From: James Carter <jwcart2@tycho.nsa.gov>
To: selinux@vger.kernel.org
Cc: selinux@tycho.nsa.gov
Subject: [PATCH 2/4] libsepol: Eliminate initial sid string definitions in module_to_cil.c
Date: Thu, 11 Oct 2018 08:35:47 -0400 [thread overview]
Message-ID: <20181011123549.14875-3-jwcart2@tycho.nsa.gov> (raw)
In-Reply-To: <20181011123549.14875-1-jwcart2@tycho.nsa.gov>
Since the initial sid strings are defined in kernel_to_common.h,
module_to_cil.c can use those and its initial sid string definitions
can be removed.
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
---
libsepol/src/module_to_cil.c | 59 +++---------------------------------
1 file changed, 5 insertions(+), 54 deletions(-)
diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c
index dcf6ebb1..8ab0dfce 100644
--- a/libsepol/src/module_to_cil.c
+++ b/libsepol/src/module_to_cil.c
@@ -52,6 +52,7 @@
#include <sepol/policydb/services.h>
#include <sepol/policydb/util.h>
+#include "kernel_to_common.h"
#include "private.h"
#ifdef __GNUC__
@@ -2546,7 +2547,8 @@ static int context_to_cil(struct policydb *pdb, struct context_struct *con)
return 0;
}
-static int ocontext_isid_to_cil(struct policydb *pdb, const char **sid_to_string, struct ocontext *isids)
+static int ocontext_isid_to_cil(struct policydb *pdb, const char *const *sid_to_string,
+ struct ocontext *isids)
{
int rc = -1;
@@ -2602,41 +2604,7 @@ static int ocontext_selinux_isid_to_cil(struct policydb *pdb, struct ocontext *i
{
int rc = -1;
- // initial sid names aren't actually stored in the pp files, need to a have
- // a mapping, taken from the linux kernel
- static const char *selinux_sid_to_string[] = {
- "null",
- "kernel",
- "security",
- "unlabeled",
- "fs",
- "file",
- "file_labels",
- "init",
- "any_socket",
- "port",
- "netif",
- "netmsg",
- "node",
- "igmp_packet",
- "icmp_socket",
- "tcp_socket",
- "sysctl_modprobe",
- "sysctl",
- "sysctl_fs",
- "sysctl_kernel",
- "sysctl_net",
- "sysctl_net_unix",
- "sysctl_vm",
- "sysctl_dev",
- "kmod",
- "policy",
- "scmp_packet",
- "devnull",
- NULL
- };
-
- rc = ocontext_isid_to_cil(pdb, selinux_sid_to_string, isids);
+ rc = ocontext_isid_to_cil(pdb, selinux_sid_to_str, isids);
if (rc != 0) {
goto exit;
}
@@ -2865,24 +2833,7 @@ static int ocontext_xen_isid_to_cil(struct policydb *pdb, struct ocontext *isids
{
int rc = -1;
- // initial sid names aren't actually stored in the pp files, need to a have
- // a mapping, taken from the xen kernel
- static const char *xen_sid_to_string[] = {
- "null",
- "xen",
- "dom0",
- "domio",
- "domxen",
- "unlabeled",
- "security",
- "ioport",
- "iomem",
- "irq",
- "device",
- NULL,
- };
-
- rc = ocontext_isid_to_cil(pdb, xen_sid_to_string, isids);
+ rc = ocontext_isid_to_cil(pdb, xen_sid_to_str, isids);
if (rc != 0) {
goto exit;
}
--
2.17.1
next prev parent reply other threads:[~2018-10-11 12:35 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-11 12:35 [PATCH 0/4] libsepol: Cleanup initial sid handling when writing CIL and policy.conf files James Carter
2018-10-11 12:35 ` [PATCH 1/4] libsepol: Rename kernel_to_common.c stack functions James Carter
2018-10-11 12:35 ` James Carter [this message]
2018-10-11 12:35 ` [PATCH 3/4] libsepol: Check that initial sid indexes are within the valid range James Carter
2018-10-11 15:02 ` Yuli Khodorkovskiy
2018-10-11 12:35 ` [PATCH 4/4] libsepol: Add two new Xen initial SIDs James Carter
2018-10-11 23:58 ` [PATCH 0/4] libsepol: Cleanup initial sid handling when writing CIL and policy.conf files William Roberts
2018-10-15 17:39 ` William Roberts
-- strict thread matches above, loose matches on Subject: below --
2018-10-05 13:57 James Carter
2018-10-05 13:57 ` [PATCH 2/4] libsepol: Eliminate initial sid string definitions in module_to_cil.c James Carter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181011123549.14875-3-jwcart2@tycho.nsa.gov \
--to=jwcart2@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).