diff for duplicates of <20171018005331.2688-4-bauerman@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index a9d23dd..37a4a42 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -42,8 +42,8 @@ index 9826c02e2db8..37f062d38d5f 100644 } if (rc) -- evm_status = (rc = -ENODATA) ? -+ evm_status = rc = -ENODATA ? +- evm_status = (rc == -ENODATA) ? ++ evm_status = rc == -ENODATA ? INTEGRITY_NOXATTRS : INTEGRITY_FAIL; out: if (iint) @@ -51,10 +51,10 @@ index 9826c02e2db8..37f062d38d5f 100644 namelen = strlen(req_xattr_name); for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) { -- if ((strlen(*xattrname) = namelen) -- && (strncmp(req_xattr_name, *xattrname, namelen) = 0)) { -+ if (strlen(*xattrname) = namelen -+ && strncmp(req_xattr_name, *xattrname, namelen) = 0) { +- if ((strlen(*xattrname) == namelen) +- && (strncmp(req_xattr_name, *xattrname, namelen) == 0)) { ++ if (strlen(*xattrname) == namelen ++ && strncmp(req_xattr_name, *xattrname, namelen) == 0) { found = 1; break; } @@ -62,10 +62,10 @@ index 9826c02e2db8..37f062d38d5f 100644 if (!posix_xattr_acl(xattr_name)) return 0; evm_status = evm_verify_current_integrity(dentry); -- if ((evm_status = INTEGRITY_PASS) || -- (evm_status = INTEGRITY_NOXATTRS)) -+ if (evm_status = INTEGRITY_PASS || -+ evm_status = INTEGRITY_NOXATTRS) +- if ((evm_status == INTEGRITY_PASS) || +- (evm_status == INTEGRITY_NOXATTRS)) ++ if (evm_status == INTEGRITY_PASS || ++ evm_status == INTEGRITY_NOXATTRS) return 0; goto out; } @@ -73,9 +73,9 @@ index 9826c02e2db8..37f062d38d5f 100644 if (!(ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID))) return 0; evm_status = evm_verify_current_integrity(dentry); -- if ((evm_status = INTEGRITY_PASS) || -- (evm_status = INTEGRITY_NOXATTRS)) -+ if (evm_status = INTEGRITY_PASS || evm_status = INTEGRITY_NOXATTRS) +- if ((evm_status == INTEGRITY_PASS) || +- (evm_status == INTEGRITY_NOXATTRS)) ++ if (evm_status == INTEGRITY_PASS || evm_status == INTEGRITY_NOXATTRS) return 0; integrity_audit_msg(AUDIT_INTEGRITY_METADATA, d_backing_inode(dentry), dentry->d_name.name, "appraise_metadata", @@ -99,12 +99,12 @@ index bce0b36778bd..58c6a60c7e83 100644 @@ -401,7 +401,7 @@ int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name, result = ima_protect_xattr(dentry, xattr_name, xattr_value, xattr_value_len); - if (result = 1) { + if (result == 1) { - if (!xattr_value_len || (xvalue->type >= IMA_XATTR_LAST)) + if (!xattr_value_len || xvalue->type >= IMA_XATTR_LAST) return -EINVAL; ima_reset_appraise_flags(d_backing_inode(dentry), - xvalue->type = EVM_IMA_XATTR_DIGSIG); + xvalue->type == EVM_IMA_XATTR_DIGSIG); diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index e4ab8ef8016e..747a4fd9e2de 100644 --- a/security/integrity/ima/ima_main.c @@ -121,7 +121,7 @@ index e4ab8ef8016e..747a4fd9e2de 100644 @@ -123,7 +123,7 @@ static void ima_check_last_writer(struct integrity_iint_cache *iint, inode_lock(inode); - if (atomic_read(&inode->i_writecount) = 1) { + if (atomic_read(&inode->i_writecount) == 1) { - if ((iint->version != inode->i_version) || + if (iint->version != inode->i_version || (iint->flags & IMA_NEW_FILE)) { @@ -131,10 +131,10 @@ index e4ab8ef8016e..747a4fd9e2de 100644 * Included is the appraise submask. */ action = ima_get_action(inode, mask, func, &pcr); -- violation_check = ((func = FILE_CHECK || func = MMAP_CHECK) && +- violation_check = ((func == FILE_CHECK || func == MMAP_CHECK) && - (ima_policy_flag & IMA_MEASURE)); + -+ violation_check = (func = FILE_CHECK || func = MMAP_CHECK) && ++ violation_check = (func == FILE_CHECK || func == MMAP_CHECK) && + (ima_policy_flag & IMA_MEASURE); if (!action && !violation_check) return 0; @@ -165,12 +165,12 @@ index 95209a5f8595..efd8e1c60c10 100644 static int temp_ima_appraise; @@ -193,7 +193,7 @@ static int __init policy_setup(char *str) while ((p = strsep(&str, " |\n")) != NULL) { - if (*p = ' ') + if (*p == ' ') continue; -- if ((strcmp(p, "tcb") = 0) && !ima_policy) -+ if (strcmp(p, "tcb") = 0 && !ima_policy) +- if ((strcmp(p, "tcb") == 0) && !ima_policy) ++ if (strcmp(p, "tcb") == 0 && !ima_policy) ima_policy = DEFAULT_TCB; - else if (strcmp(p, "appraise_tcb") = 0) + else if (strcmp(p, "appraise_tcb") == 0) ima_use_appraise_tcb = 1; @@ -254,13 +254,13 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, int i; @@ -211,46 +211,46 @@ index 95209a5f8595..efd8e1c60c10 100644 if (result < 0) break; -- if ((*p = '\0') || (*p = ' ') || (*p = '\t')) -+ if (*p = '\0' || *p = ' ' || *p = '\t') +- if ((*p == '\0') || (*p == ' ') || (*p == '\t')) ++ if (*p == '\0' || *p == ' ' || *p == '\t') continue; token = match_token(p, policy_tokens, args); switch (token) { @@ -686,8 +686,8 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) entry->func = MODULE_CHECK; - else if (strcmp(args[0].from, "FIRMWARE_CHECK") = 0) + else if (strcmp(args[0].from, "FIRMWARE_CHECK") == 0) entry->func = FIRMWARE_CHECK; -- else if ((strcmp(args[0].from, "FILE_MMAP") = 0) -- || (strcmp(args[0].from, "MMAP_CHECK") = 0)) -+ else if (strcmp(args[0].from, "FILE_MMAP") = 0 -+ || strcmp(args[0].from, "MMAP_CHECK") = 0) +- else if ((strcmp(args[0].from, "FILE_MMAP") == 0) +- || (strcmp(args[0].from, "MMAP_CHECK") == 0)) ++ else if (strcmp(args[0].from, "FILE_MMAP") == 0 ++ || strcmp(args[0].from, "MMAP_CHECK") == 0) entry->func = MMAP_CHECK; - else if (strcmp(args[0].from, "BPRM_CHECK") = 0) + else if (strcmp(args[0].from, "BPRM_CHECK") == 0) entry->func = BPRM_CHECK; @@ -714,7 +714,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) - if (*from = '^') + if (*from == '^') from++; -- if ((strcmp(from, "MAY_EXEC")) = 0) -+ if (strcmp(from, "MAY_EXEC") = 0) +- if ((strcmp(from, "MAY_EXEC")) == 0) ++ if (strcmp(from, "MAY_EXEC") == 0) entry->mask = MAY_EXEC; - else if (strcmp(from, "MAY_WRITE") = 0) + else if (strcmp(from, "MAY_WRITE") == 0) entry->mask = MAY_WRITE; @@ -757,13 +757,13 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) entry->uid_op = &uid_gt; case Opt_uid_lt: case Opt_euid_lt: -- if ((token = Opt_uid_lt) || (token = Opt_euid_lt)) -+ if (token = Opt_uid_lt || token = Opt_euid_lt) +- if ((token == Opt_uid_lt) || (token == Opt_euid_lt)) ++ if (token == Opt_uid_lt || token == Opt_euid_lt) entry->uid_op = &uid_lt; case Opt_uid_eq: case Opt_euid_eq: -- uid_token = (token = Opt_uid_eq) || -- (token = Opt_uid_gt) || -- (token = Opt_uid_lt); -+ uid_token = token = Opt_uid_eq || -+ token = Opt_uid_gt || -+ token = Opt_uid_lt; +- uid_token = (token == Opt_uid_eq) || +- (token == Opt_uid_gt) || +- (token == Opt_uid_lt); ++ uid_token = token == Opt_uid_eq || ++ token == Opt_uid_gt || ++ token == Opt_uid_lt; ima_log_string_op(ab, uid_token ? "uid" : "euid", args[0].from, entry->uid_op); @@ -268,8 +268,8 @@ index 95209a5f8595..efd8e1c60c10 100644 } ima_log_string(ab, "appraise_type", args[0].from); -- if ((strcmp(args[0].from, "imasig")) = 0) -+ if (strcmp(args[0].from, "imasig") = 0) +- if ((strcmp(args[0].from, "imasig")) == 0) ++ if (strcmp(args[0].from, "imasig") == 0) entry->flags |= IMA_DIGSIG_REQUIRED; else result = -EINVAL; @@ -277,17 +277,17 @@ index 95209a5f8595..efd8e1c60c10 100644 break; } } -- if (!result && (entry->action = UNKNOWN)) -+ if (!result && entry->action = UNKNOWN) +- if (!result && (entry->action == UNKNOWN)) ++ if (!result && entry->action == UNKNOWN) result = -EINVAL; - else if (entry->func = MODULE_CHECK) + else if (entry->func == MODULE_CHECK) temp_ima_appraise |= IMA_APPRAISE_MODULES; @@ -1001,7 +1002,7 @@ void *ima_policy_next(struct seq_file *m, void *v, loff_t *pos) rcu_read_unlock(); (*pos)++; -- return (&entry->list = ima_rules) ? NULL : entry; -+ return &entry->list = ima_rules ? NULL : entry; +- return (&entry->list == ima_rules) ? NULL : entry; ++ return &entry->list == ima_rules ? NULL : entry; } void ima_policy_stop(struct seq_file *m, void *v) @@ -299,10 +299,10 @@ index 7412d0291ab9..3cc1d2763fd2 100644 rcu_read_lock(); list_for_each_entry_rcu(template_desc, &defined_templates, list) { -- if ((strcmp(template_desc->name, name) = 0) || -- (strcmp(template_desc->fmt, name) = 0)) { -+ if (strcmp(template_desc->name, name) = 0 || -+ strcmp(template_desc->fmt, name) = 0) { +- if ((strcmp(template_desc->name, name) == 0) || +- (strcmp(template_desc->fmt, name) == 0)) { ++ if (strcmp(template_desc->name, name) == 0 || ++ strcmp(template_desc->fmt, name) == 0) { found = 1; break; } @@ -332,8 +332,8 @@ index 7412d0291ab9..3cc1d2763fd2 100644 + while (bufp < bufendp && count++ < khdr->count) { int