From: Austin Kim <[email protected]>
The local variable 'i' is used to be incremented inside while loop
within sidtab_convert_tree(). Before while loop, 'i' is set to 0
inside if/else statement.
Since there is no 'goto' statement within sidtab_convert_tree(),
it had better initialize 'i' as 0 once before if/else statement.
Signed-off-by: Austin Kim <[email protected]>
---
security/selinux/ss/sidtab.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
index 656d50b09f76..301620de63d3 100644
--- a/security/selinux/ss/sidtab.c
+++ b/security/selinux/ss/sidtab.c
@@ -374,7 +374,7 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
struct sidtab_convert_params *convert)
{
int rc;
- u32 i;
+ u32 i = 0;
if (level != 0) {
if (!edst->ptr_inner) {
@@ -383,7 +383,6 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
if (!edst->ptr_inner)
return -ENOMEM;
}
- i = 0;
while (i < SIDTAB_INNER_ENTRIES && *pos < count) {
rc = sidtab_convert_tree(&edst->ptr_inner->entries[i],
&esrc->ptr_inner->entries[i],
@@ -400,7 +399,6 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
if (!edst->ptr_leaf)
return -ENOMEM;
}
- i = 0;
while (i < SIDTAB_LEAF_ENTRIES && *pos < count) {
rc = convert->func(&esrc->ptr_leaf->entries[i].context,
&edst->ptr_leaf->entries[i].context,
--
2.20.1
Hi Austin,
On Tue, Aug 24, 2021 at 4:23 AM Austin Kim <[email protected]> wrote:
>
> From: Austin Kim <[email protected]>
>
> The local variable 'i' is used to be incremented inside while loop
> within sidtab_convert_tree(). Before while loop, 'i' is set to 0
> inside if/else statement.
>
> Since there is no 'goto' statement within sidtab_convert_tree(),
> it had better initialize 'i' as 0 once before if/else statement.
>
> Signed-off-by: Austin Kim <[email protected]>
> ---
> security/selinux/ss/sidtab.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
> index 656d50b09f76..301620de63d3 100644
> --- a/security/selinux/ss/sidtab.c
> +++ b/security/selinux/ss/sidtab.c
> @@ -374,7 +374,7 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
> struct sidtab_convert_params *convert)
> {
> int rc;
> - u32 i;
> + u32 i = 0;
>
> if (level != 0) {
> if (!edst->ptr_inner) {
> @@ -383,7 +383,6 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
> if (!edst->ptr_inner)
> return -ENOMEM;
> }
> - i = 0;
> while (i < SIDTAB_INNER_ENTRIES && *pos < count) {
I must say I prefer the original version more, because it makes it
clear when you look at the loop that it starts at 0. Once you move the
initialization to the declaration section, readers will have to scan
the code upwards to find it out. As is, it's also less prone to error
if e.g. someone adds another loop before the existing ones and reuses
the variable.
In case anyone is wondering why I didn't make these for loops when I
wrote this code: Since the loop condition a little more than the usual
"for(i = 0; i < n; i++)" pattern, my intention was to emphasize that
this is not a "regular" for loop and that readers should read the loop
carefully to not miss something. But perhaps that's not a good reason
and they would look more natural as for loops. If others think a for
loop would look better here, I'd be OK with a patch that makes these
into for loops instead.
> rc = sidtab_convert_tree(&edst->ptr_inner->entries[i],
> &esrc->ptr_inner->entries[i],
> @@ -400,7 +399,6 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
> if (!edst->ptr_leaf)
> return -ENOMEM;
> }
> - i = 0;
> while (i < SIDTAB_LEAF_ENTRIES && *pos < count) {
> rc = convert->func(&esrc->ptr_leaf->entries[i].context,
> &edst->ptr_leaf->entries[i].context,
> --
> 2.20.1
>
--
Ondrej Mosnacek
Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.
2021년 8월 24일 (화) 오후 8:28, Ondrej Mosnacek <[email protected]>님이 작성:
>
> Hi Austin,
>
> On Tue, Aug 24, 2021 at 4:23 AM Austin Kim <[email protected]> wrote:
> >
> > From: Austin Kim <[email protected]>
> >
> > The local variable 'i' is used to be incremented inside while loop
> > within sidtab_convert_tree(). Before while loop, 'i' is set to 0
> > inside if/else statement.
> >
> > Since there is no 'goto' statement within sidtab_convert_tree(),
> > it had better initialize 'i' as 0 once before if/else statement.
> >
> > Signed-off-by: Austin Kim <[email protected]>
> > ---
> > security/selinux/ss/sidtab.c | 4 +---
> > 1 file changed, 1 insertion(+), 3 deletions(-)
> >
> > diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
> > index 656d50b09f76..301620de63d3 100644
> > --- a/security/selinux/ss/sidtab.c
> > +++ b/security/selinux/ss/sidtab.c
> > @@ -374,7 +374,7 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
> > struct sidtab_convert_params *convert)
> > {
> > int rc;
> > - u32 i;
> > + u32 i = 0;
> >
> > if (level != 0) {
> > if (!edst->ptr_inner) {
> > @@ -383,7 +383,6 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
> > if (!edst->ptr_inner)
> > return -ENOMEM;
> > }
> > - i = 0;
> > while (i < SIDTAB_INNER_ENTRIES && *pos < count) {
>
> I must say I prefer the original version more, because it makes it
> clear when you look at the loop that it starts at 0. Once you move the
> initialization to the declaration section, readers will have to scan
> the code upwards to find it out.
Thanks for sharing the full story of the original version.
The original code is more readable since 'i' is mainly used
in 'for' loop rather than 'while' loop. Also agreed that
reader might attempt to scan the initial value of 'i'.
Thanks,
Austin Kim
As is, it's also less prone to error
> if e.g. someone adds another loop before the existing ones and reuses
> the variable.
>
> In case anyone is wondering why I didn't make these for loops when I
> wrote this code: Since the loop condition a little more than the usual
> "for(i = 0; i < n; i++)" pattern, my intention was to emphasize that
> this is not a "regular" for loop and that readers should read the loop
> carefully to not miss something. But perhaps that's not a good reason
> and they would look more natural as for loops. If others think a for
> loop would look better here, I'd be OK with a patch that makes these
> into for loops instead.
>
> > rc = sidtab_convert_tree(&edst->ptr_inner->entries[i],
> > &esrc->ptr_inner->entries[i],
> > @@ -400,7 +399,6 @@ static int sidtab_convert_tree(union sidtab_entry_inner *edst,
> > if (!edst->ptr_leaf)
> > return -ENOMEM;
> > }
> > - i = 0;
> > while (i < SIDTAB_LEAF_ENTRIES && *pos < count) {
> > rc = convert->func(&esrc->ptr_leaf->entries[i].context,
> > &edst->ptr_leaf->entries[i].context,
> > --
> > 2.20.1
> >
>
> --
> Ondrej Mosnacek
> Software Engineer, Linux Security - SELinux kernel
> Red Hat, Inc.
>
On Mon, Aug 23, 2021 at 10:22 PM Austin Kim <[email protected]> wrote:
>
> From: Austin Kim <[email protected]>
>
> The local variable 'i' is used to be incremented inside while loop
> within sidtab_convert_tree(). Before while loop, 'i' is set to 0
> inside if/else statement.
>
> Since there is no 'goto' statement within sidtab_convert_tree(),
> it had better initialize 'i' as 0 once before if/else statement.
>
> Signed-off-by: Austin Kim <[email protected]>
> ---
> security/selinux/ss/sidtab.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
Let's leave the existing code as-is for now.
--
paul moore
http://www.paul-moore.com