* [PATCH] tree-wide: replace last occurrences of security_context_t
@ 2020-03-23 18:31 Christian Göttsche
2020-03-23 19:58 ` Roberts, William C
0 siblings, 1 reply; 3+ messages in thread
From: Christian Göttsche @ 2020-03-23 18:31 UTC (permalink / raw)
To: selinux
Follow-up of: 9eb9c9327563014ad6a807814e7975424642d5b9 ("Get rid of security_context_t and fix const declarations.")
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
mcstrans/src/mcscolor.c | 8 +++---
mcstrans/src/mcstrans.c | 12 ++++-----
mcstrans/src/mcstrans.h | 4 +--
mcstrans/src/mcstransd.c | 6 ++---
mcstrans/utils/transcon.c | 2 +-
mcstrans/utils/untranscon.c | 2 +-
policycoreutils/newrole/newrole.c | 40 ++++++++++++++---------------
policycoreutils/run_init/run_init.c | 4 +--
policycoreutils/secon/secon.c | 19 +++++++-------
sandbox/seunshare.c | 10 ++++----
10 files changed, 54 insertions(+), 53 deletions(-)
diff --git a/mcstrans/src/mcscolor.c b/mcstrans/src/mcscolor.c
index 4ee0db50..a3838850 100644
--- a/mcstrans/src/mcscolor.c
+++ b/mcstrans/src/mcscolor.c
@@ -44,7 +44,7 @@ static setab_t *clist[N_COLOR];
static setab_t *cend[N_COLOR];
static semnemonic_t *mnemonics;
-static security_context_t my_context;
+static char *my_context;
void finish_context_colors(void) {
setab_t *cur, *next;
@@ -76,7 +76,7 @@ void finish_context_colors(void) {
}
static int check_dominance(const char *pattern, const char *raw) {
- security_context_t ctx;
+ char *ctx;
context_t con;
struct av_decision avd;
int rc = -1;
@@ -109,7 +109,7 @@ static int check_dominance(const char *pattern, const char *raw) {
if (!raw)
goto out;
- rc = security_compute_av_raw(ctx, (security_context_t)raw, context_class, context_contains_perm, &avd);
+ rc = security_compute_av_raw(ctx, raw, context_class, context_contains_perm, &avd);
if (rc)
goto out;
@@ -282,7 +282,7 @@ static int parse_components(context_t con, char **components) {
/* Look up colors.
*/
-int raw_color(const security_context_t raw, char **color_str) {
+int raw_color(const char *raw, char **color_str) {
#define CHARS_PER_COLOR 16
context_t con;
uint32_t i, j, mask = 0;
diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c
index 96bdbdff..4a073ca4 100644
--- a/mcstrans/src/mcstrans.c
+++ b/mcstrans/src/mcstrans.c
@@ -7,8 +7,8 @@
int init_translations(void);
void finish_context_translations(void);
- int trans_context(const security_context_t, security_context_t *);
- int untrans_context(const security_context_t, security_context_t *);
+ int trans_context(const char *, char **);
+ int untrans_context(const char *, char **);
*/
@@ -888,7 +888,7 @@ init_translations(void) {
}
char *
-extract_range(const security_context_t incon) {
+extract_range(const char *incon) {
context_t con = context_new(incon);
if (!con) {
syslog(LOG_ERR, "extract_range context_new(%s) failed: %s", incon, strerror(errno));
@@ -911,7 +911,7 @@ extract_range(const security_context_t incon) {
}
char *
-new_context_str(const security_context_t incon, const char *range) {
+new_context_str(const char *incon, const char *range) {
char *rcon = NULL;
context_t con = context_new(incon);
if (!con) {
@@ -1489,7 +1489,7 @@ err:
}
int
-trans_context(const security_context_t incon, security_context_t *rcon) {
+trans_context(const char *incon, char **rcon) {
char *trans = NULL;
*rcon = NULL;
@@ -1612,7 +1612,7 @@ trans_context(const security_context_t incon, security_context_t *rcon) {
}
int
-untrans_context(const security_context_t incon, security_context_t *rcon) {
+untrans_context(const char *incon, char **rcon) {
char *raw = NULL;
*rcon = NULL;
diff --git a/mcstrans/src/mcstrans.h b/mcstrans/src/mcstrans.h
index a2f68c18..e5cda93b 100644
--- a/mcstrans/src/mcstrans.h
+++ b/mcstrans/src/mcstrans.h
@@ -4,6 +4,6 @@
extern int init_translations(void);
extern void finish_context_translations(void);
-extern int trans_context(const security_context_t, security_context_t *);
-extern int untrans_context(const security_context_t, security_context_t *);
+extern int trans_context(const char *, char **);
+extern int untrans_context(const char *, char **);
diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c
index 85899493..07c052fd 100644
--- a/mcstrans/src/mcstransd.c
+++ b/mcstrans/src/mcstransd.c
@@ -45,12 +45,12 @@
extern int init_translations(void);
extern void finish_context_translations(void);
-extern int trans_context(const security_context_t, security_context_t *);
-extern int untrans_context(const security_context_t, security_context_t *);
+extern int trans_context(const char *, char **);
+extern int untrans_context(const char *, char **);
extern int init_colors(void);
extern void finish_context_colors(void);
-extern int raw_color(const security_context_t, char **);
+extern int raw_color(const char *, char **);
#define SETRANSD_PATHNAME "/sbin/mcstransd"
diff --git a/mcstrans/utils/transcon.c b/mcstrans/utils/transcon.c
index f4ded53e..4bf1bd56 100644
--- a/mcstrans/utils/transcon.c
+++ b/mcstrans/utils/transcon.c
@@ -14,7 +14,7 @@ static __attribute__((__noreturn__)) void usage(const char *progname)
}
int main(int argc, char **argv) {
- security_context_t scon;
+ char *scon;
if ( argc != 2 ) usage(argv[0]);
if (init_translations()==0) {
if(trans_context(argv[1],&scon) == 0) {
diff --git a/mcstrans/utils/untranscon.c b/mcstrans/utils/untranscon.c
index 85cea294..81668746 100644
--- a/mcstrans/utils/untranscon.c
+++ b/mcstrans/utils/untranscon.c
@@ -13,7 +13,7 @@ static __attribute__((__noreturn__)) void usage(const char *progname)
exit(1);
}
int main(int argc, char **argv) {
- security_context_t scon;
+ char *scon;
if ( argc != 2 ) usage(argv[0]);
if (init_translations()==0) {
if(untrans_context(argv[1],&scon) == 0) {
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
index e70051b1..36e2ba9c 100644
--- a/policycoreutils/newrole/newrole.c
+++ b/policycoreutils/newrole/newrole.c
@@ -643,8 +643,8 @@ static int transition_to_caller_uid()
#ifdef AUDIT_LOG_PRIV
/* Send audit message */
static
-int send_audit_message(int success, security_context_t old_context,
- security_context_t new_context, const char *ttyn)
+int send_audit_message(int success, const char *old_context,
+ const char *new_context, const char *ttyn)
{
char *msg = NULL;
int rc;
@@ -677,9 +677,9 @@ int send_audit_message(int success, security_context_t old_context,
#else
static inline
int send_audit_message(int success __attribute__ ((unused)),
- security_context_t old_context
+ const char *old_context
__attribute__ ((unused)),
- security_context_t new_context
+ const char *new_context
__attribute__ ((unused)), const char *ttyn
__attribute__ ((unused)))
{
@@ -695,14 +695,14 @@ static inline
* This function will not fail if it can not relabel the tty when selinux is
* in permissive mode.
