From patchwork Fri Jul 28 15:55:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 127761 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp575613vqg; Fri, 28 Jul 2023 10:08:47 -0700 (PDT) X-Google-Smtp-Source: APBJJlEX7AmKrpRwbgOufdPLAZr/HyilY6B6qlBgpIUKYD+AtO1rI0QAQeOkUtaeLN96O61XLvtt X-Received: by 2002:a05:6a20:8f24:b0:13a:520c:a3e0 with SMTP id b36-20020a056a208f2400b0013a520ca3e0mr3075141pzk.6.1690564126736; Fri, 28 Jul 2023 10:08:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690564126; cv=none; d=google.com; s=arc-20160816; b=BmmkSJe8G8JHd3f2OMSwaJE+jVSsNEokYGrPvAb/F3h/YMjDxXy0r6JGds3rksFIGe W3dkk9IzMpfMUMrIoiiLD4JdHEw8NrYPfRdvkQH5bR5J6saDm16/Q83UzD+pRJsmRNpW 0eXPVX2PWaS3A5xamTyQ8Q/vYDlXlwnT+ZoVT/ZwOP9xWgcLQk/b4d65vL2yTPEVd8JL 7UplX2cuP3gaMptMXIb6YUEjjBmgSjITuCiRP9N/GkD216sXR321abk78rdPdAibfkct d4huDMkdynwEm0yn0IFM/qVHFCH3dibUY5ZMyiMrwm2MMLIraLU7L8Y9JipJSds6lcAV hIwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=oM73crZF1OwWubA/9TVH96k0bOHmyZqLxxUUVrKWtrg=; fh=QKur2PFwoLuCt27JzfZM4LabS9ldoGoSAJNPH9t/KWI=; b=0CV+i3ErHF447ZdlnTb1eB/KWna68f5cbOyuvNBZhGFmvl4iXki9xSfUjMf+UGkwqA vXHsUcW0ZW7CCaxaboOvSjwRObF4xK7xuAWIwITGldlIasHMVnnm3w5YyultuVxHguSf BA6Hfk/tK7kKvRgZxxgRXo3Vb4pbghI2MoEArI4O7knyD7FzwxgxNzoZc5lBiFz6xaMb GVtVuCzeXfWA8i2ujE3qNgl6fpYMA3IxldjEyBKREqkfabAlI/ahxzdP5aaNM0mhtVqR n272+UegIiJAVRm4VNpkAdftMGYXGg+DzyEHGu21f+sdhaNPupyEcqJ+FR8T0H7oFyVz KVRw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=Kxm0yG8G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f4-20020a056a0022c400b0068273fe79fdsi3417137pfj.163.2023.07.28.10.08.33; Fri, 28 Jul 2023 10:08:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=Kxm0yG8G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237231AbjG1P4H (ORCPT + 99 others); Fri, 28 Jul 2023 11:56:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43068 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236571AbjG1Pzb (ORCPT ); Fri, 28 Jul 2023 11:55:31 -0400 Received: from mail-ej1-x62a.google.com (mail-ej1-x62a.google.com [IPv6:2a00:1450:4864:20::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 07D6E4234; Fri, 28 Jul 2023 08:55:23 -0700 (PDT) Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-99b9161b94aso323167466b.1; Fri, 28 Jul 2023 08:55:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559721; x=1691164521; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=oM73crZF1OwWubA/9TVH96k0bOHmyZqLxxUUVrKWtrg=; b=Kxm0yG8GrQIAOwdCghPWFu9NE7HCyOp2/7S3KYraAgWsVamTJTs8yrb6UmSC4Y+3eL QciifPH+BKENmagZUkl8AJSqhlGp9C+Ub2xjyP+0BywPWPFD8c3rJFvzsdQK82DeIvVf lyZjgZqTEYlrhtdXdEIV7HiXZBFnH6cId6EBCmgxqPupNt7SJ4ADRX13UAKyrwijDtc6 8p8ecUECJOlnbnLTog1hXCH2gAN4wGNx554OsvbmOyaFRZAi6pR+mtUeT4TqK7nYctFS dBQDaWQ6IqpLMExlWDZqsaQ1VeSHhZSB3o2VmnIyA/DFPaaDQUPQBjSiGUWnHN4LV1l5 M3YA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559721; x=1691164521; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=oM73crZF1OwWubA/9TVH96k0bOHmyZqLxxUUVrKWtrg=; b=PDnAaynW8c/PStL4trfXb3DFizvEgGSKkLyUHuojAtTePuQ1ysfph4qe2mRYPgzFlI ase6Cd4BZ2X7KU80fYGk3S2aTNTGC2u7dHqwWpfO7iqrzf/iTIYrj90ML8+4CN8hIXOE /TlOHBk97gQZEBHgeXBDWOCj3RB4ibtlfJ95b7W3CqU9x9R3sSIKF0hhYPoV/gy2jp1E As40Oql53RO+I3LPj0dM0+0q7AfNsifojbsCdUeFJnw17Cyc1+cnMd+ll77+2Btw7nYr YwhkMqWKLGayKX1DmbV41xDoJv0l/vr/Q73/WKkhaOISf9P/Xn8/hLLTZAwPLb6dDFh7 q07Q== X-Gm-Message-State: ABy/qLY28UdnqOdA8HPOblkS4bPOO94ER+G0IMbF32n3Zza/ibPsmG/u 0EGJUnkwAHmWxh/+UHKMvitgcq0xKHsBh+Cg X-Received: by 2002:a17:906:30c2:b0:982:ab8d:1e08 with SMTP id b2-20020a17090630c200b00982ab8d1e08mr2809259ejb.59.1690559721187; Fri, 28 Jul 2023 08:55:21 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:20 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 1/9] selinux: avoid implicit conversions in avtab code Date: Fri, 28 Jul 2023 17:55:00 +0200 Message-Id: <20230728155501.39632-9-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772684969464067147 X-GMAIL-MSGID: 1772684969464067147 Return u32 from avtab_hash() instead of int, since the hashing is done on u32 and the result is used as an index on the hash array. Use the type of the limit in for loops. Avoid signed to unsigned conversion of multiplication result in avtab_hash_eval(). Use unsigned loop iterator for index operations, to avoid sign extension. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/ss/avtab.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 32f92da00b0e..8a508018e696 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -29,7 +29,7 @@ static struct kmem_cache *avtab_xperms_cachep __ro_after_init; /* Based on MurmurHash3, written by Austin Appleby and placed in the * public domain. */ -static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) +static inline u32 avtab_hash(const struct avtab_key *keyp, u32 mask) { static const u32 c1 = 0xcc9e2d51; static const u32 c2 = 0x1b873593; @@ -66,7 +66,7 @@ static inline int avtab_hash(const struct avtab_key *keyp, u32 mask) } static struct avtab_node* -avtab_insert_node(struct avtab *h, int hvalue, +avtab_insert_node(struct avtab *h, u32 hvalue, struct avtab_node *prev, const struct avtab_key *key, const struct avtab_datum *datum) { @@ -106,7 +106,7 @@ avtab_insert_node(struct avtab *h, int hvalue, static int avtab_insert(struct avtab *h, const struct avtab_key *key, const struct avtab_datum *datum) { - int hvalue; + u32 hvalue; struct avtab_node *prev, *cur, *newnode; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -152,7 +152,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, const struct avtab_key *key, const struct avtab_datum *datum) { - int hvalue; + u32 hvalue; struct avtab_node *prev, *cur; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -186,7 +186,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h, struct avtab_node *avtab_search_node(struct avtab *h, const struct avtab_key *key) { - int hvalue; + u32 hvalue; struct avtab_node *cur; u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); @@ -246,7 +246,7 @@ avtab_search_node_next(struct avtab_node *node, u16 specified) void avtab_destroy(struct avtab *h) { - int i; + u32 i; struct avtab_node *cur, *temp; if (!h) @@ -324,7 +324,8 @@ int avtab_alloc_dup(struct avtab *new, const struct avtab *orig) void avtab_hash_eval(struct avtab *h, const char *tag) { - int i, chain_len, slots_used, max_chain_len; + u32 i; + unsigned int chain_len, slots_used, max_chain_len; unsigned long long chain2_len_sum; struct avtab_node *cur; @@ -372,13 +373,13 @@ int avtab_read_item(struct avtab *a, void *fp, struct policydb *pol, { __le16 buf16[4]; u16 enabled; - u32 items, items2, val, vers = pol->policyvers; + u32 items, items2, val, i; struct avtab_key key; struct avtab_datum datum; struct avtab_extended_perms xperms; __le32 buf32[ARRAY_SIZE(xperms.perms.p)]; - int i, rc; - unsigned set; + int rc; + unsigned int set, vers = pol->policyvers; memset(&key, 0, sizeof(struct avtab_key)); memset(&datum, 0, sizeof(struct avtab_datum)); @@ -614,7 +615,7 @@ int avtab_write_item(struct policydb *p, const struct avtab_node *cur, void *fp) int avtab_write(struct policydb *p, struct avtab *a, void *fp) { - unsigned int i; + u32 i; int rc = 0; struct avtab_node *cur; __le32 buf[1]; From patchwork Fri Jul 28 15:54:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 127738 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp556660vqg; Fri, 28 Jul 2023 09:37:57 -0700 (PDT) X-Google-Smtp-Source: APBJJlEB0OrkBACcKgncnW6RiANmt4ot1+INLTnMdoP7gH/v/eumyS31C6hCDKFsheU6FAo1bZXN X-Received: by 2002:a05:6a20:3c8d:b0:131:6fd:8f5a with SMTP id b13-20020a056a203c8d00b0013106fd8f5amr2188562pzj.32.1690562277050; Fri, 28 Jul 2023 09:37:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690562277; cv=none; d=google.com; s=arc-20160816; b=owKoUy6fLGyIw+cLe5k2eqp9pksIEWqRMrDZg0CIy9wDDRVSoQNPAQ1HUTojYtuHr5 C0Z4BjIgrphmjGNDSpzWKZ8yR3DCzqzFTSAE7P3cnsZ6PV2nQ7GXuTzK3q3uumqrI3UF LxfrRkwFuQokTsniwKoyl/2CQDdwzeFoL3Tnqk1kGCjc/1VzitONotq6Wt4aU6ZxP1fj O/+Z1ne5FXeCK+uo1hqqACSjJHzQI4B70L9O6sXg/EXD8FYblFMVYFJpJIzWphtko2UW