From: "Christian Göttsche" <cgzones@googlemail.com>
To: selinux@vger.kernel.org
Subject: [RFC PATCH v2 5/9] libselinux: sidtab updates
Date: Wed, 31 Jan 2024 14:08:31 +0100 [thread overview]
Message-ID: <20240131130840.48155-6-cgzones@googlemail.com> (raw)
In-Reply-To: <20240131130840.48155-1-cgzones@googlemail.com>
Add sidtab_context_lookup() to just lookup a context, not inserting
non-existent ones.
Tweak sidtab_destroy() to accept a zero'ed struct sidtab.
Remove redundant lookup in sidtab_context_to_sid() after insertion by
returning the newly created node directly from sidtab_insert().
Drop declaration of only internal used sidtab_insert().
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
v2:
add patch
---
libselinux/src/avc_sidtab.c | 55 +++++++++++++++++++++----------------
libselinux/src/avc_sidtab.h | 2 +-
2 files changed, 32 insertions(+), 25 deletions(-)
diff --git a/libselinux/src/avc_sidtab.c b/libselinux/src/avc_sidtab.c
index 9475dcb0..3d347cea 100644
--- a/libselinux/src/avc_sidtab.c
+++ b/libselinux/src/avc_sidtab.c
@@ -44,28 +44,23 @@ int sidtab_init(struct sidtab *s)
return rc;
}
-int sidtab_insert(struct sidtab *s, const char * ctx)
+static struct sidtab_node *
+sidtab_insert(struct sidtab *s, const char * ctx)
{
unsigned hvalue;
- int rc = 0;
struct sidtab_node *newnode;
char * newctx;
- if (s->nel >= UINT_MAX - 1) {
- rc = -1;
- goto out;
- }
+ if (s->nel >= UINT_MAX - 1)
+ return NULL;
newnode = (struct sidtab_node *)avc_malloc(sizeof(*newnode));
- if (!newnode) {
- rc = -1;
- goto out;
- }
+ if (!newnode)
+ return NULL;
newctx = strdup(ctx);
if (!newctx) {
- rc = -1;
avc_free(newnode);
- goto out;
+ return NULL;
}
hvalue = sidtab_hash(newctx);
@@ -73,8 +68,25 @@ int sidtab_insert(struct sidtab *s, const char * ctx)
newnode->sid_s.ctx = newctx;
newnode->sid_s.id = ++s->nel;
s->htable[hvalue] = newnode;
- out:
- return rc;
+ return newnode;
+}
+
+const struct security_id *
+sidtab_context_lookup(const struct sidtab *s, const char *ctx)
+{
+ unsigned hvalue;
+ const struct sidtab_node *cur;
+
+ hvalue = sidtab_hash(ctx);
+
+ cur = s->htable[hvalue];
+ while (cur != NULL && strcmp(cur->sid_s.ctx, ctx))
+ cur = cur->next;
+
+ if (cur == NULL)
+ return NULL;
+
+ return &cur->sid_s;
}
int
@@ -82,27 +94,23 @@ sidtab_context_to_sid(struct sidtab *s,
const char * ctx, security_id_t * sid)
{
unsigned hvalue;
- int rc = 0;
struct sidtab_node *cur;
*sid = NULL;
hvalue = sidtab_hash(ctx);
- loop:
cur = s->htable[hvalue];
while (cur != NULL && strcmp(cur->sid_s.ctx, ctx))
cur = cur->next;
if (cur == NULL) { /* need to make a new entry */
- rc = sidtab_insert(s, ctx);
- if (rc)
- goto out;
- goto loop; /* find the newly inserted node */
+ cur = sidtab_insert(s, ctx);
+ if (cur == NULL)
+ return -1;
}
*sid = &cur->sid_s;
- out:
- return rc;
+ return 0;
}
void sidtab_sid_stats(const struct sidtab *s, char *buf, size_t buflen)
@@ -138,7 +146,7 @@ void sidtab_destroy(struct sidtab *s)
int i;
struct sidtab_node *cur, *temp;
- if (!s)
+ if (!s || !s->htable)
return;
for (i = 0; i < SIDTAB_SIZE; i++) {
@@ -149,7 +157,6 @@ void sidtab_destroy(struct sidtab *s)
freecon(temp->sid_s.ctx);
avc_free(temp);
}
- s->htable[i] = NULL;
}
avc_free(s->htable);
s->htable = NULL;
diff --git a/libselinux/src/avc_sidtab.h b/libselinux/src/avc_sidtab.h
index e823e3f3..f62fd353 100644
--- a/libselinux/src/avc_sidtab.h
+++ b/libselinux/src/avc_sidtab.h
@@ -24,8 +24,8 @@ struct sidtab {
};
int sidtab_init(struct sidtab *s) ;
-int sidtab_insert(struct sidtab *s, const char * ctx) ;
+const struct security_id * sidtab_context_lookup(const struct sidtab *s, const char *ctx);
int sidtab_context_to_sid(struct sidtab *s,
const char * ctx, security_id_t * sid) ;
--
2.43.0
next prev parent reply other threads:[~2024-01-31 13:08 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-31 13:08 [RFC PATCH v2 0/9] libselinux: rework selabel_file(5) database Christian Göttsche
2024-01-31 13:08 ` [RFC PATCH v2 1/9] policycoreutils: introduce unsetfiles Christian Göttsche
2024-01-31 13:08 ` [RFC PATCH v2 2/9] libselinux/utils: introduce selabel_compare Christian Göttsche
2024-03-07 19:50 ` James Carter
2024-03-11 17:20 ` Christian Göttsche
2024-03-11 20:49 ` James Carter
2024-01-31 13:08 ` [RFC PATCH v2 3/9] libselinux: use more appropriate types in sidtab Christian Göttsche
2024-01-31 13:08 ` [RFC PATCH v2 4/9] libselinux: add unique id to sidtab entries Christian Göttsche
2024-01-31 13:08 ` Christian Göttsche [this message]
2024-03-07 20:53 ` [RFC PATCH v2 5/9] libselinux: sidtab updates James Carter
2024-03-11 16:32 ` Christian Göttsche
2024-01-31 13:08 ` [RFC PATCH v2 6/9] libselinux: rework selabel_file(5) database Christian Göttsche
2024-01-31 13:08 ` [RFC PATCH v2 7/9] libselinux: remove unused hashtab code Christian Göttsche
2024-01-31 13:08 ` [RFC PATCH v2 8/9] libselinux: add selabel_file(5) fuzzer Christian Göttsche
2024-01-31 13:08 ` [RFC PATCH v2 9/9] libselinux: support parallel selabel_lookup(3) Christian Göttsche
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240131130840.48155-6-cgzones@googlemail.com \
--to=cgzones@googlemail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.