*/
-static int relabel_tty(const char *ttyn, security_context_t new_context,
- security_context_t * tty_context,
- security_context_t * new_tty_context)
+static int relabel_tty(const char *ttyn, const char *new_context,
+ char **tty_context,
+ char **new_tty_context)
{
int fd, rc;
int enforcing = security_getenforce();
- security_context_t tty_con = NULL;
- security_context_t new_tty_con = NULL;
+ char *tty_con = NULL;
+ char *new_tty_con = NULL;
if (!ttyn)
return 0;
@@ -775,11 +775,11 @@ static int relabel_tty(const char *ttyn, security_context_t new_context,
* Returns zero on success, non-zero otherwise
*/
static int restore_tty_label(int fd, const char *ttyn,
- security_context_t tty_context,
- security_context_t new_tty_context)
+ const char *tty_context,
+ const char *new_tty_context)
{
int rc = 0;
- security_context_t chk_tty_context = NULL;
+ char *chk_tty_context = NULL;
if (!ttyn)
goto skip_relabel;
@@ -816,8 +816,8 @@ static int restore_tty_label(int fd, const char *ttyn,
* Returns zero on success, non-zero otherwise.
*/
static int parse_command_line_arguments(int argc, char **argv, char *ttyn,
- security_context_t old_context,
- security_context_t * new_context,
+ const char *old_context,
+ char **new_context,
int *preserve_environment)
{
int flag_index; /* flag index in argv[] */
@@ -827,8 +827,8 @@ static int parse_command_line_arguments(int argc, char **argv, char *ttyn,
char *type_ptr = NULL; /* stores malloc'd data from get_default_type */
char *level_s = NULL; /* level spec'd by user in argv[] */
char *range_ptr = NULL;
- security_context_t new_con = NULL;
- security_context_t tty_con = NULL;
+ char *new_con = NULL;
+ char *tty_con = NULL;
context_t context = NULL; /* manipulatable form of new_context */
const struct option long_options[] = {
{"role", 1, 0, 'r'},
@@ -1021,10 +1021,10 @@ static int set_signal_handles(void)
int main(int argc, char *argv[])
{
- security_context_t new_context = NULL; /* target security context */
- security_context_t old_context = NULL; /* original securiy context */
- security_context_t tty_context = NULL; /* current context of tty */
- security_context_t new_tty_context = NULL; /* new context of tty */
+ char *new_context = NULL; /* target security context */
+ char *old_context = NULL; /* original securiy context */
+ char *tty_context = NULL; /* current context of tty */
+ char *new_tty_context = NULL; /* new context of tty */
struct passwd pw; /* struct derived from passwd file line */
char *ttyn = NULL; /* tty path */
diff --git a/policycoreutils/run_init/run_init.c b/policycoreutils/run_init/run_init.c
index a007ce49..1c5eb68e 100644
--- a/policycoreutils/run_init/run_init.c
+++ b/policycoreutils/run_init/run_init.c
@@ -303,7 +303,7 @@ int authenticate_user(void)
* out: The CONTEXT associated with the context.
* return: 0 on success, -1 on failure.
*/
-int get_init_context(security_context_t * context)
+int get_init_context(char **context)
{
FILE *fp;
@@ -354,7 +354,7 @@ int main(int argc, char *argv[])
extern char *optarg; /* used by getopt() for arg strings */
extern int opterr; /* controls getopt() error messages */
- security_context_t new_context; /* context for the init script context */
+ char *new_context; /* context for the init script context */
#ifdef USE_NLS
setlocale(LC_ALL, "");
diff --git a/policycoreutils/secon/secon.c b/policycoreutils/secon/secon.c
index 477057a6..d257a9a1 100644
--- a/policycoreutils/secon/secon.c
+++ b/policycoreutils/secon/secon.c
@@ -341,7 +341,7 @@ static void cmd_line(int argc, char *argv[])
errx(EXIT_FAILURE, "SELinux is not enabled");
}
-static int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val)
+static int my_getXcon_raw(pid_t pid, char **con, const char *val)
{
char buf[4096];
FILE *fp = NULL;
@@ -371,23 +371,23 @@ static int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val)
return (0);
}
-static int my_getpidexeccon_raw(pid_t pid, security_context_t * con)
+static int my_getpidexeccon_raw(pid_t pid, char **con)
{
return (my_getXcon_raw(pid, con, "exec"));
}
-static int my_getpidfscreatecon_raw(pid_t pid, security_context_t * con)
+static int my_getpidfscreatecon_raw(pid_t pid, char **con)
{
return (my_getXcon_raw(pid, con, "fscreate"));
}
-static int my_getpidkeycreatecon_raw(pid_t pid, security_context_t * con)
+static int my_getpidkeycreatecon_raw(pid_t pid, char **con)
{
return (my_getXcon_raw(pid, con, "keycreate"));
}
-static security_context_t get_scon(void)
+static char *get_scon(void)
{
static char dummy_NIL[1] = "";
- security_context_t con = NULL, con_tmp;
+ char *con = NULL, *con_tmp;
int ret = -1;
switch (opts->from_type) {
@@ -620,9 +620,10 @@ static void disp__con_val(const char *name, const char *val,
done = TRUE;
}
-static void disp_con(security_context_t scon_raw)
+static void disp_con(const char *scon_raw)
{
- security_context_t scon_trans, scon;
+ char *scon_trans;
+ const char *scon;
context_t con = NULL;
char *color_str = NULL;
struct context_color_t color = { .valid = 0 };
@@ -748,7 +749,7 @@ static void disp_con(security_context_t scon_raw)
int main(int argc, char *argv[])
{
- security_context_t scon_raw = NULL;
+ char *scon_raw = NULL;
cmd_line(argc, argv);
diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c
index 9707a456..d626e98d 100644
--- a/sandbox/seunshare.c
+++ b/sandbox/seunshare.c
@@ -431,13 +431,13 @@ static int cleanup_tmpdir(const char *tmpdir, const char *src,
* to clean it up.
