Re: [PATCH] selinux: ss: mls: Remove unused function
On Tuesday, January 13, 2015 11:45:09 PM Rickard Strandqvist wrote: > Hi Paul > > Thank you, yes it would be nice to do something for real :) :) > But will probably need a little more time than tonight for it, if it's > OK to wait until the weekend. Not a problem, let us know if you get stuck on anything. Thanks for helping out. -Paul -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] selinux: ss: mls: Remove unused function
2015-01-12 21:29 GMT+01:00 Paul Moore : > On Sunday, January 11, 2015 11:44:30 PM Rickard Strandqvist wrote: >> Remove the function mls_import_netlbl_cat() that is not used anywhere. >> >> This was partially found by using a static code analysis program called >> cppcheck. >> >> Signed-off-by: Rickard Strandqvist >> --- >> security/selinux/ss/mls.c | 38 -- >> security/selinux/ss/mls.h |7 --- >> 2 files changed, 45 deletions(-) > > Thanks for bringing this up and sending a patch. > > However, what we should probably do is take the existing MLS category code in > security_netlbl_secattr_to_sid() and reconcile it with the code in > mls_import_netlbl_cat() and convert security_netlbl_secattr_to_sid() to using > the mls_import_netlbl_cat() function. > > Is that something you want to try? If not, let me know and we'll work on it. > >> diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c >> index d307b37..c01c755 100644 >> --- a/security/selinux/ss/mls.c >> +++ b/security/selinux/ss/mls.c >> @@ -631,42 +631,4 @@ int mls_export_netlbl_cat(struct context *context, >> >> return rc; >> } >> - >> -/** >> - * mls_import_netlbl_cat - Import the MLS categories from NetLabel >> - * @context: the security context >> - * @secattr: the NetLabel security attributes >> - * >> - * Description: >> - * Copy the NetLabel security attributes into the SELinux context; since >> the - * NetLabel security attribute only contains a single MLS category use >> it for - * both the low and high categories of the context. Returns zero >> on success, - * negative values on failure. >> - * >> - */ >> -int mls_import_netlbl_cat(struct context *context, >> - struct netlbl_lsm_secattr *secattr) >> -{ >> - int rc; >> - >> - if (!policydb.mls_enabled) >> - return 0; >> - >> - rc = ebitmap_netlbl_import(&context->range.level[0].cat, >> -secattr->attr.mls.cat); >> - if (rc != 0) >> - goto import_netlbl_cat_failure; >> - >> - rc = ebitmap_cpy(&context->range.level[1].cat, >> - &context->range.level[0].cat); >> - if (rc != 0) >> - goto import_netlbl_cat_failure; >> - >> - return 0; >> - >> -import_netlbl_cat_failure: >> - ebitmap_destroy(&context->range.level[0].cat); >> - ebitmap_destroy(&context->range.level[1].cat); >> - return rc; >> -} >> #endif /* CONFIG_NETLABEL */ >> diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h >> index e4369e3..11d3c8f 100644 >> --- a/security/selinux/ss/mls.h >> +++ b/security/selinux/ss/mls.h >> @@ -62,8 +62,6 @@ void mls_import_netlbl_lvl(struct context *context, >> struct netlbl_lsm_secattr *secattr); >> int mls_export_netlbl_cat(struct context *context, >> struct netlbl_lsm_secattr *secattr); >> -int mls_import_netlbl_cat(struct context *context, >> - struct netlbl_lsm_secattr *secattr); >> #else >> static inline void mls_export_netlbl_lvl(struct context *context, >>struct netlbl_lsm_secattr *secattr) >> @@ -80,11 +78,6 @@ static inline int mls_export_netlbl_cat(struct context >> *context, { >> return -ENOMEM; >> } >> -static inline int mls_import_netlbl_cat(struct context *context, >> - struct netlbl_lsm_secattr *secattr) >> -{ >> - return -ENOMEM; >> -} >> #endif >> >> #endif /* _SS_MLS_H */ > > -- > paul moore > www.paul-moore.com > Hi Paul Thank you, yes it would be nice to do something for real :) But will probably need a little more time than tonight for it, if it's OK to wait until the weekend. Kind regards Rickard Strandqvist -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] selinux: ss: mls: Remove unused function
On Sunday, January 11, 2015 11:44:30 PM Rickard Strandqvist wrote: > Remove the function mls_import_netlbl_cat() that is not used anywhere. > > This was partially found by using a static code analysis program called > cppcheck. > > Signed-off-by: Rickard Strandqvist > --- > security/selinux/ss/mls.c | 38 -- > security/selinux/ss/mls.h |7 --- > 2 files changed, 45 deletions(-) Thanks for bringing this up and sending a patch. However, what we should probably do is take the existing MLS category code in security_netlbl_secattr_to_sid() and reconcile it with the code in mls_import_netlbl_cat() and convert security_netlbl_secattr_to_sid() to using the mls_import_netlbl_cat() function. Is that something you want to try? If not, let me know and we'll work on it. > diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c > index d307b37..c01c755 100644 > --- a/security/selinux/ss/mls.c > +++ b/security/selinux/ss/mls.c > @@ -631,42 +631,4 @@ int mls_export_netlbl_cat(struct context *context, > > return rc; > } > - > -/** > - * mls_import_netlbl_cat - Import the MLS categories from NetLabel > - * @context: the security context > - * @secattr: the NetLabel security attributes > - * > - * Description: > - * Copy the NetLabel security attributes into the SELinux context; since > the - * NetLabel security attribute only contains a single MLS category use > it for - * both the low and high categories of the context. Returns zero > on success, - * negative values on failure. > - * > - */ > -int mls_import_netlbl_cat(struct context *context, > - struct netlbl_lsm_secattr *secattr) > -{ > - int rc; > - > - if (!policydb.mls_enabled) > - return 0; > - > - rc = ebitmap_netlbl_import(&context->range.level[0].cat, > -secattr->attr.mls.cat); > - if (rc != 0) > - goto import_netlbl_cat_failure; > - > - rc = ebitmap_cpy(&context->range.level[1].cat, > - &context->range.level[0].cat); > - if (rc != 0) > - goto import_netlbl_cat_failure; > - > - return 0; > - > -import_netlbl_cat_failure: > - ebitmap_destroy(&context->range.level[0].cat); > - ebitmap_destroy(&context->range.level[1].cat); > - return rc; > -} > #endif /* CONFIG_NETLABEL */ > diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h > index e4369e3..11d3c8f 100644 > --- a/security/selinux/ss/mls.h > +++ b/security/selinux/ss/mls.h > @@ -62,8 +62,6 @@ void mls_import_netlbl_lvl(struct context *context, > struct netlbl_lsm_secattr *secattr); > int mls_export_netlbl_cat(struct context *context, > struct netlbl_lsm_secattr *secattr); > -int mls_import_netlbl_cat(struct context *context, > - struct netlbl_lsm_secattr *secattr); > #else > static inline void mls_export_netlbl_lvl(struct context *context, >struct netlbl_lsm_secattr *secattr) > @@ -80,11 +78,6 @@ static inline int mls_export_netlbl_cat(struct context > *context, { > return -ENOMEM; > } > -static inline int mls_import_netlbl_cat(struct context *context, > - struct netlbl_lsm_secattr *secattr) > -{ > - return -ENOMEM; > -} > #endif > > #endif /* _SS_MLS_H */ -- paul moore www.paul-moore.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH] selinux: ss: mls: Remove unused function
Remove the function mls_import_netlbl_cat() that is not used anywhere. This was partially found by using a static code analysis program called cppcheck. Signed-off-by: Rickard Strandqvist --- security/selinux/ss/mls.c | 38 -- security/selinux/ss/mls.h |7 --- 2 files changed, 45 deletions(-) diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index d307b37..c01c755 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c @@ -631,42 +631,4 @@ int mls_export_netlbl_cat(struct context *context, return rc; } - -/** - * mls_import_netlbl_cat - Import the MLS categories from NetLabel - * @context: the security context - * @secattr: the NetLabel security attributes - * - * Description: - * Copy the NetLabel security attributes into the SELinux context; since the - * NetLabel security attribute only contains a single MLS category use it for - * both the low and high categories of the context. Returns zero on success, - * negative values on failure. - * - */ -int mls_import_netlbl_cat(struct context *context, - struct netlbl_lsm_secattr *secattr) -{ - int rc; - - if (!policydb.mls_enabled) - return 0; - - rc = ebitmap_netlbl_import(&context->range.level[0].cat, - secattr->attr.mls.cat); - if (rc != 0) - goto import_netlbl_cat_failure; - - rc = ebitmap_cpy(&context->range.level[1].cat, -&context->range.level[0].cat); - if (rc != 0) - goto import_netlbl_cat_failure; - - return 0; - -import_netlbl_cat_failure: - ebitmap_destroy(&context->range.level[0].cat); - ebitmap_destroy(&context->range.level[1].cat); - return rc; -} #endif /* CONFIG_NETLABEL */ diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h index e4369e3..11d3c8f 100644 --- a/security/selinux/ss/mls.h +++ b/security/selinux/ss/mls.h @@ -62,8 +62,6 @@ void mls_import_netlbl_lvl(struct context *context, struct netlbl_lsm_secattr *secattr); int mls_export_netlbl_cat(struct context *context, struct netlbl_lsm_secattr *secattr); -int mls_import_netlbl_cat(struct context *context, - struct netlbl_lsm_secattr *secattr); #else static inline void mls_export_netlbl_lvl(struct context *context, struct netlbl_lsm_secattr *secattr) @@ -80,11 +78,6 @@ static inline int mls_export_netlbl_cat(struct context *context, { return -ENOMEM; } -static inline int mls_import_netlbl_cat(struct context *context, - struct netlbl_lsm_secattr *secattr) -{ - return -ENOMEM; -} #endif #endif /* _SS_MLS_H */ -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/