[RFC,19/20] selinux: status: avoid implicit conversions regarding enforcing status
Commit Message
Use the type bool as parameter type in
selinux_status_update_setenforce(). The related function
enforcing_enabled() returns the type bool, while the struct
selinux_kernel_status member enforcing uses an u32.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
security/selinux/include/security.h | 2 +-
security/selinux/selinuxfs.c | 7 ++++---
security/selinux/status.c | 4 ++--
3 files changed, 7 insertions(+), 6 deletions(-)
Comments
On Jul 6, 2023 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com> wrote:
>
> Use the type bool as parameter type in
> selinux_status_update_setenforce(). The related function
> enforcing_enabled() returns the type bool, while the struct
> selinux_kernel_status member enforcing uses an u32.
>
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
> ---
> security/selinux/include/security.h | 2 +-
> security/selinux/selinuxfs.c | 7 ++++---
> security/selinux/status.c | 4 ++--
> 3 files changed, 7 insertions(+), 6 deletions(-)
Merged into selinux/next, thanks.
--
paul-moore.com
@@ -375,7 +375,7 @@ struct selinux_kernel_status {
*/
} __packed;
-extern void selinux_status_update_setenforce(int enforcing);
+extern void selinux_status_update_setenforce(bool enforcing);
extern void selinux_status_update_policyload(u32 seqno);
extern void selinux_complete_init(void);
extern struct path selinux_null;
@@ -137,7 +137,8 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
{
char *page = NULL;
ssize_t length;
- int old_value, new_value;
+ int scan_value;
+ bool old_value, new_value;
if (count >= PAGE_SIZE)
return -ENOMEM;
@@ -151,10 +152,10 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
return PTR_ERR(page);
length = -EINVAL;
- if (sscanf(page, "%d", &new_value) != 1)
+ if (sscanf(page, "%d", &scan_value) != 1)
goto out;
- new_value = !!new_value;
+ new_value = !!scan_value;
old_value = enforcing_enabled();
if (new_value != old_value) {
@@ -76,7 +76,7 @@ struct page *selinux_kernel_status_page(void)
*
* It updates status of the current enforcing/permissive mode.
*/
-void selinux_status_update_setenforce(int enforcing)
+void selinux_status_update_setenforce(bool enforcing)
{
struct selinux_kernel_status *status;
@@ -87,7 +87,7 @@ void selinux_status_update_setenforce(int enforcing)
status->sequence++;
smp_wmb();
- status->enforcing = enforcing;
+ status->enforcing = enforcing ? 1 : 0;
smp_wmb();
status->sequence++;