*/
static char *create_tmpdir(const char *src, struct stat *src_st,
- struct stat *out_st, struct passwd *pwd, security_context_t execcon)
+ struct stat *out_st, struct passwd *pwd, const char *execcon)
{
char *tmpdir = NULL;
char *cmdbuf = NULL;
int fd_t = -1, fd_s = -1;
struct stat tmp_st;
- security_context_t con = NULL;
+ char *con = NULL;
/* get selinux context */
if (execcon) {
@@ -549,10 +549,10 @@ good:
#define PROC_BASE "/proc"
static int
-killall (security_context_t execcon)
+killall (const char *execcon)
{
DIR *dir;
- security_context_t scon;
+ char *scon;
struct dirent *de;
pid_t *pid_table, pid, self;
int i;
@@ -615,7 +615,7 @@ killall (security_context_t execcon)
int main(int argc, char **argv) {
int status = -1;
- security_context_t execcon = NULL;
+ const char *execcon = NULL;
int clflag; /* holds codes for command line flags */
int kill_all = 0;
--
2.26.0.rc2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* RE: [PATCH] tree-wide: replace last occurrences of security_context_t
2020-03-23 18:31 [PATCH] tree-wide: replace last occurrences of security_context_t Christian Göttsche
@ 2020-03-23 19:58 ` Roberts, William C
2020-03-25 14:55 ` William Roberts
0 siblings, 1 reply; 3+ messages in thread
From: Roberts, William C @ 2020-03-23 19:58 UTC (permalink / raw)
To: Christian Göttsche, selinux
> -----Original Message-----
> From: selinux-owner@vger.kernel.org [mailto:selinux-owner@vger.kernel.org]
> On Behalf Of Christian Göttsche
> Sent: Monday, March 23, 2020 1:32 PM
> To: selinux@vger.kernel.org
> Subject: [PATCH] tree-wide: replace last occurrences of security_context_t
>
> Follow-up of: 9eb9c9327563014ad6a807814e7975424642d5b9 ("Get rid of
> security_context_t and fix const declarations.")
>
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
> ---
> mcstrans/src/mcscolor.c | 8 +++---
> mcstrans/src/mcstrans.c | 12 ++++-----
> mcstrans/src/mcstrans.h | 4 +--
> mcstrans/src/mcstransd.c | 6 ++---
> mcstrans/utils/transcon.c | 2 +-
> mcstrans/utils/untranscon.c | 2 +-
> policycoreutils/newrole/newrole.c | 40 ++++++++++++++---------------
> policycoreutils/run_init/run_init.c | 4 +--
> policycoreutils/secon/secon.c | 19 +++++++-------
> sandbox/seunshare.c | 10 ++++----
> 10 files changed, 54 insertions(+), 53 deletions(-)
>
> diff --git a/mcstrans/src/mcscolor.c b/mcstrans/src/mcscolor.c index
> 4ee0db50..a3838850 100644
> --- a/mcstrans/src/mcscolor.c
> +++ b/mcstrans/src/mcscolor.c
> @@ -44,7 +44,7 @@ static setab_t *clist[N_COLOR]; static setab_t
> *cend[N_COLOR]; static semnemonic_t *mnemonics;
>
> -static security_context_t my_context;
> +static char *my_context;
>
> void finish_context_colors(void) {
> setab_t *cur, *next;
> @@ -76,7 +76,7 @@ void finish_context_colors(void) { }
>
> static int check_dominance(const char *pattern, const char *raw) {
> - security_context_t ctx;
> + char *ctx;
> context_t con;
> struct av_decision avd;
> int rc = -1;
> @@ -109,7 +109,7 @@ static int check_dominance(const char *pattern, const
> char *raw) {
> if (!raw)
> goto out;
>
> - rc = security_compute_av_raw(ctx, (security_context_t)raw,
> context_class, context_contains_perm, &avd);
> + rc = security_compute_av_raw(ctx, raw, context_class,
> +context_contains_perm, &avd);
> if (rc)
> goto out;
>
> @@ -282,7 +282,7 @@ static int parse_components(context_t con, char
> **components) {
>
> /* Look up colors.
