Discussion:
[PATCH] selinux: Fix bool initialization/comparison
Thomas Meyer
2017-10-07 14:02:21 UTC
Permalink
Bool initializations should use true and false. Bool tests don't need
comparisons.

Signed-off-by: Thomas Meyer <***@m3y3r.de>
---

diff -u -p a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -550,7 +550,7 @@ int mls_compute_sid(struct context *scon

/* Fallthrough */
case AVTAB_CHANGE:
- if ((tclass == policydb.process_class) || (sock == true))
+ if ((tclass == policydb.process_class) || (sock))
/* Use the process MLS attributes. */
return mls_context_cpy(newcontext, scontext);
else
diff -u -p a/security/selinux/ss/services.c b/security/selinux/ss/services.c
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1656,7 +1656,7 @@ static int security_compute_sid(u32 ssid
} else if (cladatum && cladatum->default_role == DEFAULT_TARGET) {
newcontext.role = tcontext->role;
} else {
- if ((tclass == policydb.process_class) || (sock == true))
+ if ((tclass == policydb.process_class) || (sock))
newcontext.role = scontext->role;
else
newcontext.role = OBJECT_R_VAL;
@@ -1668,7 +1668,7 @@ static int security_compute_sid(u32 ssid
} else if (cladatum && cladatum->default_type == DEFAULT_TARGET) {
newcontext.type = tcontext->type;
} else {
- if ((tclass == policydb.process_class) || (sock == true)) {
+ if ((tclass == policydb.process_class) || (sock)) {
/* Use the type of process. */
newcontext.type = scontext->type;
} else {
Casey Schaufler
2017-10-10 23:17:45 UTC
Permalink
Post by Thomas Meyer
Bool initializations should use true and false. Bool tests don't need
comparisons.
---
diff -u -p a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -550,7 +550,7 @@ int mls_compute_sid(struct context *scon
/* Fallthrough */
- if ((tclass == policydb.process_class) || (sock == true))
+ if ((tclass == policydb.process_class) || (sock))
bool tests don't need parentheses, either.

+ if ((tclass == policydb.process_class) || sock)
Post by Thomas Meyer
/* Use the process MLS attributes. */
return mls_context_cpy(newcontext, scontext);
else
diff -u -p a/security/selinux/ss/services.c b/security/selinux/ss/services.c
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1656,7 +1656,7 @@ static int security_compute_sid(u32 ssid
} else if (cladatum && cladatum->default_role == DEFAULT_TARGET) {
newcontext.role = tcontext->role;
} else {
- if ((tclass == policydb.process_class) || (sock == true))
+ if ((tclass == policydb.process_class) || (sock))
Likewise
Post by Thomas Meyer
newcontext.role = scontext->role;
else
newcontext.role = OBJECT_R_VAL;
@@ -1668,7 +1668,7 @@ static int security_compute_sid(u32 ssid
} else if (cladatum && cladatum->default_type == DEFAULT_TARGET) {
newcontext.type = tcontext->type;
} else {
- if ((tclass == policydb.process_class) || (sock == true)) {
+ if ((tclass == policydb.process_class) || (sock)) {
On more time.
Post by Thomas Meyer
/* Use the type of process. */
newcontext.type = scontext->type;
} else {
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
More majordomo info at http://vger.kernel.org/majordomo-info.html
Casey Schaufler
2017-10-10 23:19:46 UTC
Permalink
Post by Thomas Meyer
Bool initializations should use true and false. Bool tests don't need
comparisons.
---
diff -u -p a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -550,7 +550,7 @@ int mls_compute_sid(struct context *scon
/* Fallthrough */
- if ((tclass == policydb.process_class) || (sock == true))
+ if ((tclass == policydb.process_class) || (sock))
How about

+ if ((tclass == policydb.process_class) || sock)
Post by Thomas Meyer
/* Use the process MLS attributes. */
return mls_context_cpy(newcontext, scontext);
else
diff -u -p a/security/selinux/ss/services.c b/security/selinux/ss/services.c
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1656,7 +1656,7 @@ static int security_compute_sid(u32 ssid
} else if (cladatum && cladatum->default_role == DEFAULT_TARGET) {
newcontext.role = tcontext->role;
} else {
- if ((tclass == policydb.process_class) || (sock == true))
+ if ((tclass == policydb.process_class) || (sock))
Excessive ()
Post by Thomas Meyer
newcontext.role = scontext->role;
else
newcontext.role = OBJECT_R_VAL;
@@ -1668,7 +1668,7 @@ static int security_compute_sid(u32 ssid
} else if (cladatum && cladatum->default_type == DEFAULT_TARGET) {
newcontext.type = tcontext->type;
} else {
- if ((tclass == policydb.process_class) || (sock == true)) {
+ if ((tclass == policydb.process_class) || (sock)) {
Excessive ()
Post by Thomas Meyer
/* Use the type of process. */
newcontext.type = scontext->type;
} else {
Paul Moore
2017-10-13 22:40:21 UTC
Permalink
Post by Casey Schaufler
Post by Thomas Meyer
Bool initializations should use true and false. Bool tests don't need
comparisons.
---
Hi Thomas,

Thank you for submitting this patch, but it really doesn't add any
value to the SELinux code so I'm not going to merge it at this time.
If you would like to contribute to SELinux there are a number of
issues open on our GitHub page that you could look into resolving,
those patches would be very welcome.

* https://github.com/SELinuxProject

-Paul
Post by Casey Schaufler
Post by Thomas Meyer
diff -u -p a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -550,7 +550,7 @@ int mls_compute_sid(struct context *scon
/* Fallthrough */
- if ((tclass == policydb.process_class) || (sock == true))
+ if ((tclass == policydb.process_class) || (sock))
How about
+ if ((tclass == policydb.process_class) || sock)
Post by Thomas Meyer
/* Use the process MLS attributes. */
return mls_context_cpy(newcontext, scontext);
else
diff -u -p a/security/selinux/ss/services.c b/security/selinux/ss/services.c
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1656,7 +1656,7 @@ static int security_compute_sid(u32 ssid
} else if (cladatum && cladatum->default_role == DEFAULT_TARGET) {
newcontext.role = tcontext->role;
} else {
- if ((tclass == policydb.process_class) || (sock == true))
+ if ((tclass == policydb.process_class) || (sock))
Excessive ()
Post by Thomas Meyer
newcontext.role = scontext->role;
else
newcontext.role = OBJECT_R_VAL;
@@ -1668,7 +1668,7 @@ static int security_compute_sid(u32 ssid
} else if (cladatum && cladatum->default_type == DEFAULT_TARGET) {
newcontext.type = tcontext->type;
} else {
- if ((tclass == policydb.process_class) || (sock == true)) {
+ if ((tclass == policydb.process_class) || (sock)) {
Excessive ()
Post by Thomas Meyer
/* Use the type of process. */
newcontext.type = scontext->type;
} else {
--
paul moore
www.paul-moore.com
Loading...