eRPVMlKuVyxMmWVDNgCOz9wcuNWlZLeNIqBEt03JbdFzaNfIe7JdqCMookyPkWrTJReY 0ZIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=ZU6NqYmf75Sa1ZICmlv0pPjToOhjN4w32UwWXbMha+w=; fh=QKur2PFwoLuCt27JzfZM4LabS9ldoGoSAJNPH9t/KWI=; b=x7W7K4t/JoQAxqrBa9WKD978ecvQ3wdmO4dILTYNyP3XcJZz939kkyrbfsMVj45iGV tMjf+ZCruONYIeh5yhtQu96uhdqUoSQui+6hJeWIWbR7GQAMxE/9FnIGKyCpHjE4/TKu c4TiNr3VIpgZ4E4j8bes+2WaDPFI3X2Gb/OUlbojDiEVYExqwuFf0rMjPDrC+55cdo1C biwroHeIvwyFaj1AJmL/0B9KEUmUYC5wJJZp51DDzyhjuotVlM1bAmLDjJoaeCAjR1IE Q2YJYzl/IAwQravunqvIb/D4iTrim/NvT16qBzjT3d1LesTU1lyCiCDV2WjX3SzMmnBi F26g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=XyIzLnHZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k9-20020aa79d09000000b0068263da2c43si3219332pfp.392.2023.07.28.09.37.43; Fri, 28 Jul 2023 09:37:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=XyIzLnHZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234564AbjG1Pzf (ORCPT + 99 others); Fri, 28 Jul 2023 11:55:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42990 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236777AbjG1Pz2 (ORCPT ); Fri, 28 Jul 2023 11:55:28 -0400 Received: from mail-ej1-x62e.google.com (mail-ej1-x62e.google.com [IPv6:2a00:1450:4864:20::62e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9BCBB448E; Fri, 28 Jul 2023 08:55:11 -0700 (PDT) Received: by mail-ej1-x62e.google.com with SMTP id a640c23a62f3a-99b9161b94aso323144966b.1; Fri, 28 Jul 2023 08:55:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559710; x=1691164510; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=ZU6NqYmf75Sa1ZICmlv0pPjToOhjN4w32UwWXbMha+w=; b=XyIzLnHZZ0z0nFrbb208piVfGJhxlXNzbRzbdgVXvwjoHky49mFZVlWqz5kCH9WDI2 IAHeRtVgTir7nHClp+sKIxIbX3UwAThMXYXFjDOvkWxywXa/m/qtndcr04MtKx/VHlT7 9RaPl0cDb8p5VOJeW/lVFy2utSXX7ufGNH/i3Yt9jxsJxwR33Wwao3t0CAVBaAVS/o+9 n8ikmOYn9ba/XrXsj3ULaHhwT0V7iVTecUkuYVqUozO6YlysPAqCu1DUSFFcwRg8wqHy /9ZGrJ6gc8n1iz4IKf6Ug/Vwjw0amaRV3+0iZvhhPquETT+escBD72TM7OubwCKQcOWf Jojw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559710; x=1691164510; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZU6NqYmf75Sa1ZICmlv0pPjToOhjN4w32UwWXbMha+w=; b=ICNKz96/gOwoybfCN/079S8MOjRCIEOfypN1QXQDCefLAl0iObRAjBSU7vWC7NqQel D3eO0bQkiFdUbTwKUmEx57VZnnWc9PhUS9HtkDmfWsG93vGEP293l+h4BGcOWha1MQCx Ea6CRLDgua9+WMi9Ref8JzvGFflQ5AU3xQRt3w+H2G1BnisMdZYEYrwu8CvQmmW0u8xh 989CdX0282vpik+cXeJW/USwCjdciuRrSnFSUxgrp+iA08e1Nh1cnSDa08mDziiWfVSn 1kHp/a+Oda2DiELa80zbaGmODbByaL0Z8QVFQW/KrGcIbZJauwdzSvsbM3ej9zzcIs6g ilEg== X-Gm-Message-State: ABy/qLbgI5k2h/AdI4PLkDlwJlIzUDK7GKqqeXtASjOLvMh75R4e5i+G mMyyo5aX+t6fgpcn/WlJbV62mrJeH8247eYj X-Received: by 2002:a17:907:2cc8:b0:989:450:e56a with SMTP id hg8-20020a1709072cc800b009890450e56amr2869347ejc.76.1690559709787; Fri, 28 Jul 2023 08:55:09 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:09 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 2/9] selinux: use u32 as bit type in ebitmap code Date: Fri, 28 Jul 2023 17:54:52 +0200 Message-Id: <20230728155501.39632-1-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772683030314420752 X-GMAIL-MSGID: 1772683030314420752 The extensible bitmap supports bit positions up to U32_MAX due to the type of the member highbit being u32. Use u32 consistently as the type for bit positions to announce to callers what range of values is supported. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/ss/ebitmap.c | 32 ++++++++++++++++---------------- security/selinux/ss/ebitmap.h | 32 ++++++++++++++++---------------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c index 77875ad355f7..6ab2baf4cfb5 100644 --- a/security/selinux/ss/ebitmap.c +++ b/security/selinux/ss/ebitmap.c @@ -24,7 +24,7 @@ #include "ebitmap.h" #include "policydb.h" -#define BITS_PER_U64 (sizeof(u64) * 8) +#define BITS_PER_U64 ((u32)(sizeof(u64) * 8)) static struct kmem_cache *ebitmap_node_cachep __ro_after_init; @@ -82,7 +82,8 @@ int ebitmap_cpy(struct ebitmap *dst, const struct ebitmap *src) int ebitmap_and(struct ebitmap *dst, const struct ebitmap *e1, const struct ebitmap *e2) { struct ebitmap_node *n; - int bit, rc; + u32 bit; + int rc; ebitmap_init(dst); @@ -113,8 +114,7 @@ int ebitmap_netlbl_export(struct ebitmap *ebmap, { struct ebitmap_node *e_iter = ebmap->node; unsigned long e_map; - u32 offset; - unsigned int iter; + u32 offset, iter; int rc; if (e_iter == NULL) { @@ -259,7 +259,7 @@ int ebitmap_contains(const struct ebitmap *e1, const struct ebitmap *e2, u32 las return 1; } -int ebitmap_get_bit(const struct ebitmap *e, unsigned long bit) +int ebitmap_get_bit(const struct ebitmap *e, u32 bit) { const struct ebitmap_node *n; @@ -276,7 +276,7 @@ int ebitmap_get_bit(const struct ebitmap *e, unsigned long bit) return 0; } -int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value) +int ebitmap_set_bit(struct ebitmap *e, u32 bit, int value) { struct ebitmap_node *n, *prev, *new; @@ -287,7 +287,7 @@ int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value) if (value) { ebitmap_node_set_bit(n, bit); } else { - unsigned int s; + u32 s; ebitmap_node_clr_bit(n, bit); @@ -365,12 +365,12 @@ void ebitmap_destroy(struct ebitmap *e) int ebitmap_read(struct ebitmap *e, void *fp) { struct ebitmap_node *n = NULL; - u32 mapunit, count, startbit, index; + u32 mapunit, count, startbit, index, i; __le32 ebitmap_start; u64 map; __le64 mapbits; __le32 buf[3]; - int rc, i; + int rc; ebitmap_init(e); @@ -384,7 +384,7 @@ int ebitmap_read(struct ebitmap *e, void *fp) if (mapunit != BITS_PER_U64) { pr_err("SELinux: ebitmap: map size %u does not " - "match my size %zd (high bit was %d)\n", + "match my size %d (high bit was %d)\n", mapunit, BITS_PER_U64, e->highbit); goto bad; } @@ -471,18 +471,18 @@ int ebitmap_read(struct ebitmap *e, void *fp) int ebitmap_write(const struct ebitmap *e, void *fp) { struct ebitmap_node *n; - u32 count; + u32 bit, count, last_bit, last_startbit; __le32 buf[3]; u64 map; - int bit, last_bit, last_startbit, rc; + int rc; buf[0] = cpu_to_le32(BITS_PER_U64); count = 0; last_bit = 0; - last_startbit = -1; + last_startbit = (u32)-1; ebitmap_for_each_positive_bit(e, n, bit) { - if (rounddown(bit, (int)BITS_PER_U64) > last_startbit) { + if (last_startbit == (u32)-1 || rounddown(bit, BITS_PER_U64) > last_startbit) { count++; last_startbit = rounddown(bit, BITS_PER_U64); } @@ -496,9 +496,9 @@ int ebitmap_write(const struct ebitmap *e, void *fp) return rc; map = 0; - last_startbit = INT_MIN; + last_startbit = (u32)-1; ebitmap_for_each_positive_bit(e, n, bit) { - if (rounddown(bit, (int)BITS_PER_U64) > last_startbit) { + if (last_startbit == (u32)-1 || rounddown(bit, BITS_PER_U64) > last_startbit) { __le64 buf64[1]; /* this is the very first bit */ diff --git a/security/selinux/ss/ebitmap.h b/security/selinux/ss/ebitmap.h index e3c807cfad90..43c32077d483 100644 --- a/security/selinux/ss/ebitmap.h +++ b/security/selinux/ss/ebitmap.h @@ -44,10 +44,10 @@ struct ebitmap { #define ebitmap_length(e) ((e)->highbit) -static inline unsigned int ebitmap_start_positive(const struct ebitmap *e, +static inline u32 ebitmap_start_positive(const struct ebitmap *e, struct ebitmap_node **n) { - unsigned int ofs; + u32 ofs; for (*n = e->node; *n; *n = (*n)->next) { ofs = find_first_bit((*n)->maps, EBITMAP_SIZE); @@ -62,11 +62,11 @@ static inline void ebitmap_init(struct ebitmap *e) memset(e, 0, sizeof(*e)); } -static inline unsigned int ebitmap_next_positive(const struct ebitmap *e, +static inline u32 ebitmap_next_positive(const struct ebitmap *e, struct ebitmap_node **n, - unsigned int bit) + u32 bit) { - unsigned int ofs; + u32 ofs; ofs = find_next_bit((*n)->maps, EBITMAP_SIZE, bit - (*n)->startbit + 1); if (ofs < EBITMAP_SIZE) @@ -86,10 +86,10 @@ static inline unsigned int ebitmap_next_positive(const struct ebitmap *e, (((bit) - (node)->startbit) % EBITMAP_UNIT_SIZE) static inline int ebitmap_node_get_bit(const struct ebitmap_node *n, - unsigned int bit) + u32 bit) { - unsigned int index = EBITMAP_NODE_INDEX(n, bit); - unsigned int ofs = EBITMAP_NODE_OFFSET(n, bit); + u32 index = EBITMAP_NODE_INDEX(n, bit); + u32 ofs = EBITMAP_NODE_OFFSET(n, bit); BUG_ON(index >= EBITMAP_UNIT_NUMS); if ((n->maps[index] & (EBITMAP_BIT << ofs))) @@ -98,20 +98,20 @@ static inline int ebitmap_node_get_bit(const struct ebitmap_node *n, } static inline void ebitmap_node_set_bit(struct ebitmap_node *n, - unsigned int bit) + u32 bit) { - unsigned int index = EBITMAP_NODE_INDEX(n, bit); - unsigned int ofs = EBITMAP_NODE_OFFSET(n, bit); + u32 index = EBITMAP_NODE_INDEX(n, bit); + u32 ofs = EBITMAP_NODE_OFFSET(n, bit); BUG_ON(index >= EBITMAP_UNIT_NUMS); n->maps[index] |= (EBITMAP_BIT << ofs); } static inline void ebitmap_node_clr_bit(struct ebitmap_node *n, - unsigned int bit) + u32 bit) { - unsigned int index = EBITMAP_NODE_INDEX(n, bit); - unsigned int ofs = EBITMAP_NODE_OFFSET(n, bit); + u32 index = EBITMAP_NODE_INDEX(n, bit); + u32 ofs = EBITMAP_NODE_OFFSET(n, bit); BUG_ON(index >= EBITMAP_UNIT_NUMS); n->maps[index] &= ~(EBITMAP_BIT << ofs); @@ -126,8 +126,8 @@ int ebitmap_cmp(const struct ebitmap *e1, const struct ebitmap *e2); int ebitmap_cpy(struct ebitmap *dst, const struct ebitmap *src); int ebitmap_and(struct ebitmap *dst, const struct ebitmap *e1, const struct ebitmap *e2); int ebitmap_contains(const struct ebitmap *e1, const struct ebitmap *e2, u32 last_e2bit); -int ebitmap_get_bit(const struct ebitmap *e, unsigned long bit); -int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value); +int ebitmap_get_bit(const struct ebitmap *e, u32 bit); +int ebitmap_set_bit(struct ebitmap *e, u32 bit, int value); void ebitmap_destroy(struct ebitmap *e); int ebitmap_read(struct ebitmap *e, void *fp); int ebitmap_write(const struct ebitmap *e, void *fp); From patchwork Fri Jul 28 15:54:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 127744 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp560107vqg; Fri, 28 Jul 2023 09:44:24 -0700 (PDT) X-Google-Smtp-Source: APBJJlGMcqGptistp1lMbv3fVRqYE/DwNewE1wOx1AzjsmbxxTnX2JrfvLSCcsYQcLfUlx6TN3zW X-Received: by 2002:a17:902:c950:b0:1bb:833c:6ba8 with SMTP id i16-20020a170902c95000b001bb833c6ba8mr1938622pla.56.1690562664122; Fri, 28 Jul 2023 09:44:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690562664; cv=none; d=google.com; s=arc-20160816; b=vcg56z2yd12DCPDPkE96bi7HyNfU/28TdsNSYXc2uAioRj0ynBeYCQpVA9dNmXhIIn QtuUQ90mXPtNak+ZyVk91JGI2lDpqBOKEm42Sgxi9k0xXla9hNawpK9yhk/ZEAEnACS9 tiLnAdozQcN61aFGgL9VucjVByQk7Wg2Lx8QPFw1nGwa/gpnDCgKaIv6ZcyWAfVY9Goa JSM2dKFFd75rxKv+5TQ2uh2ioCpNJL8boeMmKBKDQ0tAR+D27BOFt4s0RY//ghTyTG/P YC6yJJYERx8Y09COjbSMC6PbLfJTtyAL/GIz87TJf0Ldqu0gvZbZUXG6CFCIFZMutzVA sPgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1+ccw4NZa5atLMu3PvWU3CwI2TXUxTCi4zdltIKSN3g=; fh=QKur2PFwoLuCt27JzfZM4LabS9ldoGoSAJNPH9t/KWI=; b=uusNSSNdJT3ZjIdM8vqy6AXT9byDWa3Gvl2oPPSAeQP/KYSX9Md8gQFgdmUDr9V1ox 5rttnUmhHkBg3a0hLqZEASCjjzsz7d623QU/lhbkvI6TyYE5IdMI+DsENnAmjd5pLcgm 3tff5yp9XjpmFYTg/RKJ73MsLbiANWJAgK+MdDUBxAZGceTq5mUUqgTyzYbco/3rHJnG y6akVOGMwLgyQOsSZrpnT5MUB4wVlXie+fB3zSDE/xa9Uw+yPcuK8v5pQycsfAduZplc 00+XGqFPwStgr97SBaLLk1DQtmUJVLkJLcJfjyVONjlaHH492ChZThuF3Il1AZ6qK/4R ErfQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=ARajOChS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v14-20020a1709028d8e00b001b9736814b6si3132016plo.309.2023.07.28.09.44.10; Fri, 28 Jul 2023 09:44:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=ARajOChS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236467AbjG1Pzi (ORCPT + 99 others); Fri, 28 Jul 2023 11:55:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42988 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236705AbjG1Pz2 (ORCPT ); Fri, 28 Jul 2023 11:55:28 -0400 Received: from mail-ej1-x62c.google.com (mail-ej1-x62c.google.com [IPv6:2a00:1450:4864:20::62c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0DD10449F; Fri, 28 Jul 2023 08:55:13 -0700 (PDT) Received: by mail-ej1-x62c.google.com with SMTP id a640c23a62f3a-99bc512526cso327468366b.1; Fri, 28 Jul 2023 08:55:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559711; x=1691164511; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1+ccw4NZa5atLMu3PvWU3CwI2TXUxTCi4zdltIKSN3g=; b=ARajOChSPVav64iGhopmQ+8nKBr9w1b6PNunqIbKhFQmYug3HbMmKML7tFUcKNDAql 8wkzm7ISP2STHyjKgjKxt9qn0FEp1DO0S26sPjEhKfRbGY95eUuu8BVgGsX2ULoWOK5J LStkmwMuYdYXxRLiL6V0ilniPW8osDGql14vP84IP2odVzePfjACtH8OnVOcnAgCTRYy eUf1j2xi2erzVvWxtUoSBCeLvcEbeX1pPFJ/MzjeY5GzjZCVWrZQZnNWvDt0S1Gk9dEm q/aIXYE1FmdAlsl30NQyYVNqB4ZBaDPWUhKdw2ccwO1yHDvDXAGiXfWD2jXiiWP4sLpr Q5yg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559711; x=1691164511; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1+ccw4NZa5atLMu3PvWU3CwI2TXUxTCi4zdltIKSN3g=; b=ZcLlnpaz+ELCp5vK/IfZ7qXEFz5Ew5UbUTGXjoCtyLHPSPTlskKkRNaNIdj8neE6M5 zxUr8+xV4gcxNlt+/DWPj+yb5AFWRRx25ZFELDRNaznoGnwPRjlZlwbjgkTPcEt2vzGJ 1CreEv7xKr7zI+5Grx/3dGDJKTf22pmJB0owf8RgQwULmbfc1oeW29S3JwTVMld+GBsJ kmOC9yNz4899INr/MjOtaFX7XTrQlw+5qjuXC1QKpZcuQf8kbbBUl746bAeRpDoHF6Wu ay+B4ff8tIoq6UhQPVFvmIl77CJZPTOw552uSMbD77A0sr0OcfGxq9BEtXqsKfrjQ8ZX xRhQ== X-Gm-Message-State: ABy/qLarP9Lp3+0ElYJGlXdisBGlY24Ys6KTjgmPrLimAudeOwD9Sphz kPT0bnGpthRPhB4+z0J6zf2u8wa/qUHVZS4i X-Received: by 2002:a17:906:155:b0:99b:4ed4:5527 with SMTP id 21-20020a170906015500b0099b4ed45527mr2618066ejh.25.1690559711163; Fri, 28 Jul 2023 08:55:11 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:10 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 3/9] selinux: use identical iterator type in hashtab_duplicate() Date: Fri, 28 Jul 2023 17:54:53 +0200 Message-Id: <20230728155501.39632-2-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772683435916497838 X-GMAIL-MSGID: 1772683435916497838 Use the identical type u32 for the loop iterator. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/ss/hashtab.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/selinux/ss/hashtab.c b/security/selinux/ss/hashtab.c index 30532ec319ce..7df9640554be 100644 --- a/security/selinux/ss/hashtab.c +++ b/security/selinux/ss/hashtab.c @@ -137,7 +137,8 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig, void *args) { struct hashtab_node *cur, *tmp, *tail; - int i, rc; + u32 i; + int rc; memset(new, 0, sizeof(*new)); From patchwork Fri Jul 28 15:54:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 127766 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp578599vqg; Fri, 28 Jul 2023 10:13:37 -0700 (PDT) X-Google-Smtp-Source: APBJJlHlyc1O4an4ekI6ZsL3KPXh5DwlBwQmyE/rYpu9kEPIgklxC6c1YuOPm852wJu4fX283grZ X-Received: by 2002:a17:90a:4a03:b0:264:a14:ce19 with SMTP id e3-20020a17090a4a0300b002640a14ce19mr1838944pjh.20.1690564416883; Fri, 28 Jul 2023 10:13:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690564416; cv=none; d=google.com; s=arc-20160816; b=V/wdvRrGy1WoWJTVSmRHE88Tre9tFmWvBiws57xI7N0dzJdfS/5VEdVCir8uhcot1h BI2MGaJinOhKzSumkBLgeVURM60KPqM7d6O5O9JrL6+9SBqOEfYZAdsn0JJ2NNY31MXB 59biHwu6QNhkl57KfymMLlYtEtgN3HfQfmNvdY6KP6pxyZ7mblr1cmeYUozzcsjS6DqA pDBZMwJf3N9GuhCPC/3qpRI1dTg4hm8mE+A9n4kf2stilfL08fMK0CJ+pGSDtycecZG/ Z3UXzT6O6RzOem8pV21pkj4b2Ee1JLy8r4BnW54OBxVx1jTojqtoYDKgbfuBNUAy9RpY cFKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Hj8EXANVUnt9bxQH+/nx3iBETrgoqthp/pWZeVRl9D8=; fh=QKur2PFwoLuCt27JzfZM4LabS9ldoGoSAJNPH9t/KWI=; b=qXnc+Jbcu9P+eADy0MA3DRIwnLoWav6fo+4tboSswrijs0SHWm2aHwajzsDv/+Px+i vnFJQ02O6macWmXElvrjJwVkR5xLhBTOSXqaqAzuR3WfTJ4dhFUi7su8Sl8N+tw79z+S 7lkRPGKAJj5x2WAFunFyS1ngWz579+Y/cpHEm2zqOA/tLLhUQ6Arzmd7aIxgaL2LJ6qW kZVBrB5G+1J8Efyb8dVS/Y5K/nY8sL//vX8vjHvu17dWyWjhfd9CC46au32zrUSpQEkC 715jen5fZbJCslIibQF9HD8h35UojpGA/EPT7qARoYskHnv7GKY/idSC+ZN2j7qP1e4k juUg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=lJEotxX4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w8-20020a17090abc0800b002685065230asi4285399pjr.37.2023.07.28.10.13.23; Fri, 28 Jul 2023 10:13:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=lJEotxX4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236919AbjG1Pzq (ORCPT + 99 others); Fri, 28 Jul 2023 11:55:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42930 