> */
> -int raw_color(const security_context_t raw, char **color_str) {
> +int raw_color(const char *raw, char **color_str) {
> #define CHARS_PER_COLOR 16
> context_t con;
> uint32_t i, j, mask = 0;
> diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c index
> 96bdbdff..4a073ca4 100644
> --- a/mcstrans/src/mcstrans.c
> +++ b/mcstrans/src/mcstrans.c
> @@ -7,8 +7,8 @@
>
> int init_translations(void);
> void finish_context_translations(void);
> - int trans_context(const security_context_t, security_context_t *);
> - int untrans_context(const security_context_t, security_context_t *);
> + int trans_context(const char *, char **); int untrans_context(const
> + char *, char **);
>
> */
>
> @@ -888,7 +888,7 @@ init_translations(void) { }
>
> char *
> -extract_range(const security_context_t incon) {
> +extract_range(const char *incon) {
> context_t con = context_new(incon);
> if (!con) {
> syslog(LOG_ERR, "extract_range context_new(%s) failed: %s",
> incon, strerror(errno)); @@ -911,7 +911,7 @@ extract_range(const
> security_context_t incon) { }
>
> char *
> -new_context_str(const security_context_t incon, const char *range) {
> +new_context_str(const char *incon, const char *range) {
> char *rcon = NULL;
> context_t con = context_new(incon);
> if (!con) {
> @@ -1489,7 +1489,7 @@ err:
> }
>
> int
> -trans_context(const security_context_t incon, security_context_t *rcon) {
> +trans_context(const char *incon, char **rcon) {
> char *trans = NULL;
> *rcon = NULL;
>
> @@ -1612,7 +1612,7 @@ trans_context(const security_context_t incon,
> security_context_t *rcon) { }
>
> int
> -untrans_context(const security_context_t incon, security_context_t *rcon) {
> +untrans_context(const char *incon, char **rcon) {
> char *raw = NULL;
> *rcon = NULL;
>
> diff --git a/mcstrans/src/mcstrans.h b/mcstrans/src/mcstrans.h index
> a2f68c18..e5cda93b 100644
> --- a/mcstrans/src/mcstrans.h
> +++ b/mcstrans/src/mcstrans.h
> @@ -4,6 +4,6 @@
>
> extern int init_translations(void);
> extern void finish_context_translations(void);
> -extern int trans_context(const security_context_t, security_context_t *); -
> extern int untrans_context(const security_context_t, security_context_t *);
> +extern int trans_context(const char *, char **); extern int
> +untrans_context(const char *, char **);
>
> diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c index
> 85899493..07c052fd 100644
> --- a/mcstrans/src/mcstransd.c
> +++ b/mcstrans/src/mcstransd.c
> @@ -45,12 +45,12 @@
>
> extern int init_translations(void);
> extern void finish_context_translations(void);
> -extern int trans_context(const security_context_t, security_context_t *); -
> extern int untrans_context(const security_context_t, security_context_t *);
> +extern int trans_context(const char *, char **); extern int
> +untrans_context(const char *, char **);
>
> extern int init_colors(void);
> extern void finish_context_colors(void); -extern int raw_color(const
> security_context_t, char **);
> +extern int raw_color(const char *, char **);
>
> #define SETRANSD_PATHNAME "/sbin/mcstransd"
>
> diff --git a/mcstrans/utils/transcon.c b/mcstrans/utils/transcon.c index
> f4ded53e..4bf1bd56 100644
> --- a/mcstrans/utils/transcon.c
> +++ b/mcstrans/utils/transcon.c
> @@ -14,7 +14,7 @@ static __attribute__((__noreturn__)) void usage(const char
> *progname) }
>
> int main(int argc, char **argv) {
> - security_context_t scon;
> + char *scon;
> if ( argc != 2 ) usage(argv[0]);
> if (init_translations()==0) {
> if(trans_context(argv[1],&scon) == 0) { diff --git
> a/mcstrans/utils/untranscon.c b/mcstrans/utils/untranscon.c index
> 85cea294..81668746 100644
> --- a/mcstrans/utils/untranscon.c
> +++ b/mcstrans/utils/untranscon.c
> @@ -13,7 +13,7 @@ static __attribute__((__noreturn__)) void usage(const char
> *progname)
> exit(1);
> }
> int main(int argc, char **argv) {
> - security_context_t scon;
> + char *scon;
> if ( argc != 2 ) usage(argv[0]);
> if (init_translations()==0) {
> if(untrans_context(argv[1],&scon) == 0) { diff --git
> a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
> index e70051b1..36e2ba9c 100644
> --- a/policycoreutils/newrole/newrole.c
> +++ b/policycoreutils/newrole/newrole.c
> @@ -643,8 +643,8 @@ static int transition_to_caller_uid() #ifdef
> AUDIT_LOG_PRIV
> /* Send audit message */
> static
> -int send_audit_message(int success, security_context_t old_context,
> - security_context_t new_context, const char *ttyn)
> +int send_audit_message(int success, const char *old_context,
> + const char *new_context, const char *ttyn)
> {
> char *msg = NULL;
> int rc;
> @@ -677,9 +677,9 @@ int send_audit_message(int success, security_context_t
> old_context, #else static inline
> int send_audit_message(int success __attribute__ ((unused)),
> - security_context_t old_context
> + const char *old_context
> __attribute__ ((unused)),
> - security_context_t new_context
> + const char *new_context
> __attribute__ ((unused)), const char *ttyn
> __attribute__ ((unused)))
> {
> @@ -695,14 +695,14 @@ static inline
> * This function will not fail if it can not relabel the tty when selinux is
> * in permissive mode.
> */
> -static int relabel_tty(const char *ttyn, security_context_t new_context,
> - security_context_t * tty_context,
> - security_context_t * new_tty_context)
> +static int relabel_tty(const char *ttyn, const char *new_context,
> + char **tty_context,
> + char **new_tty_context)
> {
> int fd, rc;
> int enforcing = security_getenforce();
> - security_context_t tty_con = NULL;
> - security_context_t new_tty_con = NULL;
> + char *tty_con = NULL;
> + char *new_tty_con = NULL;
>
> if (!ttyn)
> return 0;
> @@ -775,11 +775,11 @@ static int relabel_tty(const char *ttyn,
> security_context_t new_context,
> * Returns zero on success, non-zero otherwise
> */
> static int restore_tty_label(int fd, const char *ttyn,
> - security_context_t tty_context,
> - security_context_t new_tty_context)
> + const char *tty_context,
> + const char *new_tty_context)
> {
> int rc = 0;
> - security_context_t chk_tty_context = NULL;
> + char *chk_tty_context = NULL;
>
> if (!ttyn)
> goto skip_relabel;
> @@ -816,8 +816,8 @@ static int restore_tty_label(int fd, const char *ttyn,
> * Returns zero on success, non-zero otherwise.
