SELinux: conditional.c whitespace, syntax, and static declaraction cleanups
This patch changes conditional.c to fix whitespace and syntax issues. Things that are fixed may include (does not not have to include) whitespace at end of lines spaces followed by tabs spaces used instead of tabs spacing around parenthesis locateion of { around struct and else clauses location of * in pointer declarations removal of initialization of static data to keep it in the right section useless {} in if statemetns useless checking for NULL before kfree fixing of the indentation depth of switch statements and any number of other things I forgot to mention Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Родитель
eb5df9a7ae
Коммит
7c2b240ef2
|
@ -1,9 +1,9 @@
|
||||||
/* Authors: Karl MacMillan <kmacmillan@tresys.com>
|
/* Authors: Karl MacMillan <kmacmillan@tresys.com>
|
||||||
* Frank Mayer <mayerf@tresys.com>
|
* Frank Mayer <mayerf@tresys.com>
|
||||||
*
|
*
|
||||||
* Copyright (C) 2003 - 2004 Tresys Technology, LLC
|
* Copyright (C) 2003 - 2004 Tresys Technology, LLC
|
||||||
* This program is free software; you can redistribute it and/or modify
|
* This program is free software; you can redistribute it and/or modify
|
||||||
* it under the terms of the GNU General Public License as published by
|
* it under the terms of the GNU General Public License as published by
|
||||||
* the Free Software Foundation, version 2.
|
* the Free Software Foundation, version 2.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
@ -90,7 +90,7 @@ static int cond_evaluate_expr(struct policydb *p, struct cond_expr *expr)
|
||||||
int evaluate_cond_node(struct policydb *p, struct cond_node *node)
|
int evaluate_cond_node(struct policydb *p, struct cond_node *node)
|
||||||
{
|
{
|
||||||
int new_state;
|
int new_state;
|
||||||
struct cond_av_list* cur;
|
struct cond_av_list *cur;
|
||||||
|
|
||||||
new_state = cond_evaluate_expr(p, node->expr);
|
new_state = cond_evaluate_expr(p, node->expr);
|
||||||
if (new_state != node->cur_state) {
|
if (new_state != node->cur_state) {
|
||||||
|
@ -99,20 +99,18 @@ int evaluate_cond_node(struct policydb *p, struct cond_node *node)
|
||||||
printk(KERN_ERR "SELinux: expression result was undefined - disabling all rules.\n");
|
printk(KERN_ERR "SELinux: expression result was undefined - disabling all rules.\n");
|
||||||
/* turn the rules on or off */
|
/* turn the rules on or off */
|
||||||
for (cur = node->true_list; cur != NULL; cur = cur->next) {
|
for (cur = node->true_list; cur != NULL; cur = cur->next) {
|
||||||
if (new_state <= 0) {
|
if (new_state <= 0)
|
||||||
cur->node->key.specified &= ~AVTAB_ENABLED;
|
cur->node->key.specified &= ~AVTAB_ENABLED;
|
||||||
} else {
|
else
|
||||||
cur->node->key.specified |= AVTAB_ENABLED;
|
cur->node->key.specified |= AVTAB_ENABLED;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
for (cur = node->false_list; cur != NULL; cur = cur->next) {
|
for (cur = node->false_list; cur != NULL; cur = cur->next) {
|
||||||
/* -1 or 1 */
|
/* -1 or 1 */
|
||||||
if (new_state) {
|
if (new_state)
|
||||||
cur->node->key.specified &= ~AVTAB_ENABLED;
|
cur->node->key.specified &= ~AVTAB_ENABLED;
|
||||||
} else {
|
else
|
||||||
cur->node->key.specified |= AVTAB_ENABLED;
|
cur->node->key.specified |= AVTAB_ENABLED;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -174,8 +172,8 @@ void cond_policydb_destroy(struct policydb *p)
|
||||||
int cond_init_bool_indexes(struct policydb *p)
|
int cond_init_bool_indexes(struct policydb *p)
|
||||||
{
|
{
|
||||||
kfree(p->bool_val_to_struct);
|
kfree(p->bool_val_to_struct);
|
||||||
p->bool_val_to_struct = (struct cond_bool_datum**)
|
p->bool_val_to_struct = (struct cond_bool_datum **)
|
||||||
kmalloc(p->p_bools.nprim * sizeof(struct cond_bool_datum*), GFP_KERNEL);
|
kmalloc(p->p_bools.nprim * sizeof(struct cond_bool_datum *), GFP_KERNEL);
|
||||||
if (!p->bool_val_to_struct)
|
if (!p->bool_val_to_struct)
|
||||||
return -1;
|
return -1;
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -200,7 +198,7 @@ int cond_index_bool(void *key, void *datum, void *datap)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
p->p_bool_val_to_name[booldatum->value - 1] = key;
|
p->p_bool_val_to_name[booldatum->value - 1] = key;
|
||||||
p->bool_val_to_struct[booldatum->value -1] = booldatum;
|
p->bool_val_to_struct[booldatum->value - 1] = booldatum;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -252,8 +250,7 @@ err:
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
struct cond_insertf_data
|
struct cond_insertf_data {
|
||||||
{
|
|
||||||
struct policydb *p;
|
struct policydb *p;
|
||||||
struct cond_av_list *other;
|
struct cond_av_list *other;
|
||||||
struct cond_av_list *head;
|
struct cond_av_list *head;
|
||||||
|
@ -353,9 +350,8 @@ static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list *
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
len = le32_to_cpu(buf[0]);
|
len = le32_to_cpu(buf[0]);
|
||||||
if (len == 0) {
|
if (len == 0)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
|
||||||
|
|
||||||
data.p = p;
|
data.p = p;
|
||||||
data.other = other;
|
data.other = other;
|
||||||
|
@ -408,15 +404,14 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp)
|
||||||
/* expr */
|
/* expr */
|
||||||
len = le32_to_cpu(buf[0]);
|
len = le32_to_cpu(buf[0]);
|
||||||
|
|
||||||
for (i = 0; i < len; i++ ) {
|
for (i = 0; i < len; i++) {
|
||||||
rc = next_entry(buf, fp, sizeof(u32) * 2);
|
rc = next_entry(buf, fp, sizeof(u32) * 2);
|
||||||
if (rc < 0)
|
if (rc < 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
expr = kzalloc(sizeof(struct cond_expr), GFP_KERNEL);
|
expr = kzalloc(sizeof(struct cond_expr), GFP_KERNEL);
|
||||||
if (!expr) {
|
if (!expr)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
|
||||||
|
|
||||||
expr->expr_type = le32_to_cpu(buf[0]);
|
expr->expr_type = le32_to_cpu(buf[0]);
|
||||||
expr->bool = le32_to_cpu(buf[1]);
|
expr->bool = le32_to_cpu(buf[1]);
|
||||||
|
@ -426,11 +421,10 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp)
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (i == 0) {
|
if (i == 0)
|
||||||
node->expr = expr;
|
node->expr = expr;
|
||||||
} else {
|
else
|
||||||
last->next = expr;
|
last->next = expr;
|
||||||
}
|
|
||||||
last = expr;
|
last = expr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -469,11 +463,10 @@ int cond_read_list(struct policydb *p, void *fp)
|
||||||
if (cond_read_node(p, node, fp) != 0)
|
if (cond_read_node(p, node, fp) != 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
if (i == 0) {
|
if (i == 0)
|
||||||
p->cond_list = node;
|
p->cond_list = node;
|
||||||
} else {
|
else
|
||||||
last->next = node;
|
last->next = node;
|
||||||
}
|
|
||||||
last = node;
|
last = node;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -490,24 +483,24 @@ void cond_compute_av(struct avtab *ctab, struct avtab_key *key, struct av_decisi
|
||||||
{
|
{
|
||||||
struct avtab_node *node;
|
struct avtab_node *node;
|
||||||
|
|
||||||
if(!ctab || !key || !avd)
|
if (!ctab || !key || !avd)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
for(node = avtab_search_node(ctab, key); node != NULL;
|
for (node = avtab_search_node(ctab, key); node != NULL;
|
||||||
node = avtab_search_node_next(node, key->specified)) {
|
node = avtab_search_node_next(node, key->specified)) {
|
||||||
if ( (u16) (AVTAB_ALLOWED|AVTAB_ENABLED) ==
|
if ((u16)(AVTAB_ALLOWED|AVTAB_ENABLED) ==
|
||||||
(node->key.specified & (AVTAB_ALLOWED|AVTAB_ENABLED)))
|
(node->key.specified & (AVTAB_ALLOWED|AVTAB_ENABLED)))
|
||||||
avd->allowed |= node->datum.data;
|
avd->allowed |= node->datum.data;
|
||||||
if ( (u16) (AVTAB_AUDITDENY|AVTAB_ENABLED) ==
|
if ((u16)(AVTAB_AUDITDENY|AVTAB_ENABLED) ==
|
||||||
(node->key.specified & (AVTAB_AUDITDENY|AVTAB_ENABLED)))
|
(node->key.specified & (AVTAB_AUDITDENY|AVTAB_ENABLED)))
|
||||||
/* Since a '0' in an auditdeny mask represents a
|
/* Since a '0' in an auditdeny mask represents a
|
||||||
* permission we do NOT want to audit (dontaudit), we use
|
* permission we do NOT want to audit (dontaudit), we use
|
||||||
* the '&' operand to ensure that all '0's in the mask
|
* the '&' operand to ensure that all '0's in the mask
|
||||||
* are retained (much unlike the allow and auditallow cases).
|
* are retained (much unlike the allow and auditallow cases).
|
||||||
*/
|
*/
|
||||||
avd->auditdeny &= node->datum.data;
|
avd->auditdeny &= node->datum.data;
|
||||||
if ( (u16) (AVTAB_AUDITALLOW|AVTAB_ENABLED) ==
|
if ((u16)(AVTAB_AUDITALLOW|AVTAB_ENABLED) ==
|
||||||
(node->key.specified & (AVTAB_AUDITALLOW|AVTAB_ENABLED)))
|
(node->key.specified & (AVTAB_AUDITALLOW|AVTAB_ENABLED)))
|
||||||
avd->auditallow |= node->datum.data;
|
avd->auditallow |= node->datum.data;
|
||||||
}
|
}
|
||||||
return;
|
return;
|
||||||
|
|
Загрузка…
Ссылка в новой задаче