enforce_mask = ENFORCE_FIELDS; -- enforce_mask |= (count = khdr->count) ? ENFORCE_BUFEND : 0; -+ enforce_mask |= count = khdr->count ? ENFORCE_BUFEND : 0; +- enforce_mask |= (count == khdr->count) ? ENFORCE_BUFEND : 0; ++ enforce_mask |= count == khdr->count ? ENFORCE_BUFEND : 0; ret = ima_parse_buf(bufp, bufendp, &bufp, HDR__LAST, hdr, NULL, hdr_mask, enforce_mask, "entry header"); if (ret < 0) @@ -367,15 +367,15 @@ index 8bebcbb61162..d941260e979f 100644 enum data_formats datafmt, struct ima_field_data *field_data) { -- u32 len = (show = IMA_SHOW_BINARY_OLD_STRING_FMT) ? -+ u32 len = show = IMA_SHOW_BINARY_OLD_STRING_FMT ? +- u32 len = (show == IMA_SHOW_BINARY_OLD_STRING_FMT) ? ++ u32 len = show == IMA_SHOW_BINARY_OLD_STRING_FMT ? strlen(field_data->data) : field_data->len; if (show != IMA_SHOW_BINARY_NO_FIELD_LEN) { @@ -182,7 +182,7 @@ int ima_parse_buf(void *bufstartp, void *bufendp, void **bufcurp, for (i = 0; i < maxfields; i++) { - if (len_mask = NULL || !test_bit(i, len_mask)) { + if (len_mask == NULL || !test_bit(i, len_mask)) { - if (bufp > (bufendp - sizeof(u32))) + if (bufp > bufendp - sizeof(u32)) break; diff --git a/a/content_digest b/N1/content_digest index 134c304..404964b 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,7 +1,7 @@ "ref\020171018005331.2688-1-bauerman@linux.vnet.ibm.com\0" "From\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" "Subject\0[PATCH v5 03/18] evm, ima: Remove superfluous parentheses\0" - "Date\0Wed, 18 Oct 2017 00:53:16 +0000\0" + "Date\0Tue, 17 Oct 2017 22:53:16 -0200\0" "To\0linux-integrity@vger.kernel.org\0" "Cc\0linux-security-module@vger.kernel.org" keyrings@vger.kernel.org @@ -67,8 +67,8 @@ " \t}\n" " \n" " \tif (rc)\n" - "-\t\tevm_status = (rc = -ENODATA) ?\n" - "+\t\tevm_status = rc = -ENODATA ?\n" + "-\t\tevm_status = (rc == -ENODATA) ?\n" + "+\t\tevm_status = rc == -ENODATA ?\n" " \t\t\t\tINTEGRITY_NOXATTRS : INTEGRITY_FAIL;\n" " out:\n" " \tif (iint)\n" @@ -76,10 +76,10 @@ " \n" " \tnamelen = strlen(req_xattr_name);\n" " \tfor (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) {\n" - "-\t\tif ((strlen(*xattrname) = namelen)\n" - "-\t\t && (strncmp(req_xattr_name, *xattrname, namelen) = 0)) {\n" - "+\t\tif (strlen(*xattrname) = namelen\n" - "+\t\t && strncmp(req_xattr_name, *xattrname, namelen) = 0) {\n" + "-\t\tif ((strlen(*xattrname) == namelen)\n" + "-\t\t && (strncmp(req_xattr_name, *xattrname, namelen) == 0)) {\n" + "+\t\tif (strlen(*xattrname) == namelen\n" + "+\t\t && strncmp(req_xattr_name, *xattrname, namelen) == 0) {\n" " \t\t\tfound = 1;\n" " \t\t\tbreak;\n" " \t\t}\n" @@ -87,10 +87,10 @@ " \t\tif (!posix_xattr_acl(xattr_name))\n" " \t\t\treturn 0;\n" " \t\tevm_status = evm_verify_current_integrity(dentry);\n" - "-\t\tif ((evm_status = INTEGRITY_PASS) ||\n" - "-\t\t (evm_status = INTEGRITY_NOXATTRS))\n" - "+\t\tif (evm_status = INTEGRITY_PASS ||\n" - "+\t\t evm_status = INTEGRITY_NOXATTRS)\n" + "-\t\tif ((evm_status == INTEGRITY_PASS) ||\n" + "-\t\t (evm_status == INTEGRITY_NOXATTRS))\n" + "+\t\tif (evm_status == INTEGRITY_PASS ||\n" + "+\t\t evm_status == INTEGRITY_NOXATTRS)\n" " \t\t\treturn 0;\n" " \t\tgoto out;\n" " \t}\n" @@ -98,9 +98,9 @@ " \tif (!(ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID)))\n" " \t\treturn 0;\n" " \tevm_status = evm_verify_current_integrity(dentry);\n" - "-\tif ((evm_status = INTEGRITY_PASS) ||\n" - "-\t (evm_status = INTEGRITY_NOXATTRS))\n" - "+\tif (evm_status = INTEGRITY_PASS || evm_status = INTEGRITY_NOXATTRS)\n" + "-\tif ((evm_status == INTEGRITY_PASS) ||\n" + "-\t (evm_status == INTEGRITY_NOXATTRS))\n" + "+\tif (evm_status == INTEGRITY_PASS || evm_status == INTEGRITY_NOXATTRS)\n" " \t\treturn 0;\n" " \tintegrity_audit_msg(AUDIT_INTEGRITY_METADATA, d_backing_inode(dentry),\n" " \t\t\t dentry->d_name.name, \"appraise_metadata\",\n" @@ -124,12 +124,12 @@ "@@ -401,7 +401,7 @@ int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name,\n" " \tresult = ima_protect_xattr(dentry, xattr_name, xattr_value,\n" " \t\t\t\t xattr_value_len);\n" - " \tif (result = 1) {\n" + " \tif (result == 1) {\n" "-\t\tif (!xattr_value_len || (xvalue->type >= IMA_XATTR_LAST))\n" "+\t\tif (!xattr_value_len || xvalue->type >= IMA_XATTR_LAST)\n" " \t\t\treturn -EINVAL;\n" " \t\tima_reset_appraise_flags(d_backing_inode(dentry),\n" - " \t\t\txvalue->type = EVM_IMA_XATTR_DIGSIG);\n" + " \t\t\txvalue->type == EVM_IMA_XATTR_DIGSIG);\n" "diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c\n" "index e4ab8ef8016e..747a4fd9e2de 100644\n" "--- a/security/integrity/ima/ima_main.c\n" @@ -146,7 +146,7 @@ "@@ -123,7 +123,7 @@ static void ima_check_last_writer(struct integrity_iint_cache *iint,\n" " \n" " \tinode_lock(inode);\n" - " \tif (atomic_read(&inode->i_writecount) = 1) {\n" + " \tif (atomic_read(&inode->i_writecount) == 1) {\n" "-\t\tif ((iint->version != inode->i_version) ||\n" "+\t\tif (iint->version != inode->i_version ||\n" " \t\t (iint->flags & IMA_NEW_FILE)) {\n" @@ -156,10 +156,10 @@ " \t * Included is the appraise submask.\n" " \t */\n" " \taction = ima_get_action(inode, mask, func, &pcr);\n" - "-\tviolation_check = ((func = FILE_CHECK || func = MMAP_CHECK) &&\n" + "-\tviolation_check = ((func == FILE_CHECK || func == MMAP_CHECK) &&\n" "-\t\t\t (ima_policy_flag & IMA_MEASURE));\n" "+\n" - "+\tviolation_check = (func = FILE_CHECK || func = MMAP_CHECK) &&\n" + "+\tviolation_check = (func == FILE_CHECK || func == MMAP_CHECK) &&\n" "+\t\t\t (ima_policy_flag & IMA_MEASURE);\n" " \tif (!action && !violation_check)\n" " \t\treturn 0;\n" @@ -190,12 +190,12 @@ " static int temp_ima_appraise;\n" "@@ -193,7 +193,7 @@ static int __init policy_setup(char *str)\n" " \twhile ((p = strsep(&str, \" |\\n\")) != NULL) {\n" - " \t\tif (*p = ' ')\n" + " \t\tif (*p == ' ')\n" " \t\t\tcontinue;\n" - "-\t\tif ((strcmp(p, \"tcb\") = 0) && !ima_policy)\n" - "+\t\tif (strcmp(p, \"tcb\") = 0 && !ima_policy)\n" + "-\t\tif ((strcmp(p, \"tcb\") == 0) && !ima_policy)\n" + "+\t\tif (strcmp(p, \"tcb\") == 0 && !ima_policy)\n" " \t\t\tima_policy = DEFAULT_TCB;\n" - " \t\telse if (strcmp(p, \"appraise_tcb\") = 0)\n" + " \t\telse if (strcmp(p, \"appraise_tcb\") == 0)\n" " \t\t\tima_use_appraise_tcb = 1;\n" "@@ -254,13 +254,13 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode,\n" " \tint i;\n" @@ -236,46 +236,46 @@ " \n" " \t\tif (result < 0)\n" " \t\t\tbreak;\n" - "-\t\tif ((*p = '\\0') || (*p = ' ') || (*p = '\\t'))\n" - "+\t\tif (*p = '\\0' || *p = ' ' || *p = '\\t')\n" + "-\t\tif ((*p == '\\0') || (*p == ' ') || (*p == '\\t'))\n" + "+\t\tif (*p == '\\0' || *p == ' ' || *p == '\\t')\n" " \t\t\tcontinue;\n" " \t\ttoken = match_token(p, policy_tokens, args);\n" " \t\tswitch (token) {\n" "@@ -686,8 +686,8 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)\n" " \t\t\t\tentry->func = MODULE_CHECK;\n" - " \t\t\telse if (strcmp(args[0].from, \"FIRMWARE_CHECK\") = 0)\n" + " \t\t\telse if (strcmp(args[0].from, \"FIRMWARE_CHECK\") == 0)\n" " \t\t\t\tentry->func = FIRMWARE_CHECK;\n" - "-\t\t\telse if ((strcmp(args[0].from, \"FILE_MMAP\") = 0)\n" - "-\t\t\t\t|| (strcmp(args[0].from, \"MMAP_CHECK\") = 0))\n" - "+\t\t\telse if (strcmp(args[0].from, \"FILE_MMAP\") = 0\n" - "+\t\t\t\t|| strcmp(args[0].from, \"MMAP_CHECK\") = 0)\n" + "-\t\t\telse if ((strcmp(args[0].from, \"FILE_MMAP\") == 0)\n" + "-\t\t\t\t|| (strcmp(args[0].from, \"MMAP_CHECK\") == 0))\n" + "+\t\t\telse if (strcmp(args[0].from, \"FILE_MMAP\") == 0\n" + "+\t\t\t\t|| strcmp(args[0].from, \"MMAP_CHECK\") == 0)\n" " \t\t\t\tentry->func = MMAP_CHECK;\n" - " \t\t\telse if (strcmp(args[0].from, \"BPRM_CHECK\") = 0)\n" + " \t\t\telse if (strcmp(args[0].from, \"BPRM_CHECK\") == 0)\n" " \t\t\t\tentry->func = BPRM_CHECK;\n" "@@ -714,7 +714,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)\n" - " \t\t\tif (*from = '^')\n" + " \t\t\tif (*from == '^')\n" " \t\t\t\tfrom++;\n" " \n" - "-\t\t\tif ((strcmp(from, \"MAY_EXEC\")) = 0)\n" - "+\t\t\tif (strcmp(from, \"MAY_EXEC\") = 0)\n" + "-\t\t\tif ((strcmp(from, \"MAY_EXEC\")) == 0)\n" + "+\t\t\tif (strcmp(from, \"MAY_EXEC\") == 0)\n" " \t\t\t\tentry->mask = MAY_EXEC;\n" - " \t\t\telse if (strcmp(from, \"MAY_WRITE\") = 0)\n" + " \t\t\telse if (strcmp(from, \"MAY_WRITE\") == 0)\n" " \t\t\t\tentry->mask = MAY_WRITE;\n" "@@ -757,13 +757,13 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)\n" " \t\t\tentry->uid_op = &uid_gt;\n" " \t\tcase Opt_uid_lt:\n" " \t\tcase Opt_euid_lt:\n" - "-\t\t\tif ((token = Opt_uid_lt) || (token = Opt_euid_lt))\n" - "+\t\t\tif (token = Opt_uid_lt || token = Opt_euid_lt)\n" + "-\t\t\tif ((token == Opt_uid_lt) || (token == Opt_euid_lt))\n" + "+\t\t\tif (token == Opt_uid_lt || token == Opt_euid_lt)\n" " \t\t\t\tentry->uid_op = &uid_lt;\n" " \t\tcase Opt_uid_eq:\n" " \t\tcase Opt_euid_eq:\n" - "-\t\t\tuid_token = (token = Opt_uid_eq) ||\n" - "-\t\t\t\t (token = Opt_uid_gt) ||\n" - "-\t\t\t\t (token = Opt_uid_lt);\n" - "+\t\t\tuid_token = token = Opt_uid_eq ||\n" - "+\t\t\t\t token = Opt_uid_gt ||\n" - "+\t\t\t\t token = Opt_uid_lt;\n" + "-\t\t\tuid_token = (token == Opt_uid_eq) ||\n" + "-\t\t\t\t (token == Opt_uid_gt) ||\n" + "-\t\t\t\t (token == Opt_uid_lt);\n" + "+\t\t\tuid_token = token == Opt_uid_eq ||\n" + "+\t\t\t\t token == Opt_uid_gt ||\n" + "+\t\t\t\t token == Opt_uid_lt;\n" " \n" " \t\t\tima_log_string_op(ab, uid_token ? \"uid\" : \"euid\",\n" " \t\t\t\t\t args[0].from, entry->uid_op);\n" @@ -293,8 +293,8 @@ " \t\t\t}\n" " \n" " \t\t\tima_log_string(ab, \"appraise_type\", args[0].from);\n" - "-\t\t\tif ((strcmp(args[0].from, \"imasig\")) = 0)\n" - "+\t\t\tif (strcmp(args[0].from, \"imasig\") = 0)\n" + "-\t\t\tif ((strcmp(args[0].from, \"imasig\")) == 0)\n" + "+\t\t\tif (strcmp(args[0].from, \"imasig\") == 0)\n" " \t\t\t\tentry->flags |= IMA_DIGSIG_REQUIRED;\n" " \t\t\telse\n" " \t\t\t\tresult = -EINVAL;\n" @@ -302,17 +302,17 @@ " \t\t\tbreak;\n" " \t\t}\n" " \t}\n" - "-\tif (!result && (entry->action = UNKNOWN))\n" - "+\tif (!result && entry->action = UNKNOWN)\n" + "-\tif (!result && (entry->action == UNKNOWN))\n" + "+\tif (!result && entry->action == UNKNOWN)\n" " \t\tresult = -EINVAL;\n" - " \telse if (entry->func = MODULE_CHECK)\n" + " \telse if (entry->func == MODULE_CHECK)\n" " \t\ttemp_ima_appraise |= IMA_APPRAISE_MODULES;\n" "@@ -1001,7 +1002,7 @@ void *ima_policy_next(struct seq_file *m, void *v, loff_t *pos)\n" " \trcu_read_unlock();\n" " \t(*pos)++;\n" " \n" - "-\treturn (&entry->list = ima_rules) ? NULL : entry;\n" - "+\treturn &entry->list = ima_rules ? NULL : entry;\n" + "-\treturn (&entry->list == ima_rules) ? NULL : entry;\n" + "+\treturn &entry->list == ima_rules ? NULL : entry;\n" " }\n" " \n" " void ima_policy_stop(struct seq_file *m, void *v)\n" @@ -324,10 +324,10 @@ " \n" " \trcu_read_lock();\n" " \tlist_for_each_entry_rcu(template_desc, &defined_templates, list) {\n" - "-\t\tif ((strcmp(template_desc->name, name) = 0) ||\n" - "-\t\t (strcmp(template_desc->fmt, name) = 0)) {\n" - "+\t\tif (strcmp(template_desc->name, name) = 0 ||\n" - "+\t\t strcmp(template_desc->fmt, name) = 0) {\n" + "-\t\tif ((strcmp(template_desc->name, name) == 0) ||\n" + "-\t\t (strcmp(template_desc->fmt, name) == 0)) {\n" + "+\t\tif (strcmp(template_desc->name, name) == 0 ||\n" + "+\t\t strcmp(template_desc->fmt, name) == 0) {\n" " \t\t\tfound = 1;\n" " \t\t\tbreak;\n" " \t\t}\n" @@ -357,8 +357,8 @@ "+\twhile (bufp < bufendp && count++ < khdr->count) {\n" " \t\tint enforce_mask = ENFORCE_FIELDS;\n" " \n" - "-\t\tenforce_mask |= (count = khdr->count) ? ENFORCE_BUFEND : 0;\n" - "+\t\tenforce_mask |= count = khdr->count ? ENFORCE_BUFEND : 0;\n" + "-\t\tenforce_mask |= (count == khdr->count) ? ENFORCE_BUFEND : 0;\n" + "+\t\tenforce_mask |= count == khdr->count ? ENFORCE_BUFEND : 0;\n" " \t\tret = ima_parse_buf(bufp, bufendp, &bufp, HDR__LAST, hdr, NULL,\n" " \t\t\t\t hdr_mask, enforce_mask, \"entry header\");\n" " \t\tif (ret < 0)\n" @@ -392,15 +392,15 @@ " \t\t\t\t\t enum data_formats datafmt,\n" " \t\t\t\t\t struct ima_field_data *field_data)\n" " {\n" - "-\tu32 len = (show = IMA_SHOW_BINARY_OLD_STRING_FMT) ?\n" - "+\tu32 len = show = IMA_SHOW_BINARY_OLD_STRING_FMT ?\n" + "-\tu32 len = (show == IMA_SHOW_BINARY_OLD_STRING_FMT) ?\n" + "+\tu32 len = show == IMA_SHOW_BINARY_OLD_STRING_FMT ?\n" " \t strlen(field_data->data) : field_data->len;\n" " \n" " \tif (show != IMA_SHOW_BINARY_NO_FIELD_LEN) {\n" "@@ -182,7 +182,7 @@ int ima_parse_buf(void *bufstartp, void *bufendp, void **bufcurp,\n" " \n" " \tfor (i = 0; i < maxfields; i++) {\n" - " \t\tif (len_mask = NULL || !test_bit(i, len_mask)) {\n" + " \t\tif (len_mask == NULL || !test_bit(i, len_mask)) {\n" "-\t\t\tif (bufp > (bufendp - sizeof(u32)))\n" "+\t\t\tif (bufp > bufendp - sizeof(u32))\n" " \t\t\t\tbreak;\n" @@ -416,4 +416,4 @@ " \n" " \t\tfields[i].data = bufp;" -7e16d2995ff3db6c04de0b0c5d0fb5d3e03b97ad0ff9a3b690bc173200083e2b +c43b93baf4683f45bafef35c518019ed0da3d9d3c0de5e594e9fefd32e9f968b