> */
> static int parse_command_line_arguments(int argc, char **argv, char *ttyn,
> - security_context_t old_context,
> - security_context_t * new_context,
> + const char *old_context,
> + char **new_context,
> int *preserve_environment)
> {
> int flag_index; /* flag index in argv[] */
> @@ -827,8 +827,8 @@ static int parse_command_line_arguments(int argc, char
> **argv, char *ttyn,
> char *type_ptr = NULL; /* stores malloc'd data from get_default_type */
> char *level_s = NULL; /* level spec'd by user in argv[] */
> char *range_ptr = NULL;
> - security_context_t new_con = NULL;
> - security_context_t tty_con = NULL;
> + char *new_con = NULL;
> + char *tty_con = NULL;
> context_t context = NULL; /* manipulatable form of new_context */
> const struct option long_options[] = {
> {"role", 1, 0, 'r'},
> @@ -1021,10 +1021,10 @@ static int set_signal_handles(void)
>
> int main(int argc, char *argv[])
> {
> - security_context_t new_context = NULL; /* target security context
> */
> - security_context_t old_context = NULL; /* original securiy context
> */
> - security_context_t tty_context = NULL; /* current context of tty
> */
> - security_context_t new_tty_context = NULL; /* new context of tty */
> + char *new_context = NULL; /* target security context */
> + char *old_context = NULL; /* original securiy context */
> + char *tty_context = NULL; /* current context of tty */
> + char *new_tty_context = NULL; /* new context of tty */
>
> struct passwd pw; /* struct derived from passwd file line */
> char *ttyn = NULL; /* tty path */
> diff --git a/policycoreutils/run_init/run_init.c b/policycoreutils/run_init/run_init.c
> index a007ce49..1c5eb68e 100644
> --- a/policycoreutils/run_init/run_init.c
> +++ b/policycoreutils/run_init/run_init.c
> @@ -303,7 +303,7 @@ int authenticate_user(void)
> * out: The CONTEXT associated with the context.
> * return: 0 on success, -1 on failure.
> */
> -int get_init_context(security_context_t * context)
> +int get_init_context(char **context)
> {
>
> FILE *fp;
> @@ -354,7 +354,7 @@ int main(int argc, char *argv[])
>
> extern char *optarg; /* used by getopt() for arg strings */
> extern int opterr; /* controls getopt() error messages */
> - security_context_t new_context; /* context for the init script
> context */
> + char *new_context; /* context for the init script context */
>
> #ifdef USE_NLS
> setlocale(LC_ALL, "");
> diff --git a/policycoreutils/secon/secon.c b/policycoreutils/secon/secon.c index
> 477057a6..d257a9a1 100644
> --- a/policycoreutils/secon/secon.c
> +++ b/policycoreutils/secon/secon.c
> @@ -341,7 +341,7 @@ static void cmd_line(int argc, char *argv[])
> errx(EXIT_FAILURE, "SELinux is not enabled"); }
>
> -static int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val)
> +static int my_getXcon_raw(pid_t pid, char **con, const char *val)
> {
> char buf[4096];
> FILE *fp = NULL;
> @@ -371,23 +371,23 @@ static int my_getXcon_raw(pid_t pid,
> security_context_t * con, const char *val)
> return (0);
> }
>
> -static int my_getpidexeccon_raw(pid_t pid, security_context_t * con)
> +static int my_getpidexeccon_raw(pid_t pid, char **con)
> {
> return (my_getXcon_raw(pid, con, "exec")); } -static int
> my_getpidfscreatecon_raw(pid_t pid, security_context_t * con)
> +static int my_getpidfscreatecon_raw(pid_t pid, char **con)
> {
> return (my_getXcon_raw(pid, con, "fscreate")); } -static int
> my_getpidkeycreatecon_raw(pid_t pid, security_context_t * con)
> +static int my_getpidkeycreatecon_raw(pid_t pid, char **con)
> {
> return (my_getXcon_raw(pid, con, "keycreate")); }
>
> -static security_context_t get_scon(void)
> +static char *get_scon(void)
> {
> static char dummy_NIL[1] = "";
> - security_context_t con = NULL, con_tmp;
> + char *con = NULL, *con_tmp;
> int ret = -1;
>
> switch (opts->from_type) {
> @@ -620,9 +620,10 @@ static void disp__con_val(const char *name, const char
> *val,
> done = TRUE;
> }
>
> -static void disp_con(security_context_t scon_raw)
> +static void disp_con(const char *scon_raw)
> {
> - security_context_t scon_trans, scon;
> + char *scon_trans;
> + const char *scon;
> context_t con = NULL;
> char *color_str = NULL;
> struct context_color_t color = { .valid = 0 }; @@ -748,7 +749,7 @@ static
> void disp_con(security_context_t scon_raw)
>
> int main(int argc, char *argv[])
> {
> - security_context_t scon_raw = NULL;
> + char *scon_raw = NULL;
>
> cmd_line(argc, argv);
>
> diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c index
> 9707a456..d626e98d 100644
> --- a/sandbox/seunshare.c
> +++ b/sandbox/seunshare.c
> @@ -431,13 +431,13 @@ static int cleanup_tmpdir(const char *tmpdir, const char
> *src,
> * to clean it up.
> */
> static char *create_tmpdir(const char *src, struct stat *src_st,
> - struct stat *out_st, struct passwd *pwd, security_context_t execcon)
> + struct stat *out_st, struct passwd *pwd, const char *execcon)
> {
> char *tmpdir = NULL;
> char *cmdbuf = NULL;
> int fd_t = -1, fd_s = -1;
> struct stat tmp_st;
> - security_context_t con = NULL;
> + char *con = NULL;
>
> /* get selinux context */
> if (execcon) {
> @@ -549,10 +549,10 @@ good:
> #define PROC_BASE "/proc"
>
> static int
> -killall (security_context_t execcon)
> +killall (const char *execcon)
> {
> DIR *dir;
> - security_context_t scon;
> + char *scon;
> struct dirent *de;
> pid_t *pid_table, pid, self;
> int i;
> @@ -615,7 +615,7 @@ killall (security_context_t execcon)
>
> int main(int argc, char **argv) {
> int status = -1;
> - security_context_t execcon = NULL;
> + const char *execcon = NULL;
>
> int clflag; /* holds codes for command line flags */
> int kill_all = 0;
> --
> 2.26.0.rc2
Nice, I also see you also made updates to correct const * issues with the
Existing API like, for example, like send_audit_message().