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235836AbjG1Pza (ORCPT ); Fri, 28 Jul 2023 11:55:30 -0400 Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BDAF444B1; Fri, 28 Jul 2023 08:55:14 -0700 (PDT) Received: by mail-lf1-x12a.google.com with SMTP id 2adb3069b0e04-4fe2503e3easo641871e87.2; Fri, 28 Jul 2023 08:55:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559713; x=1691164513; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Hj8EXANVUnt9bxQH+/nx3iBETrgoqthp/pWZeVRl9D8=; b=lJEotxX4ThykyTKoZQKZCBYw/acPZZ4atSdyoRuShZW2/I43mCDRmqkeglAanKpIEt 5MF9aBJM/t4X+/bcmUHnhzJ5MG36wDlLuYSiqgB71dPp1/ipxcp8w+sz83iMb2uuUOuc FwYcM8KxC4EBTRGkUgcFZVZo5bYQMjemYzMmw0fgSNNGr6CnhWzVfNOeaaT756gAM31m 85VZxhu/MTx2mxVzxFT/79zMBTSQpZMWxL5WFuClAxvjZ2/GgKSRWKyUqV6QTDmCzUWH 0JqbhdjgZp73AsnE94Sz3kVw2fIYpGOi82E/3cWhgIvhEkyT3eRb2PtibfZ8ZAI3/Wtm CgYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559713; x=1691164513; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Hj8EXANVUnt9bxQH+/nx3iBETrgoqthp/pWZeVRl9D8=; b=jQnpun6OMkjwNUye76r5PMmVRUGhnAlVokQQR21Fw9LA1dy+bxpUTZ+M21UnBw/jV8 Ao1nNfbId08f83VzBVR+kqA5bZ35/patGT2EKNP1KZM4KpZs+0grAP7pK8O2DRsWUT2k lALsbWp7S+KOIBVpFK7gNT2oGMyRYPuWQhOLP2dM9WhLMpSy6qkYafDwJ/889g7QdhZA +rWVA8/5IDzrGeJNmaNxPZt7Vm7d2XpCyEjiw4LZ8hcGT0RhW6yQNUiH+8bPiiGVY/v3 5LwZ3FfZNI8i91AzmV6BSe+JZ5PgFZo7CvottT+rmFbyEt+NecB+3HbfME/xQFHzIuk1 ucuA== X-Gm-Message-State: ABy/qLbwkLEelXiTFjXUijo34TwWbsfmLA9xbt7vYpU5NuO+BueawwDM QlTksjNfKc+vyNeK+kJgDMl2uwDseNy+hmpv X-Received: by 2002:a19:2d49:0:b0:4f9:7aee:8dc5 with SMTP id t9-20020a192d49000000b004f97aee8dc5mr1989307lft.19.1690559712679; Fri, 28 Jul 2023 08:55:12 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:12 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 4/9] selinux: avoid implicit conversions in mls code Date: Fri, 28 Jul 2023 17:54:54 +0200 Message-Id: <20230728155501.39632-3-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772685274093054216 X-GMAIL-MSGID: 1772685274093054216 Use u32 for ebitmap bits. Use char for the default range of a class. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/ss/mls.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index b2c6c846ea03..cd38f5913b63 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c @@ -45,7 +45,7 @@ int mls_compute_context_len(struct policydb *p, struct context *context) len = 1; /* for the beginning ":" */ for (l = 0; l < 2; l++) { - int index_sens = context->range.level[l].sens; + u32 index_sens = context->range.level[l].sens; len += strlen(sym_name(p, SYM_LEVELS, index_sens - 1)); /* categories */ @@ -240,7 +240,8 @@ int mls_context_to_sid(struct policydb *pol, char *sensitivity, *cur_cat, *next_cat, *rngptr; struct level_datum *levdatum; struct cat_datum *catdatum, *rngdatum; - int l, rc, i; + u32 i; + int l, rc; char *rangep[2]; if (!pol->mls_enabled) { @@ -451,7 +452,8 @@ int mls_convert_context(struct policydb *oldp, struct level_datum *levdatum; struct cat_datum *catdatum; struct ebitmap_node *node; - int l, i; + u32 i; + int l; if (!oldp->mls_enabled || !newp->mls_enabled) return 0; @@ -495,7 +497,7 @@ int mls_compute_sid(struct policydb *p, struct range_trans rtr; struct mls_range *r; struct class_datum *cladatum; - int default_range = 0; + char default_range = 0; if (!p->mls_enabled) return 0; From patchwork Fri Jul 28 15:54:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 127743 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp558856vqg; Fri, 28 Jul 2023 09:42:06 -0700 (PDT) X-Google-Smtp-Source: APBJJlHg97xIFjTaCRlbM6KBNAcKcsrDaIojpBdeIdjz3mLRVk5unAah6yGWpJ9bxqha/0Pr0o+1 X-Received: by 2002:a05:6a20:3253:b0:135:6d5b:82a6 with SMTP id hm19-20020a056a20325300b001356d5b82a6mr1744572pzc.62.1690562525820; Fri, 28 Jul 2023 09:42:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690562525; cv=none; d=google.com; s=arc-20160816; b=dwuNawlbIrG7h4bXaYpbrSNcMkrfaKRGFaoPLzAG2x98AxkcsSIWwCDX2vKULxQGDn mPDn1BXcYIcRqHDwfu2NOodQc3AFFMv88uQzyEBz1d6BtHYQuIsDsE16fpywn324m1+6 S2sPJQj3OmYTdqutSNIh39xd5dfZEPLD01MVUGhDzXr+mr1gxQGZ+Ff5KEFl65Zx855z Du8X3vJ2wolg+eJg+DlexoGt8feUwIfLrWDhKe9VNXifn10YXSrhBQeejPiA88jiOT/j UnNu0CJ1CF2R+rkX4Azz4ZAjXhMfNkqbWNsGY5Vyoi3x8CeEdoX7J/ooyrGHUSgQuQeL s6cQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=LMehyge5V6oc71n+ts8VpdssHuMwLHVzBSgZt/TQ3lg=; fh=fBY5D/IDrKFsN9mMQMRE3IlhWmhEeMbp24YlZR3fWbQ=; b=WhB63HTq20IRTYuBGSZs3W6SW3QI+ts+z6YCgxdQQgaG6binBM57b8hEAAEd/1Fke0 vlkH5eDu48DjUQucYY1WeqZh+glQGavTILwc5wL3J8ZoHQ0Ohli3xbx0abRjub/0YUW1 z4IiY/PD33wdx+Zjr01Wme9CL68Ka75yv5Mky+k+ycngm3b6TIHYmjNlz2zNfcL7cCHD TJfrgVUg0F1TayT0MSjjMpUMJy0895UR60BArkEYVrzNipdFbLNcxgbY3VIIS+NcY7t+ L942YNMZnB2e1yl00Ql7ZedomVyoA2+VNloiOKW18BaxuCwRPQmAMFgcMtU+OggZNaXJ L+yw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=gK1wcG5i; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 24-20020a631258000000b00563f2ec3cb5si897244pgs.631.2023.07.28.09.41.52; Fri, 28 Jul 2023 09:42:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=gK1wcG5i; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237011AbjG1Pzs (ORCPT + 99 others); Fri, 28 Jul 2023 11:55:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43026 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236861AbjG1Pza (ORCPT ); Fri, 28 Jul 2023 11:55:30 -0400 Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1F59744B4; Fri, 28 Jul 2023 08:55:16 -0700 (PDT) Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-99b9421aaebso309328266b.2; Fri, 28 Jul 2023 08:55:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559714; x=1691164514; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=LMehyge5V6oc71n+ts8VpdssHuMwLHVzBSgZt/TQ3lg=; b=gK1wcG5ifE9K7WNKaw+EopeVu9Z112sNyDDmRS0xr1oSRlvZx+ntyoKbpqVXAN6aIv ONynaAKRwpwdemhY31y9cbpw0n3af4i7a0XTd0kVXy9djH0qGp1OwDWxK8ilC8Ywuv23 PlkjUXw2p8k0odbo3/hI9EAY013EfsXnUJgkpy9c4Hq9qK8VzzH9BUf20RdJz9L7/Rmh 8tnWInKdYdLL118OyZKQqhVg/lB/uBH1tM/HHNtswCjvV0jnR7NybCQG1dmzpBe2Muzp 7k4+2QWxjr4rTM+hi5BiRgdfNbl/Wo03dHZXCFFP6C/8iT2efWxYmbwUC90hzqfaQpfl i7Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559714; x=1691164514; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LMehyge5V6oc71n+ts8VpdssHuMwLHVzBSgZt/TQ3lg=; b=eSu+AvkCf98cdJJfW3vWg7BiR6ysQzjOBWu6JpQJHA7tylytDbaK+ZS3Ot0tcpquTU NRwzBhcY9HxbEt+Qef+QjAunEG4es5UrQkfoKhRR66YTh5GoGMmSwUi+4FILSv7m62Ip 3ianQCglmdo+GLVTPooXw7KYd4NNCvBWgZHYCCwvlFBRIEoJAJnwCZXwL0X5yZREOByR mNfvoGAJSAaJ5kdT3AXQaEf7n1AFR4vPyhWH+p8PE9ST47XcomP5tiisL7LzVYU7AuNF QkojuM31FzF9xuMxjNRNAb13ea/XHQ3O+hEc/FoiSvg7TO7ZPnb2kLI/CYl9bNkgnCoi VO1Q== X-Gm-Message-State: ABy/qLZFgHKCpytK1pMUqPbeBDNsr5j0sYHIHhCgkkkZzUYWZKI1Uw0v 0gldRj6d3hpP23lGfB0Slq30PzNmVci2Nr/J X-Received: by 2002:a17:907:2711:b0:992:a85d:278b with SMTP id w17-20020a170907271100b00992a85d278bmr2274139ejk.59.1690559714482; Fri, 28 Jul 2023 08:55:14 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:14 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Ondrej Mosnacek , "GONG, Ruiqi" , linux-kernel@vger.kernel.org Subject: [PATCH v2 5/9] selinux: services: update type for number of class permissions Date: Fri, 28 Jul 2023 17:54:55 +0200 Message-Id: <20230728155501.39632-4-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772683291011165268 X-GMAIL-MSGID: 1772683291011165268 Security classes have only up to 32 permissions, hence using an u16 is sufficient (while improving padding in struct selinux_mapping). Also use a fixed sized cast in a bit shift to avoid (well defined) overflows on architectures where sizeof(unsigned int) != sizeof(u32) resulting in no bits set. Signed-off-by: Christian Göttsche --- v2: update commit description: - mention struct selinux_mapping in the padding argument (currently between the first and second member there are 2 bytes padding) - mention overflow in the cast argument and the result of setting no bits due to it --- security/selinux/ss/services.c | 6 +++--- security/selinux/ss/services.