_iterate_local(const semanage_ibendport_t *ibendport, return 0; } -static int helper_ibendport_iterate_local_error(const semanage_ibendport_t *ibendport, +static int helper_ibendport_iterate_local_error(__attribute__((unused)) const semanage_ibendport_t *ibendport, void *fn_arg) { CU_ASSERT(fn_arg == (void *) 42); @@ -457,7 +455,7 @@ static int helper_ibendport_iterate_local_error(const semanage_ibendport_t *iben return -1; } -static int helper_ibendport_iterate_local_break(const semanage_ibendport_t *ibendport, +static int helper_ibendport_iterate_local_break(__attribute__((unused)) const semanage_ibendport_t *ibendport, void *fn_arg) { CU_ASSERT(fn_arg == (void *) 42); diff --git a/libsemanage/tests/test_iface.c b/libsemanage/tests/test_iface.c index 2b84cb8e..19f70797 100644 --- a/libsemanage/tests/test_iface.c +++ b/libsemanage/tests/test_iface.c @@ -61,8 +61,6 @@ static void test_iface_count_local(void); static void test_iface_iterate_local(void); static void test_iface_list_local(void); -extern semanage_handle_t *sh; - int iface_test_init(void) { if (create_test_store() < 0) { @@ -492,9 +490,10 @@ static void test_iface_count(void) /* Function semanage_iface_iterate */ -unsigned int counter_iface_iterate = 0; +static unsigned int counter_iface_iterate = 0; -static int handler_iface_iterate(const semanage_iface_t *record, void *varg) +static int handler_iface_iterate(__attribute__((unused)) const semanage_iface_t *record, + __attribute__((unused)) void *varg) { counter_iface_iterate++; return 0; @@ -632,9 +631,10 @@ static void test_iface_count_local(void) } /* Function semanage_iface_iterate_local */ -unsigned int counter_iface_iterate_local = 0; +static unsigned int counter_iface_iterate_local = 0; -static int handler_iface_iterate_local(const semanage_iface_t *record, void *varg) +static int handler_iface_iterate_local(__attribute__((unused)) const semanage_iface_t *record, + __attribute__((unused)) void *varg) { counter_iface_iterate_local++; return 0; diff --git a/libsemanage/tests/test_node.c b/libsemanage/tests/test_node.c index 0db38d97..e07b5973 100644 --- a/libsemanage/tests/test_node.c +++ b/libsemanage/tests/test_node.c @@ -67,8 +67,6 @@ static void test_node_count_local(void); static void test_node_iterate_local(void); static void test_node_list_local(void); -extern semanage_handle_t *sh; - int node_test_init(void) { if (create_test_store() < 0) { @@ -620,9 +618,10 @@ static void test_node_count(void) } /* Function semanage_node_iterate */ -unsigned int counter_node_iterate = 0; +static unsigned int counter_node_iterate = 0; -static int handler_node_iterate(const semanage_node_t *record, void *varg) +static int handler_node_iterate(__attribute__((unused)) const semanage_node_t *record, + __attribute__((unused)) void *varg) { counter_node_iterate++; return 0; @@ -777,9 +776,10 @@ static void test_node_count_local(void) } /* Function semanage_node_iterate_local */ -unsigned int counter_node_iterate_local = 0; +static unsigned int counter_node_iterate_local = 0; -static int handler_node_iterate_local(const semanage_node_t *record, void *varg) +static int handler_node_iterate_local(__attribute__((unused)) const semanage_node_t *record, + __attribute__((unused)) void *varg) { counter_node_iterate_local++; return 0; diff --git a/libsemanage/tests/test_other.c b/libsemanage/tests/test_other.c index 0a57e247..9ea9737a 100644 --- a/libsemanage/tests/test_other.c +++ b/libsemanage/tests/test_other.c @@ -27,8 +27,6 @@ void test_semanage_context(void); /* debug.h */ void test_debug(void); -extern semanage_handle_t *sh; - int other_test_init(void) { return 0; @@ -116,7 +114,7 @@ void test_debug(void) CU_ASSERT(semanage_module_info_create(sh, &modinfo) >= 0); /* test */ - CU_ASSERT(semanage_module_info_set_priority(sh, modinfo, -42) < 0); + CU_ASSERT(semanage_module_info_set_priority(sh, modinfo, (uint16_t)-42) < 0); /* cleanup */ semanage_module_info_destroy(sh, modinfo); diff --git a/libsemanage/tests/test_port.c b/libsemanage/tests/test_port.c index e6393d78..2c0b980b 100644 --- a/libsemanage/tests/test_port.c +++ b/libsemanage/tests/test_port.c @@ -65,8 +65,6 @@ static void test_port_list_local(void); /* internal */ static void test_port_validate_local(void); -extern semanage_handle_t *sh; - int port_test_init(void) { if (create_test_store() < 0) { @@ -539,9 +537,10 @@ static void test_port_count(void) } /* Function semanage_port_iterate */ -unsigned int counter_port_iterate = 0; +static unsigned int counter_port_iterate = 0; -static int handler_port_iterate(const semanage_port_t *record, void *varg) +static int handler_port_iterate(__attribute__((unused)) const semanage_port_t *record, + __attribute__((unused)) void *varg) { counter_port_iterate++; return 0; @@ -716,9 +715,10 @@ static void test_port_count_local(void) } /* Function semanage_port_iterate_local */ -unsigned int counter_port_iterate_local = 0; +static unsigned int counter_port_iterate_local = 0; -static int handler_port_iterate_local(const semanage_port_t *record, void *varg) +static int handler_port_iterate_local(__attribute__((unused)) const semanage_port_t *record, + __attribute__((unused)) void *varg) { counter_port_iterate_local++; return 0; diff --git a/libsemanage/tests/test_semanage_store.c b/libsemanage/tests/test_semanage_store.c index 2e6c38e1..28a76d4f 100644 --- a/libsemanage/tests/test_semanage_store.c +++ b/libsemanage/tests/test_semanage_store.c @@ -43,13 +43,12 @@ #include #include -extern semanage_handle_t *sh; -const char *rootpath = "./test-policy"; -const char *polpath = "./test-policy/store/"; -const char *readlockpath = "./test-policy/store/semanage.read.LOCK"; -const char *translockpath = "./test-policy/store/semanage.trans.LOCK"; -const char *actpath = "./test-policy/store/active"; -const char *modpath = "./test-policy/store/active/modules"; +static const char *const rootpath = "./test-policy"; +static const char *const polpath = "./test-policy/store/"; +static const char *const readlockpath = "./test-policy/store/semanage.read.LOCK"; +static const char *const translockpath = "./test-policy/store/semanage.trans.LOCK"; +static const char *const actpath = "./test-policy/store/active"; +static const char *const modpath = "./test-policy/store/active/modules"; /* The suite initialization function. * Returns zero on success, non-zero otherwise. diff --git a/libsemanage/tests/test_user.c b/libsemanage/tests/test_user.c index b6fda51a..776a061c 100644 --- a/libsemanage/tests/test_user.c +++ b/libsemanage/tests/test_user.c @@ -50,8 +50,6 @@ static void test_user_count_local(void); static void test_user_iterate_local(void); static void test_user_list_local(void); -extern semanage_handle_t *sh; - int user_test_init(void) { if (create_test_store() < 0) { @@ -515,9 +513,10 @@ static void test_user_count(void) } /* Function semanage_user_iterate */ -unsigned int counter_user_iterate = 0; +static unsigned int counter_user_iterate = 0; -static int handler_user_iterate(const semanage_user_t *record, void *varg) +static int handler_user_iterate(__attribute__((unused)) const semanage_user_t *record, + __attribute__((unused)) void *varg) { counter_user_iterate++; return 0; @@ -648,9 +647,10 @@ static void test_user_count_local(void) } /* Function semanage_user_iterate_local */ -unsigned int counter_user_iterate_local = 0; +static unsigned int counter_user_iterate_local = 0; -static int handler_user_iterate_local(const semanage_user_t *record, void *varg) +static int handler_user_iterate_local(__attribute__((unused)) const semanage_user_t *record, + __attribute__((unused)) void *varg) { counter_user_iterate_local++; return 0; diff --git a/libsemanage/tests/test_utilities.c b/libsemanage/tests/test_utilities.c index e1ff4e7d..bbd5af30 100644 --- a/libsemanage/tests/test_utilities.c +++ b/libsemanage/tests/test_utilities.c @@ -47,7 +47,7 @@ static void test_semanage_str_replace(void); static void test_semanage_findval(void); static void test_slurp_file_filter(void); -char fname[] = { +static char fname[] = { 'T', 'E', 'S', 'T', '_', 'T', 'E', 'M', 'P', '_', 'X', 'X', 'X', 'X', 'X', 'X', '\0' }; diff --git a/libsemanage/tests/utilities.c b/libsemanage/tests/utilities.c index 806869e0..91ecf94a 100644 --- a/libsemanage/tests/utilities.c +++ b/libsemanage/tests/utilities.c @@ -24,14 +24,16 @@ #include "utilities.h" -int test_store_enabled = 0; +static int test_store_enabled = 0; semanage_handle_t *sh = NULL; /* Silence any error output caused by our tests * by using this dummy function to catch messages. */ -void test_msg_handler(void *varg, semanage_handle_t *handle, const char *fmt, +void test_msg_handler(__attribute__((unused)) void *varg, + __attribute__((unused)) semanage_handle_t *handle, + __attribute__((unused)) const char *fmt, ...) { } @@ -213,7 +215,7 @@ void helper_handle_create(void) { semanage_set_create_store(sh, 1); semanage_set_reload(sh, 0); semanage_set_store_root(sh, ""); - semanage_select_store(sh, (char *) "store", + semanage_select_store(sh, "store", SEMANAGE_CON_DIRECT); } } @@ -271,7 +273,7 @@ void setup_handle_invalid_store(level_t level) { helper_handle_create(); - semanage_select_store(sh, (char *) "", SEMANAGE_CON_INVALID); + semanage_select_store(sh, "", SEMANAGE_CON_INVALID); if (level >= SH_CONNECT) helper_connect(); diff --git a/libsemanage/tests/utilities.h b/libsemanage/tests/utilities.h index 298b3280..4b6b8bae 100644 --- a/libsemanage/tests/utilities.h +++ b/libsemanage/tests/utilities.h @@ -34,13 +34,13 @@ #define CU_ASSERT_CONTEXT_EQUAL(CON1,CON2) \ do { \ - char *__str; \ - char *__str2; \ - CU_ASSERT(semanage_context_to_string(sh, CON1, &__str) >= 0); \ - CU_ASSERT(semanage_context_to_string(sh, CON2, &__str2) >= 0); \ - CU_ASSERT_STRING_EQUAL(__str, __str2); \ - free(__str2); \ - free(__str); \ + char *str__; \ + char *str2__; \ + CU_ASSERT(semanage_context_to_string(sh, CON1, &str__) >= 0); \ + CU_ASSERT(semanage_context_to_string(sh, CON2, &str2__) >= 0); \ + CU_ASSERT_STRING_EQUAL(str__, str2__); \ + free(str2__); \ + free(str__); \ } while (0) @@ -49,9 +49,9 @@ #undef CU_ASSERT_FATAL #define CU_ASSERT_FATAL(value) do { \ - int _value = (value); \ - CU_ASSERT(_value); \ - assert(_value); \ + int value_ = (value); \ + CU_ASSERT(value_); \ + assert(value_); \ } while (0) #undef CU_FAIL_FATAL @@ -62,18 +62,20 @@ #undef CU_ASSERT_PTR_NOT_NULL_FATAL #define CU_ASSERT_PTR_NOT_NULL_FATAL(value) do { \ - const void *_value = (value); \ - CU_ASSERT_PTR_NOT_NULL(_value); \ - assert(_value != NULL); \ + const void *value_ = (value); \ + CU_ASSERT_PTR_NOT_NULL(value_); \ + assert(value_ != NULL); \ } while (0) #endif /* __CHECKER__ */ -#define I_NULL -1 +#define I_NULL (-1) #define I_FIRST 0 #define I_SECOND 1 #define I_THIRD 2 +extern semanage_handle_t *sh; + typedef enum { SH_NULL, SH_HANDLE, SH_CONNECT, SH_TRANS } level_t; void test_msg_handler(void *varg, semanage_handle_t *handle, const char *fmt,