Acked-by: William Roberts <william.c.roberts@intel.com>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] tree-wide: replace last occurrences of security_context_t
2020-03-23 19:58 ` Roberts, William C
@ 2020-03-25 14:55 ` William Roberts
0 siblings, 0 replies; 3+ messages in thread
From: William Roberts @ 2020-03-25 14:55 UTC (permalink / raw)
To: Roberts, William C; +Cc: Christian Göttsche, selinux
On Mon, Mar 23, 2020 at 3:00 PM Roberts, William C
<william.c.roberts@intel.com> wrote:
>
>
>
> > -----Original Message-----
> > From: selinux-owner@vger.kernel.org [mailto:selinux-owner@vger.kernel.org]
> > On Behalf Of Christian Göttsche
> > Sent: Monday, March 23, 2020 1:32 PM
> > To: selinux@vger.kernel.org
> > Subject: [PATCH] tree-wide: replace last occurrences of security_context_t
> >
> > Follow-up of: 9eb9c9327563014ad6a807814e7975424642d5b9 ("Get rid of
> > security_context_t and fix const declarations.")
> >
> > Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
> > ---
> > mcstrans/src/mcscolor.c | 8 +++---
> > mcstrans/src/mcstrans.c | 12 ++++-----
> > mcstrans/src/mcstrans.h | 4 +--
> > mcstrans/src/mcstransd.c | 6 ++---
> > mcstrans/utils/transcon.c | 2 +-
> > mcstrans/utils/untranscon.c | 2 +-
> > policycoreutils/newrole/newrole.c | 40 ++++++++++++++---------------
> > policycoreutils/run_init/run_init.c | 4 +--
> > policycoreutils/secon/secon.c | 19 +++++++-------
> > sandbox/seunshare.c | 10 ++++----
> > 10 files changed, 54 insertions(+), 53 deletions(-)
> >
> > diff --git a/mcstrans/src/mcscolor.c b/mcstrans/src/mcscolor.c index
> > 4ee0db50..a3838850 100644
> > --- a/mcstrans/src/mcscolor.c
> > +++ b/mcstrans/src/mcscolor.c
> > @@ -44,7 +44,7 @@ static setab_t *clist[N_COLOR]; static setab_t
> > *cend[N_COLOR]; static semnemonic_t *mnemonics;
> >
> > -static security_context_t my_context;
> > +static char *my_context;
> >
> > void finish_context_colors(void) {
> > setab_t *cur, *next;
> > @@ -76,7 +76,7 @@ void finish_context_colors(void) { }
> >
> > static int check_dominance(const char *pattern, const char *raw) {
> > - security_context_t ctx;
> > + char *ctx;
> > context_t con;
> > struct av_decision avd;
> > int rc = -1;
> > @@ -109,7 +109,7 @@ static int check_dominance(const char *pattern, const
> > char *raw) {
> > if (!raw)
> > goto out;
> >
> > - rc = security_compute_av_raw(ctx, (security_context_t)raw,
> > context_class, context_contains_perm, &avd);
> > + rc = security_compute_av_raw(ctx, raw, context_class,
> > +context_contains_perm, &avd);
> > if (rc)
> > goto out;
> >
> > @@ -282,7 +282,7 @@ static int parse_components(context_t con, char
> > **components) {
> >
> > /* Look up colors.
> > */
> > -int raw_color(const security_context_t raw, char **color_str) {
> > +int raw_color(const char *raw, char **color_str) {
> > #define CHARS_PER_COLOR 16
> > context_t con;
> > uint32_t i, j, mask = 0;
> > diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c index
> > 96bdbdff..4a073ca4 100644
> > --- a/mcstrans/src/mcstrans.c
> > +++ b/mcstrans/src/mcstrans.c
> > @@ -7,8 +7,8 @@
> >
> > int init_translations(void);
> > void finish_context_translations(void);
> > - int trans_context(const security_context_t, security_context_t *);
> > - int untrans_context(const security_context_t, security_context_t *);
> > + int trans_context(const char *, char **); int untrans_context(const
> > + char *, char **);
> >
> > */
> >
> > @@ -888,7 +888,7 @@ init_translations(void) { }
> >
> > char *
> > -extract_range(const security_context_t incon) {
> > +extract_range(const char *incon) {
> > context_t con = context_new(incon);
> > if (!con) {
> > syslog(LOG_ERR, "extract_range context_new(%s) failed: %s",
> > incon, strerror(errno)); @@ -911,7 +911,7 @@ extract_range(const
> > security_context_t incon) { }
> >
> > char *
> > -new_context_str(const security_context_t incon, const char *range) {
> > +new_context_str(const char *incon, const char *range) {
> > char *rcon = NULL;
> > context_t con = context_new(incon);
> > if (!con) {
> > @@ -1489,7 +1489,7 @@ err:
> > }
> >
> > int
> > -trans_context(const security_context_t incon, security_context_t *rcon) {
> > +trans_context(const char *incon, char **rcon) {
> > char *trans = NULL;
> > *rcon = NULL;
> >
> > @@ -1612,7 +1612,7 @@ trans_context(const security_context_t incon,
> > security_context_t *rcon) { }
> >
> > int
> > -untrans_context(const security_context_t incon, security_context_t *rcon) {
> > +untrans_context(const char *incon, char **rcon) {
> > char *raw = NULL;
> > *rcon = NULL;
> >
> > diff --git a/mcstrans/src/mcstrans.h b/mcstrans/src/mcstrans.h index
> > a2f68c18..e5cda93b 100644
> > --- a/mcstrans/src/mcstrans.h
> > +++ b/mcstrans/src/mcstrans.h
> > @@ -4,6 +4,6 @@
> >
> > extern int init_translations(void);
> > extern void finish_context_translations(void);
> > -extern int trans_context(const security_context_t, security_context_t *); -
> > extern int untrans_context(const security_context_t, security_context_t *);
> > +extern int trans_context(const char *, char **); extern int
> > +untrans_context(const char *, char **);
> >
> > diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c index
> > 85899493..07c052fd 100644
> > --- a/mcstrans/src/mcstransd.c
> > +++ b/mcstrans/src/mcstransd.c
> > @@ -45,12 +45,12 @@
> >
> > extern int init_translations(void);
> > extern void finish_context_translations(void);
> > -extern int trans_context(const security_context_t, security_context_t *); -
> > extern int untrans_context(const security_context_t, security_context_t *);
> > +extern int trans_context(const char *, char **); extern int
