LinuxLists.cc - [RFC PATCH 08/20] selinux: services: avoid implicit conversions

2023-07-06 13:30:29

Subject: [RFC PATCH 08/20] selinux: services: avoid implicit conversions

Use u32 as the output parameter type in security_get_classes() and
security_get_permissions(), based on the type of the symtab nprim
member.

Declare the read-only class string parameter of
security_get_permissions() const.

Avoid several implicit conversions by using the identical type for the
destination.

Signed-off-by: Christian Göttsche <[email protected]>
---
security/selinux/include/security.h | 4 ++--
security/selinux/selinuxfs.c | 7 ++++---
security/selinux/ss/services.c | 22 +++++++++-------------
3 files changed, 15 insertions(+), 18 deletions(-)

diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 665c4e5bae99..0f93fd019bb4 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -312,9 +312,9 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type,
u32 *peer_sid);

int security_get_classes(struct selinux_policy *policy,
- char ***classes, int *nclasses);
+ char ***classes, u32 *nclasses);
int security_get_permissions(struct selinux_policy *policy,
- char *class, char ***perms, int *nperms);
+ const char *class, char ***perms, u32 *nperms);
int security_get_reject_unknown(void);
int security_get_allow_unknown(void);

diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index bad1f6b685fd..16036633ddd3 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -1797,7 +1797,8 @@ static int sel_make_perm_files(struct selinux_policy *newpolicy,
char *objclass, int classvalue,
struct dentry *dir)
{
- int i, rc, nperms;
+ u32 i, nperms;
+ int rc;
char **perms;

rc = security_get_permissions(newpolicy, objclass, &perms, &nperms);
@@ -1867,8 +1868,8 @@ static int sel_make_classes(struct selinux_policy *newpolicy,
struct dentry *class_dir,
unsigned long *last_class_ino)
{
-
- int rc, nclasses, i;
+ u32 i, nclasses;
+ int rc;
char **classes;

rc = security_get_classes(newpolicy, &classes, &nclasses);
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 3275cfe2c8f7..2e2b17b00298 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2822,7 +2822,6 @@ static inline int __security_genfs_sid(struct selinux_policy *policy,
{
struct policydb *policydb = &policy->policydb;
struct sidtab *sidtab = policy->sidtab;
- int len;
u16 sclass;
struct genfs *genfs;
struct ocontext *c;
@@ -2844,7 +2843,7 @@ static inline int __security_genfs_sid(struct selinux_policy *policy,
return -ENOENT;

for (c = genfs->head; c; c = c->next) {
- len = strlen(c->u.name);
+ size_t len = strlen(c->u.name);
if ((!c->v.sclass || sclass == c->v.sclass) &&
(strncmp(c->u.name, path, len) == 0))
break;
@@ -3332,7 +3331,7 @@ static int get_classes_callback(void *k, void *d, void *args)
{
struct class_datum *datum = d;
char *name = k, **classes = args;
- int value = datum->value - 1;
+ u32 value = datum->value - 1;

classes[value] = kstrdup(name, GFP_ATOMIC);
if (!classes[value])
@@ -3342,7 +3341,7 @@ static int get_classes_callback(void *k, void *d, void *args)
}

int security_get_classes(struct selinux_policy *policy,
- char ***classes, int *nclasses)
+ char ***classes, u32 *nclasses)
{
struct policydb *policydb;
int rc;
@@ -3358,8 +3357,7 @@ int security_get_classes(struct selinux_policy *policy,
rc = hashtab_map(&policydb->p_classes.table, get_classes_callback,
*classes);
if (rc) {
- int i;
- for (i = 0; i < *nclasses; i++)
+ for (u32 i = 0; i < *nclasses; i++)
kfree((*classes)[i]);
kfree(*classes);
}
@@ -3372,7 +3370,7 @@ static int get_permissions_callback(void *k, void *d, void *args)
{
struct perm_datum *datum = d;
char *name = k, **perms = args;
- int value = datum->value - 1;
+ u32 value = datum->value - 1;

perms[value] = kstrdup(name, GFP_ATOMIC);
if (!perms[value])
@@ -3382,10 +3380,10 @@ static int get_permissions_callback(void *k, void *d, void *args)
}

int security_get_permissions(struct selinux_policy *policy,
- char *class, char ***perms, int *nperms)
+ const char *class, char ***perms, u32 *nperms)
{
struct policydb *policydb;
- int rc, i;
+ int rc;
struct class_datum *match;

policydb = &policy->policydb;
@@ -3420,7 +3418,7 @@ int security_get_permissions(struct selinux_policy *policy,
return rc;

err:
- for (i = 0; i < *nperms; i++)
+ for (u32 i = 0; i < *nperms; i++)
kfree((*perms)[i]);
kfree(*perms);
return rc;
@@ -3600,9 +3598,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
/* Check to see if the rule contains any selinux fields */
int selinux_audit_rule_known(struct audit_krule *rule)
{
- int i;
-
- for (i = 0; i < rule->field_count; i++) {
+ for (u32 i = 0; i < rule->field_count; i++) {
struct audit_field *f = &rule->fields[i];
switch (f->type) {
case AUDIT_SUBJ_USER:
--
2.40.1

2023-07-18 22:03:09

by Paul Moore

[permalink] [raw]

Subject: Re: [PATCH RFC 8/20] selinux: services: avoid implicit conversions

On Jul 6, 2023 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <[email protected]> wrote:
>
> Use u32 as the output parameter type in security_get_classes() and
> security_get_permissions(), based on the type of the symtab nprim
> member.
>
> Declare the read-only class string parameter of
> security_get_permissions() const.
>
> Avoid several implicit conversions by using the identical type for the
> destination.
>
> Signed-off-by: Christian Göttsche <[email protected]>
> ---
> security/selinux/include/security.h | 4 ++--
> security/selinux/selinuxfs.c | 7 ++++---
> security/selinux/ss/services.c | 22 +++++++++-------------
> 3 files changed, 15 insertions(+), 18 deletions(-)

More loop iterators ...

--
paul-moore.com