From d4bb604a6d1edec451e7912e64e1bb08686ceeaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Mon, 22 Jan 2024 14:24:28 +0100 Subject: [PATCH] checkpolicy: misc policy_define.c cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sync function parameter names. Drop superfluous return value. The function avrule_merge_ioctls() has no failure conditions and always returns 0. Drop duplicate include. Use native type for ranges. Signed-off-by: Christian Göttsche --- checkpolicy/policy_define.c | 27 ++++++++++++--------------- checkpolicy/policy_define.h | 2 +- 2 files changed, 13 insertions(+), 16 deletions(-) diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c index cd49cae37..79d67a789 100644 --- a/checkpolicy/policy_define.c +++ b/checkpolicy/policy_define.c @@ -44,7 +44,6 @@ #define IPPROTO_SCTP 132 #endif #include -#include #include #include #include @@ -1096,7 +1095,7 @@ int define_level(void) while ((id = queue_remove(id_queue))) { cat_datum_t *cdatum; - int range_start, range_end, i; + uint32_t range_start, range_end, i; if (id_has_dot(id)) { char *id_start = id; @@ -1932,7 +1931,7 @@ static int avrule_sort_ioctls(struct av_ioctl_range_list **rangehead) return -1; } -static int avrule_merge_ioctls(struct av_ioctl_range_list **rangehead) +static void avrule_merge_ioctls(struct av_ioctl_range_list **rangehead) { struct av_ioctl_range_list *r, *tmp; r = *rangehead; @@ -1949,7 +1948,6 @@ static int avrule_merge_ioctls(struct av_ioctl_range_list **rangehead) } r = r->next; } - return 0; } static int avrule_read_ioctls(struct av_ioctl_range_list **rangehead) @@ -2070,8 +2068,7 @@ static int avrule_ioctl_ranges(struct av_ioctl_range_list **rangelist) /* sort and merge the input ioctls */ if (avrule_sort_ioctls(&rangehead)) return -1; - if (avrule_merge_ioctls(&rangehead)) - return -1; + avrule_merge_ioctls(&rangehead); /* flip ranges if these are omitted */ if (omit) { if (avrule_omit_ioctls(&rangehead)) @@ -3854,7 +3851,7 @@ uintptr_t define_cexpr(uint32_t expr_type, uintptr_t arg1, uintptr_t arg2) return 0; } -int define_conditional(cond_expr_t * expr, avrule_t * t, avrule_t * f) +int define_conditional(cond_expr_t * expr, avrule_t * t_list, avrule_t * f_list) { cond_expr_t *e; int depth, booleans, tunables; @@ -3866,15 +3863,15 @@ int define_conditional(cond_expr_t * expr, avrule_t * t, avrule_t * f) yyerror("illegal conditional expression"); return -1; } - if (!t) { - if (!f) { + if (!t_list) { + if (!f_list) { /* empty is fine, destroy expression and return */ cond_expr_destroy(expr); return 0; } /* Invert */ - t = f; - f = 0; + t_list = f_list; + f_list = NULL; expr = define_cond_expr(COND_NOT, expr, 0); if (!expr) { yyerror("unable to invert conditional expression"); @@ -3940,8 +3937,8 @@ int define_conditional(cond_expr_t * expr, avrule_t * t, avrule_t * f) /* use tmp conditional node to partially build new node */ memset(&cn, 0, sizeof(cn)); cn.expr = expr; - cn.avtrue_list = t; - cn.avfalse_list = f; + cn.avtrue_list = t_list; + cn.avfalse_list = f_list; /* normalize/precompute expression */ if (cond_normalize_expr(policydbp, &cn) < 0) { @@ -4117,7 +4114,7 @@ static int set_user_roles(role_set_t * set, char *id) static int parse_categories(char *id, level_datum_t * levdatum, ebitmap_t * cats) { cat_datum_t *cdatum; - int range_start, range_end, i; + uint32_t range_start, range_end, i; if (id_has_dot(id)) { char *id_start = id; @@ -5527,7 +5524,7 @@ static int define_genfs_context_helper(char *fstype, int has_type) class_datum_t *cladatum; char *type = NULL; const char *sclass; - int len, len2; + size_t len, len2; if (policydbp->target_platform != SEPOL_TARGET_SELINUX) { yyerror("genfs not supported for target"); diff --git a/checkpolicy/policy_define.h b/checkpolicy/policy_define.h index 075b048db..bcbfe4f33 100644 --- a/checkpolicy/policy_define.h +++ b/checkpolicy/policy_define.h @@ -13,7 +13,7 @@ #define FALSE 0 avrule_t *define_cond_compute_type(int which); -avrule_t *define_cond_pol_list(avrule_t *avlist, avrule_t *stmt); +avrule_t *define_cond_pol_list(avrule_t *avlist, avrule_t *sl); avrule_t *define_cond_te_avtab(int which); avrule_t *define_cond_filename_trans(void); cond_expr_t *define_cond_expr(uint32_t expr_type, void *arg1, void* arg2);