From: Paul Moore <paul@paul-moore.com>
To: Thomas Meyer <thomas@m3y3r.de>
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
Eric Paris <eparis@parisplace.org>,
James Morris <james.l.morris@oracle.com>,
serge@hallyn.com, selinux@tycho.nsa.gov,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: [PATCH] selinux: Fix bool initialization/comparison
Date: Fri, 13 Oct 2017 18:40:21 -0400 [thread overview]
Message-ID: <CAHC9VhREW0Ez7g302J43qdxZwTxk87N-GmT59aUtEUjJu_ynJA@mail.gmail.com> (raw)
In-Reply-To: <9b5f9458-ac5f-621b-ff0c-677de365c216@schaufler-ca.com>
On Tue, Oct 10, 2017 at 7:19 PM, Casey Schaufler <casey@schaufler-ca.com> wrote:
> On 10/7/2017 7:02 AM, Thomas Meyer wrote:
>> Bool initializations should use true and false. Bool tests don't need
>> comparisons.
>>
>> Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
>> ---
Hi Thomas,
Thank you for submitting this patch, but it really doesn't add any
value to the SELinux code so I'm not going to merge it at this time.
If you would like to contribute to SELinux there are a number of
issues open on our GitHub page that you could look into resolving,
those patches would be very welcome.
* https://github.com/SELinuxProject
-Paul
>> diff -u -p a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
>> --- a/security/selinux/ss/mls.c
>> +++ b/security/selinux/ss/mls.c
>> @@ -550,7 +550,7 @@ int mls_compute_sid(struct context *scon
>>
>> /* Fallthrough */
>> case AVTAB_CHANGE:
>> - if ((tclass == policydb.process_class) || (sock == true))
>> + if ((tclass == policydb.process_class) || (sock))
>
> How about
>
> + if ((tclass == policydb.process_class) || sock)
>
>> /* Use the process MLS attributes. */
>> return mls_context_cpy(newcontext, scontext);
>> else
>> diff -u -p a/security/selinux/ss/services.c b/security/selinux/ss/services.c
>> --- a/security/selinux/ss/services.c
>> +++ b/security/selinux/ss/services.c
>> @@ -1656,7 +1656,7 @@ static int security_compute_sid(u32 ssid
>> } else if (cladatum && cladatum->default_role == DEFAULT_TARGET) {
>> newcontext.role = tcontext->role;
>> } else {
>> - if ((tclass == policydb.process_class) || (sock == true))
>> + if ((tclass == policydb.process_class) || (sock))
>
> Excessive ()
>
>> newcontext.role = scontext->role;
>> else
>> newcontext.role = OBJECT_R_VAL;
>> @@ -1668,7 +1668,7 @@ static int security_compute_sid(u32 ssid
>> } else if (cladatum && cladatum->default_type == DEFAULT_TARGET) {
>> newcontext.type = tcontext->type;
>> } else {
>> - if ((tclass == policydb.process_class) || (sock == true)) {
>> + if ((tclass == policydb.process_class) || (sock)) {
>
> Excessive ()
>
>> /* Use the type of process. */
>> newcontext.type = scontext->type;
>> } else {
>>
>
--
paul moore
www.paul-moore.com
WARNING: multiple messages have this Message-ID (diff)
From: paul@paul-moore.com (Paul Moore)
To: linux-security-module@vger.kernel.org
Subject: [PATCH] selinux: Fix bool initialization/comparison
Date: Fri, 13 Oct 2017 18:40:21 -0400 [thread overview]
Message-ID: <CAHC9VhREW0Ez7g302J43qdxZwTxk87N-GmT59aUtEUjJu_ynJA@mail.gmail.com> (raw)
In-Reply-To: <9b5f9458-ac5f-621b-ff0c-677de365c216@schaufler-ca.com>
On Tue, Oct 10, 2017 at 7:19 PM, Casey Schaufler <casey@schaufler-ca.com> wrote:
> On 10/7/2017 7:02 AM, Thomas Meyer wrote:
>> Bool initializations should use true and false. Bool tests don't need
>> comparisons.
>>
>> Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
>> ---
Hi Thomas,
Thank you for submitting this patch, but it really doesn't add any
value to the SELinux code so I'm not going to merge it at this time.
If you would like to contribute to SELinux there are a number of
issues open on our GitHub page that you could look into resolving,
those patches would be very welcome.