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 2c5be06fbada..cf4b87ec4a0e 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -97,7 +97,6 @@ static int selinux_set_mapping(struct policydb *pol, struct selinux_map *out_map) { u16 i, j; - unsigned k; bool print_unknown_handle = false; /* Find number of classes in the input mapping */ @@ -117,6 +116,7 @@ static int selinux_set_mapping(struct policydb *pol, while (map[j].name) { const struct security_class_mapping *p_in = map + (j++); struct selinux_mapping *p_out = out_map->mapping + j; + u16 k; /* An empty class string skips ahead */ if (!strcmp(p_in->name, "")) { @@ -202,7 +202,7 @@ static void map_decision(struct selinux_map *map, { if (tclass < map->size) { struct selinux_mapping *mapping = &map->mapping[tclass]; - unsigned int i, n = mapping->num_perms; + u16 i, n = mapping->num_perms; u32 result; for (i = 0, result = 0; i < n; i++) { @@ -230,7 +230,7 @@ static void map_decision(struct selinux_map *map, * should audit that denial */ for (; i < (sizeof(u32)*8); i++) - result |= 1<auditdeny = result; } } diff --git a/security/selinux/ss/services.h b/security/selinux/ss/services.h index ed2ee6600467..d24b0a3d198e 100644 --- a/security/selinux/ss/services.h +++ b/security/selinux/ss/services.h @@ -12,7 +12,7 @@ /* Mapping for a single class */ struct selinux_mapping { u16 value; /* policy value for class */ - unsigned int num_perms; /* number of permissions in class */ + u16 num_perms; /* number of permissions in class */ u32 perms[sizeof(u32) * 8]; /* policy values for permissions */ }; From patchwork Fri Jul 28 15:54:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 127742 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp557652vqg; Fri, 28 Jul 2023 09:39:50 -0700 (PDT) X-Google-Smtp-Source: APBJJlEK1kVLDXBMrDJHQrMMqQ3IMQpgwSIOMKGOlVE33PyiGnUBhhgCjYe9ADnTqLK7U120ZEuZ X-Received: by 2002:a05:6a20:9185:b0:131:52ce:5148 with SMTP id v5-20020a056a20918500b0013152ce5148mr2904945pzd.39.1690562389791; Fri, 28 Jul 2023 09:39:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690562389; cv=none; d=google.com; s=arc-20160816; b=N7IZ5g0Zsm8rnZjZuUssmZQRu9yGOOcd3x7z3cwAPsSV8IyA8vWhKAFVNAbNwDkGWE vX6zPoI/Qmb0nZZsIYlq54N3L5o9ksofvZje5QtK0dQagKkZjNnQz1aBVUO4sQdt+Ord fS5YTq838r+RA+oAkoN+/+hBEfILl3f6sJWZLoAZSluJmZNNm78pvyeym/YnFMkDFhf/ XxgbiEwBtkU4NS8pr5v1JLyrfkmrhTb496iuQMFYP0K+ECfliqsQMWmJWTrYgKq8BqLM qujfizppevR519JLBrufb569/lo/MdfbeUSG/NuzazUpaFRwz+kbpGCaoVMmQTit1wI3 s4AQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=/rYsK0kNMxGjYfUlP6jXFUwqPwtrROBmYtzMufSE/LU=; fh=sjCHlVvrimGgXeOVqmDIZSt8U1YM/FZwonj+dilrvLI=; b=MKIVR4w/bhpwCLB1WjkmolUZu/GJD9W+u47we3lsMzhv9P26vwjq0fU6bgobYwMVZd RYYtsMCUbq2cwvuY3E2X7dxaz9OOTlYf33TqT+U5HOxVtXZ9mhSsOENX6+KEMFdOEs0b wyQr2/AgQZGOPJDXm2aKxzrZ2agd7N+H/OTsYGXgWuxy5vsmN2k9dB8TC/hBFwlGa4Sl LksXM4PC5QMJR8w/v8rDtt++D2nUSK8qQdxlAmzfsCE/0UECaVrKC7JF6sET2e+EYgN3 B2dgiQTlaaG0HQOXiu7LHVt7VwJNi1tCuGMA9HuLfF7qycuQOMzq3pxS2IcqZFj5Uwqr 2ikA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=cCv4j1x9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id be3-20020a656e43000000b00563f02fb1a4si1160621pgb.108.2023.07.28.09.39.36; Fri, 28 Jul 2023 09:39:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=cCv4j1x9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237494AbjG1Pzx (ORCPT + 99 others); Fri, 28 Jul 2023 11:55:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42948 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235747AbjG1Pza (ORCPT ); Fri, 28 Jul 2023 11:55:30 -0400 Received: from mail-lj1-x22b.google.com (mail-lj1-x22b.google.com [IPv6:2a00:1450:4864:20::22b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2E11F4483; Fri, 28 Jul 2023 08:55:18 -0700 (PDT) Received: by mail-lj1-x22b.google.com with SMTP id 38308e7fff4ca-2b703a0453fso35210931fa.3; Fri, 28 Jul 2023 08:55:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559716; x=1691164516; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/rYsK0kNMxGjYfUlP6jXFUwqPwtrROBmYtzMufSE/LU=; b=cCv4j1x9LDD/oh2RJBveQ5h/SYR4mJpS7bFKmnTUDY9mMkXp8dXT5k9j6Ki9KXRv56 poIT6CqFn47rjK1p7wb/24bE4U+3+1QqYpmK/A8Nmau3pTmoGelqJkrWp1G5Pf8cY+K7 F++sZe8yzD25YVqz72wF0eOkCt//8o8B187z68iMovnQ/BSLtoGlvHAHXDJVNvrrrV9j 0uTYhj8/s320Zf/xvmA4k76N9Nwdh4LLA087uf6bvYmwf+wcSWQfHr4iz5vgjrHsY3ov 2mdlSLuVlrWMQfEwaeaGWHy7EQpz1dOFV6Fgx7kCztMUzAvvQlyAdt8SSYMAmYeOxcNJ vF8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559716; x=1691164516; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/rYsK0kNMxGjYfUlP6jXFUwqPwtrROBmYtzMufSE/LU=; b=IVr4dN9mBIvGoaYpwtth5Gp5Qs6pWhMx6tOlm+OAaOSqTSRUjd1q6vc4hXVtJqWu9L vc+gCXjRN1jku1wiXx+zn7KzUq5hwgTJ91xfzEhQ5RZfID+Kv0vlh14YhjAtHLgxRcz9 2IWoZVatDpbv3DRRCwLqa/Zh/yQSL6z3KPezftdOex+g8JizafIPCa9OIxmnqxTtfUU9 XFSjSUYqaFG6Klis3/vKH7vYfy0ao5IfHzy6PZnLJu9GzloieYyG88X8G0UGbO1//M9T lX8vkPJSgSrH1VpWems5b0ZmHtQff3JLjz7CsnwwOKQ3ckexCF6VfkcgqPmVVEI76//L CB1g== X-Gm-Message-State: ABy/qLYjQ0bC3KS11g5kit1M3R9ZChW4ptD6pRgMowbooK6TBECvS+PK gishxWO9R/JhVanrBem+TeWABiTazgEffyIBvCY= X-Received: by 2002:a2e:8e81:0:b0:2b9:4492:1226 with SMTP id z1-20020a2e8e81000000b002b944921226mr2325461ljk.11.1690559716318; Fri, 28 Jul 2023 08:55:16 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:15 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Ondrej Mosnacek , Casey Schaufler , Xiu Jianfeng , "GONG, Ruiqi" , linux-kernel@vger.kernel.org Subject: [PATCH v2 6/9] selinux: avoid implicit conversions in services code Date: Fri, 28 Jul 2023 17:54:56 +0200 Message-Id: <20230728155501.39632-5-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772683148649611021 X-GMAIL-MSGID: 1772683148649611021 Use u32 as the output parameter type in security_get_classes() and security_get_permissions(), based on the type of the symtab nprim member. Declare the read-only class string parameter of security_get_permissions() const. Avoid several implicit conversions by using the identical type for the destination. Use the type identical to the source for local variables. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/include/security.h | 4 ++-- security/selinux/selinuxfs.c | 7 ++++--- security/selinux/ss/services.c | 23 ++++++++++++----------- 3 files changed, 18 insertions(+), 16 deletions(-) diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 668e393a9709..074d439fe9ad 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -312,9 +312,9 @@ int security_net_peersid_resolve(u32 nlbl_sid, u32 nlbl_type, u32 *peer_sid); int security_get_classes(struct selinux_policy *policy, - char ***classes, int *nclasses); + char ***classes, u32 *nclasses); int security_get_permissions(struct selinux_policy *policy, - char *class, char ***perms, int *nperms); + const char *class, char ***perms, u32 *nperms); int security_get_reject_unknown(void); int security_get_allow_unknown(void); diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index f79e96f0f221..b969e87fd870 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -1798,7 +1798,8 @@ static int sel_make_perm_files(struct selinux_policy *newpolicy, char *objclass, int classvalue, struct dentry *dir) { - int i, rc, nperms; + u32 i, nperms; + int rc; char **perms; rc = security_get_permissions(newpolicy, objclass, &perms, &nperms); @@ -1868,8 +1869,8 @@ static int sel_make_classes(struct selinux_policy *newpolicy, struct dentry *class_dir, unsigned long *last_class_ino) { - - int rc, nclasses, i; + u32 i, nclasses; + int rc; char **classes; rc = security_get_classes(newpolicy, &classes, &nclasses); diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index cf4b87ec4a0e..3a03243f52e7 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -856,7 +856,7 @@ int security_bounded_transition(u32 old_sid, u32 new_sid) struct sidtab *sidtab; struct sidtab_entry *old_entry, *new_entry; struct type_datum *type; - int index; + u32 index; int rc; if (!selinux_initialized()) @@ -1511,7 +1511,7 @@ static int security_context_to_sid_core(const char *scontext, u32 scontext_len, return -ENOMEM; if (!selinux_initialized()) { - int i; + u32 i; for (i = 1; i < SECINITSID_NUM; i++) { const char *s = initial_sid_to_string[i]; @@ -2821,7 +2821,6 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, { struct policydb *policydb = &policy->policydb; struct sidtab *sidtab = policy->sidtab; - int len; u16 sclass; struct genfs *genfs; struct ocontext *c; @@ -2843,7 +2842,7 @@ static inline int __security_genfs_sid(struct selinux_policy *policy, return -ENOENT; for (c = genfs->head; c; c = c->next) { - len = strlen(c->u.name); + size_t len = strlen(c->u.name); if ((!c->v.sclass || sclass == c->v.sclass) && (strncmp(c->u.name, path, len) == 0)) break; @@ -3331,7 +3330,7 @@ static int get_classes_callback(void *k, void *d, void *args) { struct class_datum *datum = d; char *name = k, **classes = args; - int value = datum->value - 1; + u32 value = datum->value - 1; classes[value] = kstrdup(name, GFP_ATOMIC); if (!classes[value]) @@ -3341,7 +3340,7 @@ static int get_classes_callback(void *k, void *d, void *args) } int security_get_classes(struct selinux_policy *policy, - char ***classes, int *nclasses) + char ***classes, u32 *nclasses) { struct policydb *policydb; int rc; @@ -3357,7 +3356,8 @@ int security_get_classes(struct selinux_policy *policy, rc = hashtab_map(&policydb->p_classes.table, get_classes_callback, *classes); if (rc) { - int i; + u32 i; + for (i = 0; i < *nclasses; i++) kfree((*classes)[i]); kfree(*classes); @@ -3371,7 +3371,7 @@ static int get_permissions_callback(void *k, void *d, void *args) { struct perm_datum *datum = d; char *name = k, **perms = args; - int value = datum->value - 1; + u32 value = datum->value - 1; perms[value] = kstrdup(name, GFP_ATOMIC); if (!perms[value]) @@ -3381,10 +3381,11 @@ static int get_permissions_callback(void *k, void *d, void *args) } int security_get_permissions(struct selinux_policy *policy, - char *class, char ***perms, int *nperms) + const char *class, char ***perms, u32 *nperms) { struct policydb *policydb; - int rc, i; + u32 i; + int rc; struct class_datum *match; policydb = &policy->policydb; @@ -3599,7 +3600,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) /* Check to see if the rule contains any selinux fields */ int selinux_audit_rule_known(struct audit_krule *rule) { - int i; + u32 i; for (i = 0; i < rule->field_count; i++) { struct audit_field *f = &rule->fields[i]; From patchwork Fri Jul 28 15:54:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 127746 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp564768vqg; Fri, 28 Jul 2023 09:52:42 -0700 (PDT) X-Google-Smtp-Source: APBJJlEkppFs+GcQgKJBWS/NS4ynWDlDBJrJIFJ46jaSU3CWtSTQlhToAzyCwbswV0KKjdJDH7d1 X-Received: by 2002:a05:6a21:6da5:b0:134:73f6:5832 with SMTP id wl37-20020a056a216da500b0013473f65832mr3405764pzb.16.1690563162029; Fri, 28 Jul 2023 09:52:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690563162; cv=none; d=google.com; s=arc-20160816; b=xEPXHzWOStDQW3ETV7eh3qhyIEXiKa6sLwRd3+dwtNME20mg4EVAyr0rEp4Ff7HAwW cOTG5ibBkXUka8+5vd5kynYM/78dmjefFNbWvpbtb6khoCn/3BHP/AUrqHUlSWHmuykG UuW4Zg7L3G6S6GmUijpjHbDre86ukDJjM/p2NKU5oKJ25BZzclhcl9NYnzyE5aJmnaL4 10C/LfKWH4voJekW7m4C59LYqIPbn8Y7k09hbjgM4EIBuz0wRWh/1P49WeRRBmFsM73o omt0KnCv+hckCRkdkjeqtJOlvrmemNS81ht7T+zssktLiP9R7NkvJYrKR+rASDWjn4Vg xf3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=PpdC41+Bf2kU2Tf09u02Pdp+KuYiOkl5+Sf1RWH1VHM=; fh=QKur2PFwoLuCt27JzfZM4LabS9ldoGoSAJNPH9t/KWI=; b=fvXKobJ5iqr9PYCEsJ2Fb3G3fDJuI8WfXNB04z1RqhYF+dyle5RHY1IQtogXiBtZQU 8WBZTm9STOAaFFfeXK/TRl0MLumTzog7B68RXqyX4exghaug4VM3S5lzMdN4rzVzJ494 iwq0U5gekCme2m65uojvKY8r1vM3TIxHhMelYDfD0hVVVwf04hW9fxyQXY5rI4qv3zLS KgQhISrclMJjrfRV/M/j3ARHlXB/P9Gdm8hXpnz52wK5mZONmw9wqO0hkumSUkdOB8xD MlzXroDtiFsG9QdMhULjSZXNa0bLZL7Ksa4GJnZFrzHratPOcs7ghdmTcgdperIeHN6A r7bg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=NKiQ0jkj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j71-20020a63804a000000b00563e9eab24asi3210594pgd.405.2023.07.28.09.52.27; Fri, 28 Jul 2023 09:52:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=NKiQ0jkj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237496AbjG1Pz4 (ORCPT + 99 others); Fri, 28 Jul 2023 11:55:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42838 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235536AbjG1Pza (ORCPT ); Fri, 28 Jul 2023 11:55:30 -0400 Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 12AB444B5; Fri, 28 Jul 2023 08:55:19 -0700 (PDT) Received: by mail-ed1-x52f.google.com with SMTP id 4fb4d7f45d1cf-51e28cac164so7332524a12.1; Fri, 28 Jul 2023 08:55:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559717; x=1691164517; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=PpdC41+Bf2kU2Tf09u02Pdp+KuYiOkl5+Sf1RWH1VHM=; b=NKiQ0jkjkVDzHrPPfVGjhRPKwcRldGhM6uAhpkqxvwOGhCgzSsbZoZhu5PLrvK+4Uy QQbRpCIMvlSqIH0J3FhPj3wLansioW2hoxGalrXM3e03tuu3zx46gqI7cAImLGQxIMeS aparSlLN7xRmAeJtm76amSjRM3lefEbYnpVPpHN5i3GwxIBGoADLs77Pc5afBJh6XwcY MUb7bsc+w+tE65Y25FwWqD30PXC/LQYdMo6ZomSxCqBlLDlHBAvwFS5Cz2B37b0gt4Wq HnRlP5fLueetmeBn6FfIpoemu+XqGJ85WOJQhp/CaozpasrUPyChlFvWEx31SyCHOVIr 0KYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559717; x=1691164517; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PpdC41+Bf2kU2Tf09u02Pdp+KuYiOkl5+Sf1RWH1VHM=; b=aNOHr/7Cqf1q6eGQ/L8U6uSL0PMvg866VINX+SaxNO/ouswJliUSW6PSstTfy3wHnx B/AWCOcr3DImQl5T09jUB3StN6iitbUBgKXqIZGqWtuxTZ4acmatm1PvOfvAuQ+Ivjq5 C9nTujhW6sxTzGM9VjdDe1mu/ln9d4HYY+OLQaYAGkGvNQPXw1E2cygMlAzJaPz2WRXb WxtBmwyu/4Rtf9b0KVX+t9Q1HXaj1J7V21khvAfv9b6AeBunINsHFyMMiOc5bleC+A+z ZqGtDTXbSVZul/zlljBt2d+Eav0idyRiVJKhF5aw1+XmCj8yMu8taZzQctxR8Dfp6CMO HL1Q== X-Gm-Message-State: ABy/qLYyx+6w3N9aOxxtaEpNgebDH87fyudaFzFCq7+f4EyazIzvLLqd EwfcBcqqsKpVDcFG6N6hMrL0kEdi2v163+GB X-Received: by 2002:a17:906:5a4f:b0:997:e7d0:e26d with SMTP id my15-20020a1709065a4f00b00997e7d0e26dmr3540076ejc.4.1690559717409; Fri, 28 Jul 2023 08:55:17 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:17 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 7/9] selinux: avoid implicit conversions in selinuxfs code Date: Fri, 28 Jul 2023 17:54:57 +0200 Message-Id: <20230728155501.39632-6-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772683957963376529 X-GMAIL-MSGID: 1772683957963376529 Use umode_t as parameter type for sel_make_inode(), which assigns the value to the member i_mode of struct inode. Use identical type for loop iterator. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/selinuxfs.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index b969e87fd870..7d7931d1758e 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -97,7 +97,7 @@ static int selinux_fs_info_create(struct super_block *sb) static void selinux_fs_info_free(struct super_block *sb) { struct selinux_fs_info *fsi = sb->s_fs_info; - int i; + unsigned int i; if (fsi) { for (i = 0; i < fsi->bool_num; i++) @@ -1075,8 +1075,8 @@ static ssize_t sel_write_user(struct file *file, char *buf, size_t size) u32 sid, *sids = NULL; ssize_t length; char *newcon; - int i, rc; - u32 len, nsids; + int rc; + u32 i, len, nsids; length = avc_has_perm(current_sid(), SECINITSID_SECURITY, SECCLASS_SECURITY, SECURITY__COMPUTE_USER, @@ -1192,7 +1192,7 @@ static ssize_t sel_write_member(struct file *file, char *buf, size_t size) return length; } -static struct inode *sel_make_inode(struct super_block *sb, int mode) +static struct inode *sel_make_inode(struct super_block *sb, umode_t mode) { struct inode *ret = new_inode(sb); @@ -1613,7 +1613,6 @@ static int sel_make_avc_files(struct dentry *dir) { struct super_block *sb = dir->d_sb; struct selinux_fs_info *fsi = sb->s_fs_info; - int i; static const struct tree_descr files[] = { { "cache_threshold", &sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR }, @@ -1623,7 +1622,7 @@ static int sel_make_avc_files(struct dentry *dir) #endif }; - for (i = 0; i < ARRAY_SIZE(files); i++) { + for (u32 i = 0; i < ARRAY_SIZE(files); i++) { struct inode *inode; struct dentry *dentry; @@ -1649,7 +1648,7 @@ static int sel_make_ss_files(struct dentry *dir) { struct super_block *sb = dir->d_sb; struct selinux_fs_info *fsi = sb->s_fs_info; - int i; + u32 i; static const