From: "Christian Göttsche" <cgzones@googlemail.com>
To: selinux@vger.kernel.org
Cc: Paul Moore <paul@paul-moore.com>,
Stephen Smalley <stephen.smalley.work@gmail.com>,
Eric Paris <eparis@parisplace.org>,
Nathan Chancellor <nathan@kernel.org>,
Nick Desaulniers <ndesaulniers@google.com>,
Xiong Zhenwu <xiong.zhenwu@zte.com.cn>,
Tyler Hicks <tyhicks@linux.microsoft.com>,
Ondrej Mosnacek <omosnace@redhat.com>,
Xiu Jianfeng <xiujianfeng@huawei.com>,
Jeff Vander Stoep <jeffv@google.com>,
linux-kernel@vger.kernel.org, llvm@lists.linux.dev
Subject: [PATCH 4/9] selinux: enclose macro arguments in parenthesis
Date: Tue, 25 Jan 2022 15:14:14 +0100 [thread overview]
Message-ID: <20220125141422.32655-3-cgzones@googlemail.com> (raw)
In-Reply-To: <20220125141422.32655-1-cgzones@googlemail.com>
Enclose the macro arguments in parenthesis to avoid potential evaluation
order issues.
Note the xperm and ebitmap macros are still not side-effect safe due to
double evaluation.
Reported by clang-tidy [bugprone-macro-parentheses]
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
security/selinux/include/security.h | 4 ++--
security/selinux/ss/ebitmap.h | 6 +++---
security/selinux/ss/sidtab.c | 4 ++--
3 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 6482e0efb368..d91a5672de99 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -254,8 +254,8 @@ struct av_decision {
#define XPERMS_AUDITALLOW 2
#define XPERMS_DONTAUDIT 4
-#define security_xperm_set(perms, x) (perms[x >> 5] |= 1 << (x & 0x1f))
-#define security_xperm_test(perms, x) (1 & (perms[x >> 5] >> (x & 0x1f)))
+#define security_xperm_set(perms, x) ((perms)[(x) >> 5] |= 1 << ((x) & 0x1f))
+#define security_xperm_test(perms, x) (1 & ((perms)[(x) >> 5] >> ((x) & 0x1f)))
struct extended_perms_data {
u32 p[8];
};
diff --git a/security/selinux/ss/ebitmap.h b/security/selinux/ss/ebitmap.h
index 9eb2d0af2805..58eb822f11ee 100644
--- a/security/selinux/ss/ebitmap.h
+++ b/security/selinux/ss/ebitmap.h
@@ -118,9 +118,9 @@ static inline void ebitmap_node_clr_bit(struct ebitmap_node *n,
}
#define ebitmap_for_each_positive_bit(e, n, bit) \
- for (bit = ebitmap_start_positive(e, &n); \
- bit < ebitmap_length(e); \
- bit = ebitmap_next_positive(e, &n, bit)) \
+ for ((bit) = ebitmap_start_positive(e, &(n)); \
+ (bit) < ebitmap_length(e); \
+ (bit) = ebitmap_next_positive(e, &(n), bit)) \
int ebitmap_cmp(struct ebitmap *e1, struct ebitmap *e2);
int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src);
diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
index 293ec048af08..a54b8652bfb5 100644
--- a/security/selinux/ss/sidtab.c
+++ b/security/selinux/ss/sidtab.c
@@ -27,8 +27,8 @@ struct sidtab_str_cache {
char str[];
};
-#define index_to_sid(index) (index + SECINITSID_NUM + 1)
-#define sid_to_index(sid) (sid - (SECINITSID_NUM + 1))
+#define index_to_sid(index) ((index) + SECINITSID_NUM + 1)
+#define sid_to_index(sid) ((sid) - (SECINITSID_NUM + 1))
int sidtab_init(struct sidtab *s)
{
--
2.34.1
next prev parent reply other threads:[~2022-01-25 14:14 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-25 14:14 [PATCH 2/9] selinux: declare path parameters of _genfs_sid const Christian Göttsche
2022-01-25 14:14 ` [PATCH 3/9] selinux: declare name parameter of hash_eval const Christian Göttsche
2022-01-26 19:34 ` Paul Moore
2022-01-25 14:14 ` Christian Göttsche [this message]
2022-01-25 20:40 ` [PATCH 4/9] selinux: enclose macro arguments in parenthesis Nick Desaulniers
2022-01-26 20:16 ` Paul Moore
2022-01-25 14:14 ` [PATCH 5/9] selinux: drop cast to same type Christian Göttsche
2022-01-26 20:27 ` Paul Moore
2022-01-25 14:14 ` [PATCH 6/9] selinux: drop unused parameter of avtab_insert_node Christian Göttsche
2022-01-26 20:39 ` Paul Moore
2022-01-25 14:14 ` [PATCH 7/9] selinux: do not discard const qualifier in cast Christian Göttsche
2022-01-26 20:56 ` Paul Moore
2022-01-25 14:14 ` [PATCH 8/9] selinux: simplify cred_init_security Christian Göttsche
2022-01-26 20:58 ` Paul Moore
2022-01-25 14:14 ` [PATCH 9/9] selinux: drop unused macro Christian Göttsche
2022-01-25 22:47 ` Nick Desaulniers
2022-01-26 21:20 ` Paul Moore
2022-01-25 14:14 ` [PATCH 1/9] selinux: check return value of sel_make_avc_files Christian Göttsche
2022-01-25 19:46 ` Nick Desaulniers
2022-01-26 0:35 ` Paul Moore
2022-01-26 1:04 ` [PATCH 2/9] selinux: declare path parameters of _genfs_sid const Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220125141422.32655-3-cgzones@googlemail.com \
--to=cgzones@googlemail.com \
--cc=eparis@parisplace.org \
--cc=jeffv@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=omosnace@redhat.com \
--cc=paul@paul-moore.com \
--cc=selinux@vger.kernel.org \
--cc=stephen.smalley.work@gmail.com \
--cc=tyhicks@linux.microsoft.com \
--cc=xiong.zhenwu@zte.com.cn \
--cc=xiujianfeng@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.