> > +untrans_context(const char *, char **);
> >
> > extern int init_colors(void);
> > extern void finish_context_colors(void); -extern int raw_color(const
> > security_context_t, char **);
> > +extern int raw_color(const char *, char **);
> >
> > #define SETRANSD_PATHNAME "/sbin/mcstransd"
> >
> > diff --git a/mcstrans/utils/transcon.c b/mcstrans/utils/transcon.c index
> > f4ded53e..4bf1bd56 100644
> > --- a/mcstrans/utils/transcon.c
> > +++ b/mcstrans/utils/transcon.c
> > @@ -14,7 +14,7 @@ static __attribute__((__noreturn__)) void usage(const char
> > *progname) }
> >
> > int main(int argc, char **argv) {
> > - security_context_t scon;
> > + char *scon;
> > if ( argc != 2 ) usage(argv[0]);
> > if (init_translations()==0) {
> > if(trans_context(argv[1],&scon) == 0) { diff --git
> > a/mcstrans/utils/untranscon.c b/mcstrans/utils/untranscon.c index
> > 85cea294..81668746 100644
> > --- a/mcstrans/utils/untranscon.c
> > +++ b/mcstrans/utils/untranscon.c
> > @@ -13,7 +13,7 @@ static __attribute__((__noreturn__)) void usage(const char
> > *progname)
> > exit(1);
> > }
> > int main(int argc, char **argv) {
> > - security_context_t scon;
> > + char *scon;
> > if ( argc != 2 ) usage(argv[0]);
> > if (init_translations()==0) {
> > if(untrans_context(argv[1],&scon) == 0) { diff --git
> > a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
> > index e70051b1..36e2ba9c 100644
> > --- a/policycoreutils/newrole/newrole.c
> > +++ b/policycoreutils/newrole/newrole.c
> > @@ -643,8 +643,8 @@ static int transition_to_caller_uid() #ifdef
> > AUDIT_LOG_PRIV
> > /* Send audit message */
> > static
> > -int send_audit_message(int success, security_context_t old_context,
> > - security_context_t new_context, const char *ttyn)
> > +int send_audit_message(int success, const char *old_context,
> > + const char *new_context, const char *ttyn)
> > {
> > char *msg = NULL;
> > int rc;
> > @@ -677,9 +677,9 @@ int send_audit_message(int success, security_context_t
> > old_context, #else static inline
> > int send_audit_message(int success __attribute__ ((unused)),
> > - security_context_t old_context
> > + const char *old_context
> > __attribute__ ((unused)),
> > - security_context_t new_context
> > + const char *new_context
> > __attribute__ ((unused)), const char *ttyn
> > __attribute__ ((unused)))
> > {
> > @@ -695,14 +695,14 @@ static inline
> > * This function will not fail if it can not relabel the tty when selinux is
> > * in permissive mode.
> > */
> > -static int relabel_tty(const char *ttyn, security_context_t new_context,
> > - security_context_t * tty_context,
> > - security_context_t * new_tty_context)
> > +static int relabel_tty(const char *ttyn, const char *new_context,
> > + char **tty_context,
> > + char **new_tty_context)
> > {
> > int fd, rc;
> > int enforcing = security_getenforce();
> > - security_context_t tty_con = NULL;
> > - security_context_t new_tty_con = NULL;
> > + char *tty_con = NULL;
> > + char *new_tty_con = NULL;
> >
> > if (!ttyn)
> > return 0;
> > @@ -775,11 +775,11 @@ static int relabel_tty(const char *ttyn,
> > security_context_t new_context,
> > * Returns zero on success, non-zero otherwise
> > */
> > static int restore_tty_label(int fd, const char *ttyn,
> > - security_context_t tty_context,
> > - security_context_t new_tty_context)
> > + const char *tty_context,
> > + const char *new_tty_context)
> > {
> > int rc = 0;
> > - security_context_t chk_tty_context = NULL;
> > + char *chk_tty_context = NULL;
> >
> > if (!ttyn)
> > goto skip_relabel;
> > @@ -816,8 +816,8 @@ static int restore_tty_label(int fd, const char *ttyn,
> > * Returns zero on success, non-zero otherwise.
> > */
> > static int parse_command_line_arguments(int argc, char **argv, char *ttyn,
> > - security_context_t old_context,
> > - security_context_t * new_context,
> > + const char *old_context,
> > + char **new_context,
> > int *preserve_environment)
> > {
> > int flag_index; /* flag index in argv[] */
> > @@ -827,8 +827,8 @@ static int parse_command_line_arguments(int argc, char
> > **argv, char *ttyn,
> > char *type_ptr = NULL; /* stores malloc'd data from get_default_type */
> > char *level_s = NULL; /* level spec'd by user in argv[] */
> > char *range_ptr = NULL;
> > - security_context_t new_con = NULL;
> > - security_context_t tty_con = NULL;
> > + char *new_con = NULL;
> > + char *tty_con = NULL;
> > context_t context = NULL; /* manipulatable form of new_context */
> > const struct option long_options[] = {
> > {"role", 1, 0, 'r'},
> > @@ -1021,10 +1021,10 @@ static int set_signal_handles(void)
> >
> > int main(int argc, char *argv[])
> > {
> > - security_context_t new_context = NULL; /* target security context
> > */
> > - security_context_t old_context = NULL; /* original securiy context
> > */
> > - security_context_t tty_context = NULL; /* current context of tty
> > */
> > - security_context_t new_tty_context = NULL; /* new context of tty */
> > + char *new_context = NULL; /* target security context */
> > + char *old_context = NULL; /* original securiy context */
> > + char *tty_context = NULL; /* current context of tty */
> > + char *new_tty_context = NULL; /* new context of tty */
> >
> > struct passwd pw; /* struct derived from passwd file line */
> > char *ttyn = NULL; /* tty path */
> > diff --git a/policycoreutils/run_init/run_init.c b/policycoreutils/run_init/run_init.c
> > index a007ce49..1c5eb68e 100644
> > --- a/policycoreutils/run_init/run_init.c
> > +++ b/policycoreutils/run_init/run_init.c
> > @@ -303,7 +303,7 @@ int authenticate_user(void)
> > * out: The CONTEXT associated with the context.
