From: Ondrej Mosnacek <omosnace@redhat.com>
To: James Carter <jwcart2@gmail.com>
Cc: SElinux list <selinux@vger.kernel.org>
Subject: Re: [RFC PATCH userspace 4/5] libsemanage: optionally rebuild policy when modules are changed externally
Date: Fri, 21 Jan 2022 14:30:45 +0100 [thread overview]
Message-ID: <CAFqZXNsgtdct+DWGdvLpJW8xH9H7HuX0+MOAB9zbw_N266k5NQ@mail.gmail.com> (raw)
In-Reply-To: <CAP+JOzQZGwupcKQCMYc4DWE-MyNKo31Tio83RkcLJVepScFQgQ@mail.gmail.com>
On Thu, Jan 20, 2022 at 11:08 PM James Carter <jwcart2@gmail.com> wrote:
> On Thu, Jan 13, 2022 at 6:37 PM Ondrej Mosnacek <omosnace@redhat.com> wrote:\
[...]
> > @@ -1119,13 +1248,8 @@ static int semanage_direct_commit(semanage_handle_t * sh)
> > }
> > }
> >
> > - /* Before we do anything else, flush the join to its component parts.
> > - * This *does not* flush to disk automatically */
> > - if (users->dtable->is_modified(users->dbase)) {
> > - retval = users->dtable->flush(sh, users->dbase);
> > - if (retval < 0)
> > - goto cleanup;
> > - }
> > + if (force_rebuild)
> > + goto rebuild;
> >
> > /*
> > * This is for systems that have already migrated with an older version
> > @@ -1135,70 +1259,66 @@ static int semanage_direct_commit(semanage_handle_t * sh)
> > * in order to skip re-linking are present; otherwise, we force
> > * a rebuild.
> > */
> > - if (!do_rebuild) {
> > - int files[] = {SEMANAGE_STORE_KERNEL,
> > - SEMANAGE_STORE_FC,
> > - SEMANAGE_STORE_SEUSERS,
> > - SEMANAGE_LINKED,
> > - SEMANAGE_SEUSERS_LINKED,
> > - SEMANAGE_USERS_EXTRA_LINKED};
> > -
> > - for (i = 0; i < (int) ARRAY_SIZE(files); i++) {
> > - path = semanage_path(SEMANAGE_TMP, files[i]);
> > - if (stat(path, &sb) != 0) {
> > - if (errno != ENOENT) {
> > - ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
> > - retval = -1;
> > - goto cleanup;
> > - }
> > -
> > - do_rebuild = 1;
> > - goto rebuild;
> > + for (i = 0; i < (int) ARRAY_SIZE(semanage_computed_files); i++) {
> > + path = semanage_path(SEMANAGE_TMP, semanage_computed_files[i]);
> > + if (stat(path, &sb) != 0) {
> > + if (errno != ENOENT) {
> > + ERR(sh, "Unable to access %s: %s\n", path, strerror(errno));
> > + retval = -1;
> > + goto cleanup;
> > }
> > +
> > + force_rebuild = 1;
> > + goto rebuild;
> > }
> > }
> >
> > rebuild:
>
> I know that the rebuild label and goto rebuild was there originally,
> but I would prefer to have it eliminated.
>
> instead of:
> if (force_rebuild)
> goto rebuild;
> ...
> for (...
> path = ...
> if (...
> ...
> force_rebuild = 1;
> goto rebuild;
> }
> }
>
> rebuild:
>
> why not:
> if (!force_rebuild)
> for (...
> path = ...
> if (...
> force_rebuild = 1;
> break;
> }
> }
> }
Good point, it really doesn't need to be there. I'll remove it in the
next revision.
Thanks for the review!
--
Ondrej Mosnacek
Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.
next prev parent reply other threads:[~2022-01-21 13:31 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-13 14:39 [RFC PATCH userspace 0/5] Allow rebuilding policy store only if there were external changes to modules Ondrej Mosnacek
2022-01-13 14:39 ` [RFC PATCH userspace 1/5] libsemanage: add missing include to boolean_record.c Ondrej Mosnacek
2022-01-13 14:39 ` [RFC PATCH userspace 2/5] semodule,libsemanage: move module hashing into libsemanage Ondrej Mosnacek
2022-01-20 21:52 ` James Carter
2022-01-21 13:21 ` Ondrej Mosnacek
2022-01-25 15:17 ` Petr Lautrbach
2022-01-13 14:39 ` [RFC PATCH userspace 3/5] libsemanage: move compressed file handling into a separate object Ondrej Mosnacek
2022-01-20 21:58 ` James Carter
2022-01-13 14:39 ` [RFC PATCH userspace 4/5] libsemanage: optionally rebuild policy when modules are changed externally Ondrej Mosnacek
2022-01-20 22:08 ` James Carter
2022-01-21 13:30 ` Ondrej Mosnacek [this message]
2022-01-13 14:39 ` [RFC PATCH userspace 5/5] semodule: add command-line option to detect module changes Ondrej Mosnacek
2022-01-15 17:38 ` Christian Göttsche
2022-01-20 22:10 ` James Carter
2022-01-20 22:12 ` James Carter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFqZXNsgtdct+DWGdvLpJW8xH9H7HuX0+MOAB9zbw_N266k5NQ@mail.gmail.com \
--to=omosnace@redhat.com \
--cc=jwcart2@gmail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.