struct tree_descr files[] = { { "sidtab_hash_stats", &sel_sidtab_hash_stats_ops, S_IRUGO }, }; @@ -1700,7 +1699,7 @@ static const struct file_operations sel_initcon_ops = { static int sel_make_initcon_files(struct dentry *dir) { - int i; + u32 i; for (i = 1; i <= SECINITSID_NUM; i++) { struct inode *inode; From patchwork Fri Jul 28 15:54:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 127741 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp557126vqg; Fri, 28 Jul 2023 09:38:47 -0700 (PDT) X-Google-Smtp-Source: APBJJlEBhkIBGhDy8s8BXtNgq0sFM4jgSSnO/CW2r+K1pbzkPyBKNedckMmiY21wzd8VJfqK9P6M X-Received: by 2002:a05:6a20:9195:b0:13c:988c:e885 with SMTP id v21-20020a056a20919500b0013c988ce885mr1912186pzd.56.1690562327243; Fri, 28 Jul 2023 09:38:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690562327; cv=none; d=google.com; s=arc-20160816; b=YFXb6eKFDcSl3zdyj0q4BY7Pww5fGkuUOlj27ymJ8dZbEXaym9LoOclBlojHjSDMxI 5H+WBzQQ856YeYxcHjWwI6bKGeWRMAdlHlnBACuW00ClMK2M3B9OQArxd6mNhHHrnsRZ ZH+4K8Cy9MnN8mX+pa1a/pGFMF2fcl+/eXDpu/Ys+caMUd9zAXNOzUpqRxCa1krqu2OU mZX7V3KoOxNc9TGzmM7LcnwstJNz0G6Of9KfOH2GPNV+XQhHMk68/G6Jj8kLlTsIZcxG c2KhW/02GmYhQ2SiXPEDu9OrfykFsV3k6Z65M7hAIAiiGBsdBkrm1TqRn1ynHiUXSpRf qhTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=HOGEYVtk8nHyb4KSy2DKIRjavcN6aII04qx0UqqEHEg=; fh=wzzqoiy4jRPqAEB8fZSFn0KOU/wu3n0NZfveTutzhZo=; b=H3pgLUk3n8lYqC3Y07Yn7mrkv99jVc7UsvmMr2xn+oxFYA5dhgvOMXSgCUBkds+FSq r9psk9NYSDD91GcfcaHNkb+Xl+I4iwNKwZWFsvFqtDrN5XiFGYH2np7wRIF2GhhOCwjd zWTihv1ApSsfqare13TfuFKJBwc+ggmyYVywI5wAWrluITsUMu18HAjkb3409hGpItaK FTdm9nej1dmaMk+5H+8jr++vgsyaUhKbivbvm4Jg1lPm7x7v4SRSk+WS92AIbSq2kCE9 TmvI6Mm4W6vqbwJVWn9IF/gSIvNjdVkNBdVHxB0QUbA51BtE/otmNuazPXO5NPQPl/Gz izaw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=AFKxVvGA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k188-20020a633dc5000000b0053fb85dd81asi3287339pga.325.2023.07.28.09.38.34; Fri, 28 Jul 2023 09:38:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=AFKxVvGA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237252AbjG1P4K (ORCPT + 99 others); Fri, 28 Jul 2023 11:56:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43072 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236867AbjG1Pzb (ORCPT ); Fri, 28 Jul 2023 11:55:31 -0400 Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A48F84217; Fri, 28 Jul 2023 08:55:20 -0700 (PDT) Received: by mail-ej1-x633.google.com with SMTP id a640c23a62f3a-9891c73e0fbso472497366b.1; Fri, 28 Jul 2023 08:55:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559719; x=1691164519; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HOGEYVtk8nHyb4KSy2DKIRjavcN6aII04qx0UqqEHEg=; b=AFKxVvGAacA9Uj0sNWD5uRw7AnuN/Ql60mpTgHsjufEQz85PR9ABFJRd4niLRDMKD2 nXp2yHls91XYsyFcJGerm5MnsFXyLq5bdlLr87evelkOXMD4L98p8d3l7F/jxByqzkPS sr335/2G9RjfWenHx0pr1tpvQKphxZHhrVJSryZOgbcHyTUNkTaSv7WtELfn7OBcpQJu rRqUVsdWCLa1LnJ29t0bQ8vk6Ozj7Uz6ukQKIJH2r0wAc6mmoK1isoQnn2Oy9sS58Aa1 0Ivg1fDEjCA7yJh/qepU+hSo3+KHvLywOcyhXoDf9hBEGjuXzqEA/5FUmEGqPnKDleGG 5JQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559719; x=1691164519; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HOGEYVtk8nHyb4KSy2DKIRjavcN6aII04qx0UqqEHEg=; b=VNOH3hKy2EFclMh4p89+RlJUoOOgm51VaR6iwa+naoJfu08G0JSsSmOGVAp439BfCc 7LWhmJz/oWZgo7IklHvv6zZZd7xKn6AlPWGzGxstv8r+oEm8HXjOAaLdS278hY2wUlHb MLDOr9PfnzUyjavnElB5HWpVLXb4IgTIY+Lf9N/Le0BlT0O0oWdy6muev2tfjoc8O7bC KxH4ewt/7gHUv6dso+NetY10MS/9Jwvk+P5eUu4s4kIg6zpuzAGuUy7DmnKRk10uXXug ZO5wYKI/AYD+SSu/n2+CqAjZPGTmI/rFvxtTWrWJGGXIWJj0VgK8Gbl9f0x7oALOQ1TF H+Qw== X-Gm-Message-State: ABy/qLZbKeMuV506Gq3aOlTQJIsTKUgUdlkx+KLdq77RsZIELxUt8IqN xYUuuG4GIvMQO6iXIwJCtXVZgfLWNx+hqOeC X-Received: by 2002:a17:907:7f89:b0:993:e85c:4ad6 with SMTP id qk9-20020a1709077f8900b00993e85c4ad6mr7142391ejc.7.1690559718975; Fri, 28 Jul 2023 08:55:18 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:18 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , Ondrej Mosnacek , linux-kernel@vger.kernel.org Subject: [PATCH v2 8/9] selinux: policydb: implicit conversions Date: Fri, 28 Jul 2023 17:54:58 +0200 Message-Id: <20230728155501.39632-7-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772683082874402570 X-GMAIL-MSGID: 1772683082874402570 Use the identical type for local variables, e.g. loop counters. Declare members of struct policydb_compat_info unsigned to consistently use unsigned iterators. They hold read-only non-negative numbers in the global variable policydb_compat. Signed-off-by: Christian Göttsche --- v2: - avoid declarations in init-clauses of for loops - declare members of struct policydb_compat_info unsigned --- security/selinux/ss/policydb.c | 93 +++++++++++++++++++++------------- 1 file changed, 58 insertions(+), 35 deletions(-) diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index dc66868ff62c..aa2371a422af 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -55,9 +55,9 @@ static const char *const symtab_name[SYM_NUM] = { #endif struct policydb_compat_info { - int version; - int sym_num; - int ocon_num; + unsigned int version; + unsigned int sym_num; + unsigned int ocon_num; }; /* These need to be updated if SYM_NUM or OCON_NUM changes */ @@ -159,9 +159,9 @@ static const struct policydb_compat_info policydb_compat[] = { }, }; -static const struct policydb_compat_info *policydb_lookup_compat(int version) +static const struct policydb_compat_info *policydb_lookup_compat(unsigned int version) { - int i; + u32 i; for (i = 0; i < ARRAY_SIZE(policydb_compat); i++) { if (policydb_compat[i].version == version) @@ -359,7 +359,7 @@ static int role_tr_destroy(void *key, void *datum, void *p) return 0; } -static void ocontext_destroy(struct ocontext *c, int i) +static void ocontext_destroy(struct ocontext *c, u32 i) { if (!c) return; @@ -781,7 +781,7 @@ void policydb_destroy(struct policydb *p) { struct ocontext *c, *ctmp; struct genfs *g, *gtmp; - int i; + u32 i; struct role_allow *ra, *lra = NULL; for (i = 0; i < SYM_NUM; i++) { @@ -1154,8 +1154,8 @@ static int common_read(struct policydb *p, struct symtab *s, void *fp) char *key = NULL; struct common_datum *comdatum; __le32 buf[4]; - u32 len, nel; - int i, rc; + u32 i, len, nel; + int rc; comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL); if (!comdatum) @@ -1220,13 +1220,13 @@ static int type_set_read(struct type_set *t, void *fp) static int read_cons_helper(struct policydb *p, struct constraint_node **nodep, - int ncons, int allowxtarget, void *fp) + u32 ncons, int allowxtarget, void *fp) { struct constraint_node *c, *lc; struct constraint_expr *e, *le; __le32 buf[3]; - u32 nexpr; - int rc, i, j, depth; + u32 i, j, nexpr; + int rc, depth; lc = NULL; for (i = 0; i < ncons; i++) { @@ -1318,8 +1318,8 @@ static int class_read(struct policydb *p, struct symtab *s, void *fp) char *key = NULL; struct class_datum *cladatum; __le32 buf[6]; - u32 len, len2, ncons, nel; - int i, rc; + u32 i, len, len2, ncons, nel; + int rc; cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL); if (!cladatum) @@ -1412,7 +1412,8 @@ static int role_read(struct policydb *p, struct symtab *s, void *fp) { char *key = NULL; struct role_datum *role; - int rc, to_read = 2; + int rc; + unsigned int to_read = 2; __le32 buf[3]; u32 len; @@ -1468,7 +1469,8 @@ static int type_read(struct policydb *p, struct symtab *s, void *fp) { char *key = NULL; struct type_datum *typdatum; - int rc, to_read = 3; + int rc; + unsigned int to_read = 3; __le32 buf[4]; u32 len; @@ -1542,7 +1544,8 @@ static int user_read(struct policydb *p, struct symtab *s, void *fp) { char *key = NULL; struct user_datum *usrdatum; - int rc, to_read = 2; + int rc; + unsigned int to_read = 2; __le32 buf[3]; u32 len; @@ -1683,7 +1686,7 @@ static int user_bounds_sanity_check(void *key, void *datum, void *datap) upper = user = datum; while (upper->bounds) { struct ebitmap_node *node; - unsigned long bit; + u32 bit; if (++depth == POLICYDB_BOUNDS_MAXDEPTH) { pr_err("SELinux: user %s: " @@ -1719,7 +1722,7 @@ static int role_bounds_sanity_check(void *key, void *datum, void *datap) upper = role = datum; while (upper->bounds) { struct ebitmap_node *node; - unsigned long bit; + u32 bit; if (++depth == POLICYDB_BOUNDS_MAXDEPTH) { pr_err("SELinux: role %s: " @@ -1834,9 +1837,9 @@ static int range_read(struct policydb *p, void *fp) { struct range_trans *rt = NULL; struct mls_range *r = NULL; - int i, rc; + int rc; __le32 buf[2]; - u32 nel; + u32 i, nel; if (p->policyvers < POLICYDB_VERSION_MLS) return 0; @@ -2082,9 +2085,9 @@ static int filename_trans_read_helper(struct policydb *p, void *fp) static int filename_trans_read(struct policydb *p, void *fp) { - u32 nel; + u32 nel, i; __le32 buf[1]; - int rc, i; + int rc; if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS) return 0; @@ -2123,8 +2126,8 @@ static int filename_trans_read(struct policydb *p, void *fp) static int genfs_read(struct policydb *p, void *fp) { - int i, j, rc; - u32 nel, nel2, len, len2; + int rc; + u32 i, j, nel, nel2, len, len2; __le32 buf[1]; struct ocontext *l, *c; struct ocontext *newc = NULL; @@ -2237,8 +2240,9 @@ static int genfs_read(struct policydb *p, void *fp) static int ocontext_read(struct policydb *p, const struct policydb_compat_info *info, void *fp) { - int i, j, rc; - u32 nel, len; + int rc; + unsigned int i; + u32 j, nel, len, val; __be64 prefixbuf[1]; __le32 buf[3]; struct ocontext *l, *c; @@ -2299,9 +2303,27 @@ static int ocontext_read(struct policydb *p, const struct policydb_compat_info * rc = next_entry(buf, fp, sizeof(u32)*3); if (rc) goto out; - c->u.port.protocol = le32_to_cpu(buf[0]); - c->u.port.low_port = le32_to_cpu(buf[1]); - c->u.port.high_port = le32_to_cpu(buf[2]); + + rc = -EINVAL; + + val = le32_to_cpu(buf[0]); + if (val > U8_MAX) + goto out; + c->u.port.protocol = val; + + val = le32_to_cpu(buf[1]); + if (val > U16_MAX) + goto out; + c->u.port.low_port = val; + + val = le32_to_cpu(buf[2]); + if (val > U16_MAX) + goto out; + c->u.port.high_port = val; + + if (c->u.port.low_port > c->u.port.high_port) + goto out; + rc = context_read_and_validate(&c->context[0], p, fp); if (rc) goto out; @@ -2429,9 +2451,9 @@ int policydb_read(struct policydb *p, void *fp) struct role_allow *ra, *lra; struct role_trans_key *rtk = NULL; struct role_trans_datum *rtd = NULL; - int i, j, rc; + int rc; __le32 buf[4]; - u32 len, nprim, nel, perm; + u32 i, j, len, nprim, nel, perm; char *policydb_str; const struct policydb_compat_info *info; @@ -3282,7 +3304,8 @@ static int (*const write_f[SYM_NUM]) (void *key, void *datum, void *datap) = { static int ocontext_write(struct policydb *p, const struct policydb_compat_info *info, void *fp) { - unsigned int i, j, rc; + unsigned int i, j; + int rc; size_t nel, len; __be64 prefixbuf[1]; __le32 buf[3]; @@ -3631,10 +3654,10 @@ static int filename_trans_write(struct policydb *p, void *fp) */ int policydb_write(struct policydb *p, void *fp) { - unsigned int i, num_syms; int rc; + unsigned int num_syms; __le32 buf[4]; - u32 config; + u32 config, i; size_t len; const struct policydb_compat_info *info; From patchwork Fri Jul 28 15:54:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 127739 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp556720vqg; Fri, 28 Jul 2023 09:38:02 -0700 (PDT) X-Google-Smtp-Source: APBJJlHFONBGw/F418/eyxQ83Xxek/XDLi/Dd/vz4ivehfmGB94ddAgiJ1G+AF0CX04fwajjVEkn X-Received: by 2002:a05:6a21:a105:b0:133:ebf2:96da with SMTP id aq5-20020a056a21a10500b00133ebf296damr2363418pzc.41.1690562282328; Fri, 28 Jul 2023 09:38:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690562282; cv=none; d=google.com; s=arc-20160816; b=qQTFiODpZ7B+C7fTXLljjhdmpjLsRS3dNhXI3mCDRjaTGfJ9NxWf4+R38K+MYBzon4 drV1ATRi5JW8rtnvFgb592wcBK0IHsQRZrFe78N8/WMS/X/w2Log5aViH22v/tEsomY5 zbSrX0csNFt49CnECoPl7zwbKVEif8G2i+Si1rAPfbXdjNkuCNMuXZXZGLKIaX31F3rv Zwpc92S8/pxpIukPg/qy9W0yR1vu7f37HVYvvCyUWWlOmRzmSWV6kXy/Ts2Vzms/ndis c7WlgA/C41lSYySRLFvZZ9sj+MB2G7vTKOGpnzPUCkcOByqmks3A4PJDs5KSZ3hzR/ai zAEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=EPHbKlNohEyT6fHekCE2tm7ibKK+fjaWchkmGqjYMrs=; fh=QKur2PFwoLuCt27JzfZM4LabS9ldoGoSAJNPH9t/KWI=; b=TDFvfzdcHNG7oFtsWyZ2HIp2RgpTewWTWzHukIEt/tIGOeltPsCmktFTA0V+cqXy7d Ells3VkoVDrOuwufSZ/LoWlYpNuf6K3SNmtGzqrVJX74l23TA9w59ZuNfjrlY6O6LTbK lXwwz0UiWzd4F1EYHVSZ2IMGy0ybZyAQ/S/623AXFqGmFlm4iZfHzfH1/HNesA/vc6RT ZciGZlvt08yWnhekk2bRIHth9uowMYoRk1jqShFYWU8jw3yS2EWqCPPpY3uTbTujMDzh oPkB9lUsdiLHrhTMQ8tIeGgzd1Hfa409krtXAp2N3iy6ZrFX+TtX15TnjZ91kx7iD2b5 t/Uw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=nRseK7z6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k188-20020a633dc5000000b0053fb85dd81asi3287339pga.325.2023.07.28.09.37.48; Fri, 28 Jul 2023 09:38:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20221208 header.b=nRseK7z6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237378AbjG1P4C (ORCPT + 99 others); Fri, 28 Jul 2023 11:56:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42964 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236430AbjG1Pzb (ORCPT ); Fri, 28 Jul 2023 11:55:31 -0400 Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9B138421B; Fri, 28 Jul 2023 08:55:21 -0700 (PDT) Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-9922d6f003cso328691566b.0; Fri, 28 Jul 2023 08:55:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1690559720; x=1691164520; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=EPHbKlNohEyT6fHekCE2tm7ibKK+fjaWchkmGqjYMrs=; b=nRseK7z65pCewXQfBxUb9pU4jiS+a1bz8h14DsuF3KLRf9Kq8QFUEnBH8kLrdtQmSQ 2jWf39AwJjxUQQ6SMKQo8HICYrdEtgMpR8OQdAigEOgsFtSlxYAyjbm6IViTbFiY7siS jtGjVgBc14MwEl9imJxJQtov1PUzh8jT/Dup52LUK9io/dXU+1JkoRVdD+PBhPtD+EwP 4iK8oa4xn6aHMGsbWr4edP8dbLoq+hkCEB/WErSf8laR0GxSgTJamVXnKDe+cPLd0Kh3 ONfZ8vs4DBdTQbIyp+hT5lCHJ2gta2Zs0+prif/VbtH2EWGirCEDBh8VtBCihY88gbFC JzVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1690559720; x=1691164520; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EPHbKlNohEyT6fHekCE2tm7ibKK+fjaWchkmGqjYMrs=; b=Vo0qCHp+04t2vJ8QfUu9QxwWk32rZ9Wfx0uzVuCT52OflK/mv/hAmZbFW1hW/vcD/d 1sHWpl2po7biyInWV0xebFSYIsHBi6d+nKKvbKC06LtV1gy4xL/GL+8YpMU4ZeBGzVut 3yfU/PoqA5VMqPvJrY9QunJ8bao7C7HLp3YQEOzALDZwagrB9HlCsTX4qh9W68JMV2fu /NrfynJCmA+/0xkwqPYmXZukEKS5mfEe414PIN/G/TMN8SDaOCq1hEF31p8HlqxyNzgu ZlG7ZC7V4Q/iufnHE5xDAgdcFYg14U0IW7VyU3SiHU5oF4XnL+YKAGdbYHlPzPwiv2Hr rNaQ== X-Gm-Message-State: ABy/qLb22miU8LVtdIEf6J7fIRkhvU4R7NY+HSxpC6VYg8mKOStwk8fP b2pFVzJzZS2DDFRv9pfODZ1VODai8i005v9j X-Received: by 2002:a17:906:31db:b0:993:d88e:41ed with SMTP id f27-20020a17090631db00b00993d88e41edmr2757566ejf.3.1690559720100; Fri, 28 Jul 2023 08:55:20 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-077-000-157-016.77.0.pool.telefonica.de. [77.0.157.16]) by smtp.gmail.com with ESMTPSA id f5-20020a1709064dc500b0098669cc16b2sm2198345ejw.83.2023.07.28.08.55.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Jul 2023 08:55:19 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Cc: Paul Moore , Stephen Smalley , Eric Paris , linux-kernel@vger.kernel.org Subject: [PATCH v2 9/9] selinux: avoid implicit conversion in nlmsgtab code Date: Fri, 28 Jul 2023 17:54:59 +0200 Message-Id: <20230728155501.39632-8-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230728155501.39632-1-cgzones@googlemail.com> References: <20230728155501.39632-1-cgzones@googlemail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772683035870537838 X-GMAIL-MSGID: 1772683035870537838 Use an unsigned type as loop iterator. Signed-off-by: Christian Göttsche --- v2: avoid declarations in init-clauses of for loops --- security/selinux/nlmsgtab.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c index 2ee7b4ed43ef..2f8fab949633 100644 --- a/security/selinux/nlmsgtab.c +++ b/security/selinux/nlmsgtab.c @@ -153,7 +153,8 @@ static const struct nlmsg_perm nlmsg_audit_perms[] = { static int nlmsg_perm(u16 nlmsg_type, u32 *perm, const struct nlmsg_perm *tab, size_t tabsize) { - int i, err = -EINVAL; + u32 i; + int err = -EINVAL; for (i = 0; i < tabsize/sizeof(struct nlmsg_perm); i++) if (nlmsg_type == tab[i].nlmsg_type) {