> > * return: 0 on success, -1 on failure.
> > */
> > -int get_init_context(security_context_t * context)
> > +int get_init_context(char **context)
> > {
> >
> > FILE *fp;
> > @@ -354,7 +354,7 @@ int main(int argc, char *argv[])
> >
> > extern char *optarg; /* used by getopt() for arg strings */
> > extern int opterr; /* controls getopt() error messages */
> > - security_context_t new_context; /* context for the init script
> > context */
> > + char *new_context; /* context for the init script context */
> >
> > #ifdef USE_NLS
> > setlocale(LC_ALL, "");
> > diff --git a/policycoreutils/secon/secon.c b/policycoreutils/secon/secon.c index
> > 477057a6..d257a9a1 100644
> > --- a/policycoreutils/secon/secon.c
> > +++ b/policycoreutils/secon/secon.c
> > @@ -341,7 +341,7 @@ static void cmd_line(int argc, char *argv[])
> > errx(EXIT_FAILURE, "SELinux is not enabled"); }
> >
> > -static int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val)
> > +static int my_getXcon_raw(pid_t pid, char **con, const char *val)
> > {
> > char buf[4096];
> > FILE *fp = NULL;
> > @@ -371,23 +371,23 @@ static int my_getXcon_raw(pid_t pid,
> > security_context_t * con, const char *val)
> > return (0);
> > }
> >
> > -static int my_getpidexeccon_raw(pid_t pid, security_context_t * con)
> > +static int my_getpidexeccon_raw(pid_t pid, char **con)
> > {
> > return (my_getXcon_raw(pid, con, "exec")); } -static int
> > my_getpidfscreatecon_raw(pid_t pid, security_context_t * con)
> > +static int my_getpidfscreatecon_raw(pid_t pid, char **con)
> > {
> > return (my_getXcon_raw(pid, con, "fscreate")); } -static int
> > my_getpidkeycreatecon_raw(pid_t pid, security_context_t * con)
> > +static int my_getpidkeycreatecon_raw(pid_t pid, char **con)
> > {
> > return (my_getXcon_raw(pid, con, "keycreate")); }
> >
> > -static security_context_t get_scon(void)
> > +static char *get_scon(void)
> > {
> > static char dummy_NIL[1] = "";
> > - security_context_t con = NULL, con_tmp;
> > + char *con = NULL, *con_tmp;
> > int ret = -1;
> >
> > switch (opts->from_type) {
> > @@ -620,9 +620,10 @@ static void disp__con_val(const char *name, const char
> > *val,
> > done = TRUE;
> > }
> >
> > -static void disp_con(security_context_t scon_raw)
> > +static void disp_con(const char *scon_raw)
> > {
> > - security_context_t scon_trans, scon;
> > + char *scon_trans;
> > + const char *scon;
> > context_t con = NULL;
> > char *color_str = NULL;
> > struct context_color_t color = { .valid = 0 }; @@ -748,7 +749,7 @@ static
> > void disp_con(security_context_t scon_raw)
> >
> > int main(int argc, char *argv[])
> > {
> > - security_context_t scon_raw = NULL;
> > + char *scon_raw = NULL;
> >
> > cmd_line(argc, argv);
> >
> > diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c index
> > 9707a456..d626e98d 100644
> > --- a/sandbox/seunshare.c
> > +++ b/sandbox/seunshare.c
> > @@ -431,13 +431,13 @@ static int cleanup_tmpdir(const char *tmpdir, const char
> > *src,
> > * to clean it up.
> > */
> > static char *create_tmpdir(const char *src, struct stat *src_st,
> > - struct stat *out_st, struct passwd *pwd, security_context_t execcon)
> > + struct stat *out_st, struct passwd *pwd, const char *execcon)
> > {
> > char *tmpdir = NULL;
> > char *cmdbuf = NULL;
> > int fd_t = -1, fd_s = -1;
> > struct stat tmp_st;
> > - security_context_t con = NULL;
> > + char *con = NULL;
> >
> > /* get selinux context */
> > if (execcon) {
> > @@ -549,10 +549,10 @@ good:
> > #define PROC_BASE "/proc"
> >
> > static int
> > -killall (security_context_t execcon)
> > +killall (const char *execcon)
> > {
> > DIR *dir;
> > - security_context_t scon;
> > + char *scon;
> > struct dirent *de;
> > pid_t *pid_table, pid, self;
> > int i;
> > @@ -615,7 +615,7 @@ killall (security_context_t execcon)
> >
> > int main(int argc, char **argv) {
> > int status = -1;
> > - security_context_t execcon = NULL;
> > + const char *execcon = NULL;
> >
> > int clflag; /* holds codes for command line flags */
> > int kill_all = 0;
> > --
> > 2.26.0.rc2
>
> Nice, I also see you also made updates to correct const * issues with the
> Existing API like, for example, like send_audit_message().
>
> Acked-by: William Roberts <william.c.roberts@intel.com>
Merged: https://github.com/SELinuxProject/selinux/pull/212
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-03-25 14:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-23 18:31 [PATCH] tree-wide: replace last occurrences of security_context_t Christian Göttsche
2020-03-23 19:58 ` Roberts, William C
2020-03-25 14:55 ` William Roberts
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).