* https://github.com/SELinuxProject
-Paul
>> diff -u -p a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
>> --- a/security/selinux/ss/mls.c
>> +++ b/security/selinux/ss/mls.c
>> @@ -550,7 +550,7 @@ int mls_compute_sid(struct context *scon
>>
>> /* Fallthrough */
>> case AVTAB_CHANGE:
>> - if ((tclass == policydb.process_class) || (sock == true))
>> + if ((tclass == policydb.process_class) || (sock))
>
> How about
>
> + if ((tclass == policydb.process_class) || sock)
>
>> /* Use the process MLS attributes. */
>> return mls_context_cpy(newcontext, scontext);
>> else
>> diff -u -p a/security/selinux/ss/services.c b/security/selinux/ss/services.c
>> --- a/security/selinux/ss/services.c
>> +++ b/security/selinux/ss/services.c
>> @@ -1656,7 +1656,7 @@ static int security_compute_sid(u32 ssid
>> } else if (cladatum && cladatum->default_role == DEFAULT_TARGET) {
>> newcontext.role = tcontext->role;
>> } else {
>> - if ((tclass == policydb.process_class) || (sock == true))
>> + if ((tclass == policydb.process_class) || (sock))
>
> Excessive ()
>
>> newcontext.role = scontext->role;
>> else
>> newcontext.role = OBJECT_R_VAL;
>> @@ -1668,7 +1668,7 @@ static int security_compute_sid(u32 ssid
>> } else if (cladatum && cladatum->default_type == DEFAULT_TARGET) {
>> newcontext.type = tcontext->type;
>> } else {
>> - if ((tclass == policydb.process_class) || (sock == true)) {
>> + if ((tclass == policydb.process_class) || (sock)) {
>
> Excessive ()
>
>> /* Use the type of process. */
>> newcontext.type = scontext->type;
>> } else {
>>
>
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-10-13 22:40 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-07 14:02 Cocci spatch "boolinit" - v4.14-rc1 Thomas Meyer
2017-10-07 14:02 ` [PATCH] f2fs: Fix bool initialization/comparison Thomas Meyer
2017-10-07 14:02 ` Thomas Meyer
2017-10-07 14:33 ` [f2fs-dev] " Ju Hyung Park
2017-10-07 19:30 ` Joe Perches
2017-10-09 1:48 ` Chao Yu
2017-10-09 1:48 ` Chao Yu
2017-10-10 17:41 ` Jaegeuk Kim
2017-10-07 14:02 ` [PATCH] cifs: " Thomas Meyer
[not found] ` <1507383097083-1243109004-5-diffsplit-thomas-VsYtu1Qij5c@public.gmane.org>
2017-10-10 1:14 ` Nico Kadel-Garcia
2017-10-10 1:14 ` Nico Kadel-Garcia
2017-10-07 14:02 ` [PATCH] ima: " Thomas Meyer
2017-10-07 14:02 ` Thomas Meyer
2017-10-07 14:02 ` [PATCH] nfsd: " Thomas Meyer
2017-10-07 14:02 ` [PATCH] NFS: " Thomas Meyer
2017-10-07 14:02 ` [PATCH] pstore: " Thomas Meyer
2018-11-29 23:21 ` Kees Cook
2017-10-07 14:02 ` [PATCH] afs: " Thomas Meyer
2017-10-07 14:02 ` [PATCH] xfs: " Thomas Meyer
2017-10-09 14:24 ` Brian Foster
2017-10-07 14:02 ` [PATCH] ceph: " Thomas Meyer
2017-10-09 1:52 ` Yan, Zheng
2017-10-07 14:02 ` [PATCH] bfq: " Thomas Meyer
2017-10-07 14:02 ` [PATCH] proc: " Thomas Meyer
2017-10-07 14:02 ` [PATCH] exofs: " Thomas Meyer
2017-10-07 14:02 ` [PATCH] apparmor: " Thomas Meyer
2017-10-07 14:02 ` Thomas Meyer
2017-10-07 17:18 ` John Johansen
2017-10-07 17:18 ` John Johansen
2017-10-07 14:02 ` [PATCH] ext4: " Thomas Meyer
2017-10-07 14:02 ` [PATCH] btrfs: " Thomas Meyer
2017-10-09 16:05 ` David Sterba
2017-10-07 14:02 ` [PATCH] selinux: " Thomas Meyer
2017-10-07 14:02 ` Thomas Meyer
2017-10-10 23:17 ` Casey Schaufler
2017-10-10 23:17 ` Casey Schaufler
2017-10-10 23:19 ` Casey Schaufler
2017-10-10 23:19 ` Casey Schaufler
2017-10-13 22:40 ` Paul Moore [this message]
2017-10-13 22:40 ` Paul Moore
2017-10-07 14:02 ` [PATCH] configfs: " Thomas Meyer
2017-10-19 14:08 ` Christoph Hellwig
2017-10-10 15:19 ` [PATCH] afs: " David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHC9VhREW0Ez7g302J43qdxZwTxk87N-GmT59aUtEUjJu_ynJA@mail.gmail.com \
--to=paul@paul-moore.com \
--cc=casey@schaufler-ca.com \
--cc=eparis@parisplace.org \
--cc=james.l.morris@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=serge@hallyn.com \
--cc=thomas@m3y3r.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.