diff --git a/a/1.txt b/N2/1.txt index a9d23dd..109d0df 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -42,8 +42,8 @@ index 9826c02e2db8..37f062d38d5f 100644 } if (rc) -- evm_status = (rc = -ENODATA) ? -+ evm_status = rc = -ENODATA ? +- evm_status = (rc == -ENODATA) ? ++ evm_status = rc == -ENODATA ? INTEGRITY_NOXATTRS : INTEGRITY_FAIL; out: if (iint) @@ -51,10 +51,10 @@ index 9826c02e2db8..37f062d38d5f 100644 namelen = strlen(req_xattr_name); for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) { -- if ((strlen(*xattrname) = namelen) -- && (strncmp(req_xattr_name, *xattrname, namelen) = 0)) { -+ if (strlen(*xattrname) = namelen -+ && strncmp(req_xattr_name, *xattrname, namelen) = 0) { +- if ((strlen(*xattrname) == namelen) +- && (strncmp(req_xattr_name, *xattrname, namelen) == 0)) { ++ if (strlen(*xattrname) == namelen ++ && strncmp(req_xattr_name, *xattrname, namelen) == 0) { found = 1; break; } @@ -62,10 +62,10 @@ index 9826c02e2db8..37f062d38d5f 100644 if (!posix_xattr_acl(xattr_name)) return 0; evm_status = evm_verify_current_integrity(dentry); -- if ((evm_status = INTEGRITY_PASS) || -- (evm_status = INTEGRITY_NOXATTRS)) -+ if (evm_status = INTEGRITY_PASS || -+ evm_status = INTEGRITY_NOXATTRS) +- if ((evm_status == INTEGRITY_PASS) || +- (evm_status == INTEGRITY_NOXATTRS)) ++ if (evm_status == INTEGRITY_PASS || ++ evm_status == INTEGRITY_NOXATTRS) return 0; goto out; } @@ -73,9 +73,9 @@ index 9826c02e2db8..37f062d38d5f 100644 if (!(ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID))) return 0; evm_status = evm_verify_current_integrity(dentry); -- if ((evm_status = INTEGRITY_PASS) || -- (evm_status = INTEGRITY_NOXATTRS)) -+ if (evm_status = INTEGRITY_PASS || evm_status = INTEGRITY_NOXATTRS) +- if ((evm_status == INTEGRITY_PASS) || +- (evm_status == INTEGRITY_NOXATTRS)) ++ if (evm_status == INTEGRITY_PASS || evm_status == INTEGRITY_NOXATTRS) return 0; integrity_audit_msg(AUDIT_INTEGRITY_METADATA, d_backing_inode(dentry), dentry->d_name.name, "appraise_metadata", @@ -99,12 +99,12 @@ index bce0b36778bd..58c6a60c7e83 100644 @@ -401,7 +401,7 @@ int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name, result = ima_protect_xattr(dentry, xattr_name, xattr_value, xattr_value_len); - if (result = 1) { + if (result == 1) { - if (!xattr_value_len || (xvalue->type >= IMA_XATTR_LAST)) + if (!xattr_value_len || xvalue->type >= IMA_XATTR_LAST) return -EINVAL; ima_reset_appraise_flags(d_backing_inode(dentry), - xvalue->type = EVM_IMA_XATTR_DIGSIG); + xvalue->type == EVM_IMA_XATTR_DIGSIG); diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index e4ab8ef8016e..747a4fd9e2de 100644 --- a/security/integrity/ima/ima_main.c @@ -121,7 +121,7 @@ index e4ab8ef8016e..747a4fd9e2de 100644 @@ -123,7 +123,7 @@ static void ima_check_last_writer(struct integrity_iint_cache *iint, inode_lock(inode); - if (atomic_read(&inode->i_writecount) = 1) { + if (atomic_read(&inode->i_writecount) == 1) { - if ((iint->version != inode->i_version) || + if (iint->version != inode->i_version || (iint->flags & IMA_NEW_FILE)) { @@ -131,10 +131,10 @@ index e4ab8ef8016e..747a4fd9e2de 100644 * Included is the appraise submask. */ action = ima_get_action(inode, mask, func, &pcr); -- violation_check = ((func = FILE_CHECK || func = MMAP_CHECK) && +- violation_check = ((func == FILE_CHECK || func == MMAP_CHECK) && - (ima_policy_flag & IMA_MEASURE)); + -+ violation_check = (func = FILE_CHECK || func = MMAP_CHECK) && ++ violation_check = (func == FILE_CHECK || func == MMAP_CHECK) && + (ima_policy_flag & IMA_MEASURE); if (!action && !violation_check) return 0; @@ -165,12 +165,12 @@ index 95209a5f8595..efd8e1c60c10 100644 static int temp_ima_appraise; @@ -193,7 +193,7 @@ static int __init policy_setup(char *str) while ((p = strsep(&str, " |\n")) != NULL) { - if (*p = ' ') + if (*p == ' ') continue; -- if ((strcmp(p, "tcb") = 0) && !ima_policy) -+ if (strcmp(p, "tcb") = 0 && !ima_policy) +- if ((strcmp(p, "tcb") == 0) && !ima_policy) ++ if (strcmp(p, "tcb") == 0 && !ima_policy) ima_policy = DEFAULT_TCB; - else if (strcmp(p, "appraise_tcb") = 0) + else if (strcmp(p, "appraise_tcb") == 0) ima_use_appraise_tcb = 1; @@ -254,13 +254,13 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, int i; @@ -211,46 +211,46 @@ index 95209a5f8595..efd8e1c60c10 100644 if (result < 0) break; -- if ((*p = '\0') || (*p = ' ') || (*p = '\t')) -+ if (*p = '\0' || *p = ' ' || *p = '\t') +- if ((*p == '\0') || (*p == ' ') || (*p == '\t')) ++ if (*p == '\0' || *p == ' ' || *p == '\t') continue; token = match_token(p, policy_tokens, args); switch (token) { @@ -686,8 +686,8 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) entry->func = MODULE_CHECK; - else if (strcmp(args[0].from, "FIRMWARE_CHECK") = 0) + else if (strcmp(args[0].from, "FIRMWARE_CHECK") == 0) entry->func = FIRMWARE_CHECK; -- else if ((strcmp(args[0].from, "FILE_MMAP") = 0) -- || (strcmp(args[0].from, "MMAP_CHECK") = 0)) -+ else if (strcmp(args[0].from, "FILE_MMAP") = 0 -+ || strcmp(args[0].from, "MMAP_CHECK") = 0) +- else if ((strcmp(args[0].from, "FILE_MMAP") == 0) +- || (strcmp(args[0].from, "MMAP_CHECK") == 0)) ++ else if (strcmp(args[0].from, "FILE_MMAP") == 0 ++ || strcmp(args[0].from, "MMAP_CHECK") == 0) entry->func = MMAP_CHECK; - else if (strcmp(args[0].from, "BPRM_CHECK") = 0) + else if (strcmp(args[0].from, "BPRM_CHECK") == 0) entry->func = BPRM_CHECK; @@ -714,7 +714,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) - if (*from = '^') + if (*from == '^') from++; -- if ((strcmp(from, "MAY_EXEC")) = 0) -+ if (strcmp(from, "MAY_EXEC") = 0) +- if ((strcmp(from, "MAY_EXEC")) == 0) ++ if (strcmp(from, "MAY_EXEC") == 0) entry->mask = MAY_EXEC; - else if (strcmp(from, "MAY_WRITE") = 0) + else if (strcmp(from, "MAY_WRITE") == 0) entry->mask = MAY_WRITE; @@ -757,13 +757,13 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) entry->uid_op = &uid_gt; case Opt_uid_lt: case Opt_euid_lt: -- if ((token = Opt_uid_lt) || (token = Opt_euid_lt)) -+ if (token = Opt_uid_lt || token = Opt_euid_lt) +- if ((token == Opt_uid_lt) || (token == Opt_euid_lt)) ++ if (token == Opt_uid_lt || token == Opt_euid_lt) entry->uid_op = &uid_lt; case Opt_uid_eq: case Opt_euid_eq: -- uid_token = (token = Opt_uid_eq) || -- (token = Opt_uid_gt) || -- (token = Opt_uid_lt); -+ uid_token = token = Opt_uid_eq || -+ token = Opt_uid_gt || -+ token = Opt_uid_lt; +- uid_token = (token == Opt_uid_eq) || +- (token == Opt_uid_gt) || +- (token == Opt_uid_lt); ++ uid_token = token == Opt_uid_eq || ++ token == Opt_uid_gt || ++ token == Opt_uid_lt; ima_log_string_op(ab, uid_token ? "uid" : "euid", args[0].from, entry->uid_op); @@ -268,8 +268,8 @@ index 95209a5f8595..efd8e1c60c10 100644 } ima_log_string(ab, "appraise_type", args[0].from); -- if ((strcmp(args[0].from, "imasig")) = 0) -+ if (strcmp(args[0].from, "imasig") = 0) +- if ((strcmp(args[0].from, "imasig")) == 0) ++ if (strcmp(args[0].from, "imasig") == 0) entry->flags |= IMA_DIGSIG_REQUIRED; else result = -EINVAL; @@ -277,17 +277,17 @@ index 95209a5f8595..efd8e1c60c10 100644 break; } } -- if (!result && (entry->action = UNKNOWN)) -+ if (!result && entry->action = UNKNOWN) +- if (!result && (entry->action == UNKNOWN)) ++ if (!result && entry->action == UNKNOWN) result = -EINVAL; - else if (entry->func = MODULE_CHECK) + else if (entry->func == MODULE_CHECK) temp_ima_appraise |= IMA_APPRAISE_MODULES; @@ -1001,7 +1002,7 @@ void *ima_policy_next(struct seq_file *m, void *v, loff_t *pos) rcu_read_unlock(); (*pos)++; -- return (&entry->list = ima_rules) ? NULL : entry; -+ return &entry->list = ima_rules ? NULL : entry; +- return (&entry->list == ima_rules) ? NULL : entry; ++ return &entry->list == ima_rules ? NULL : entry; } void ima_policy_stop(struct seq_file *m, void *v) @@ -299,10 +299,10 @@ index 7412d0291ab9..3cc1d2763fd2 100644 rcu_read_lock(); list_for_each_entry_rcu(template_desc, &defined_templates, list) { -- if ((strcmp(template_desc->name, name) = 0) || -- (strcmp(template_desc->fmt, name) = 0)) { -+ if (strcmp(template_desc->name, name) = 0 || -+ strcmp(template_desc->fmt, name) = 0) { +- if ((strcmp(template_desc->name, name) == 0) || +- (strcmp(template_desc->fmt, name) == 0)) { ++ if (strcmp(template_desc->name, name) == 0 || ++ strcmp(template_desc->fmt, name) == 0) { found = 1; break; } @@ -332,8 +332,8 @@ index 7412d0291ab9..3cc1d2763fd2 100644 + while (bufp < bufendp && count++ < khdr->count) { int enforce_mask = ENFORCE_FIELDS; -- enforce_mask |= (count = khdr->count) ? ENFORCE_BUFEND : 0; -+ enforce_mask |= count = khdr->count ? ENFORCE_BUFEND : 0; +- enforce_mask |= (count == khdr->count) ? ENFORCE_BUFEND : 0; ++ enforce_mask |= count == khdr->count ? ENFORCE_BUFEND : 0; ret = ima_parse_buf(bufp, bufendp, &bufp, HDR__LAST, hdr, NULL, hdr_mask, enforce_mask, "entry header"); if (ret < 0) @@ -367,15 +367,15 @@ index 8bebcbb61162..d941260e979f 100644 enum data_formats datafmt, struct ima_field_data *field_data) { -- u32 len = (show = IMA_SHOW_BINARY_OLD_STRING_FMT) ? -+ u32 len = show = IMA_SHOW_BINARY_OLD_STRING_FMT ? +- u32 len = (show == IMA_SHOW_BINARY_OLD_STRING_FMT) ? ++ u32 len = show == IMA_SHOW_BINARY_OLD_STRING_FMT ? strlen(field_data->data) : field_data->len; if (show != IMA_SHOW_BINARY_NO_FIELD_LEN) { @@ -182,7 +182,7 @@ int ima_parse_buf(void *bufstartp, void *bufendp, void **bufcurp, for (i = 0; i < maxfields; i++) { - if (len_mask = NULL || !test_bit(i, len_mask)) { + if (len_mask == NULL || !test_bit(i, len_mask)) { - if (bufp > (bufendp - sizeof(u32))) + if (bufp > bufendp - sizeof(u32)) break; @@ -390,3 +390,8 @@ index 8bebcbb61162..d941260e979f 100644 break; fields[i].data = bufp; + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index 134c304..41bf992 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -1,26 +1,8 @@ "ref\020171018005331.2688-1-bauerman@linux.vnet.ibm.com\0" - "From\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" + "From\0bauerman@linux.vnet.ibm.com (Thiago Jung Bauermann)\0" "Subject\0[PATCH v5 03/18] evm, ima: Remove superfluous parentheses\0" - "Date\0Wed, 18 Oct 2017 00:53:16 +0000\0" - "To\0linux-integrity@vger.kernel.org\0" - "Cc\0linux-security-module@vger.kernel.org" - keyrings@vger.kernel.org - linux-crypto@vger.kernel.org - linuxppc-dev@lists.ozlabs.org - linux-kernel@vger.kernel.org - Mimi Zohar <zohar@linux.vnet.ibm.com> - Dmitry Kasatkin <dmitry.kasatkin@gmail.com> - James Morris <james.l.morris@oracle.com> - Serge E. Hallyn <serge@hallyn.com> - David Howells <dhowells@redhat.com> - David Woodhouse <dwmw2@infradead.org> - Jessica Yu <jeyu@redhat.com> - Rusty Russell <rusty@rustcorp.com.au> - Herbert Xu <herbert@gondor.apana.org.au> - David S. Miller <davem@davemloft.net> - AKASHI - Takahiro <takahiro.akashi@linaro.org> - " Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" + "Date\0Tue, 17 Oct 2017 22:53:16 -0200\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "This patch removes unnecessary parentheses from all EVM and IMA files\n" @@ -67,8 +49,8 @@ " \t}\n" " \n" " \tif (rc)\n" - "-\t\tevm_status = (rc = -ENODATA) ?\n" - "+\t\tevm_status = rc = -ENODATA ?\n" + "-\t\tevm_status = (rc == -ENODATA) ?\n" + "+\t\tevm_status = rc == -ENODATA ?\n" " \t\t\t\tINTEGRITY_NOXATTRS : INTEGRITY_FAIL;\n" " out:\n" " \tif (iint)\n" @@ -76,10 +58,10 @@ " \n" " \tnamelen = strlen(req_xattr_name);\n" " \tfor (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) {\n" - "-\t\tif ((strlen(*xattrname) = namelen)\n" - "-\t\t && (strncmp(req_xattr_name, *xattrname, namelen) = 0)) {\n" - "+\t\tif (strlen(*xattrname) = namelen\n" - "+\t\t && strncmp(req_xattr_name, *xattrname, namelen) = 0) {\n" + "-\t\tif ((strlen(*xattrname) == namelen)\n" + "-\t\t && (strncmp(req_xattr_name, *xattrname, namelen) == 0)) {\n" + "+\t\tif (strlen(*xattrname) == namelen\n" + "+\t\t && strncmp(req_xattr_name, *xattrname, namelen) == 0) {\n" " \t\t\tfound = 1;\n" " \t\t\tbreak;\n" " \t\t}\n" @@ -87,10 +69,10 @@ " \t\tif (!posix_xattr_acl(xattr_name))\n" " \t\t\treturn 0;\n" " \t\tevm_status = evm_verify_current_integrity(dentry);\n" - "-\t\tif ((evm_status = INTEGRITY_PASS) ||\n" - "-\t\t (evm_status = INTEGRITY_NOXATTRS))\n" - "+\t\tif (evm_status = INTEGRITY_PASS ||\n" - "+\t\t evm_status = INTEGRITY_NOXATTRS)\n" + "-\t\tif ((evm_status == INTEGRITY_PASS) ||\n" + "-\t\t (evm_status == INTEGRITY_NOXATTRS))\n" + "+\t\tif (evm_status == INTEGRITY_PASS ||\n" + "+\t\t evm_status == INTEGRITY_NOXATTRS)\n" " \t\t\treturn 0;\n" " \t\tgoto out;\n" " \t}\n" @@ -98,9 +80,9 @@ " \tif (!(ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID)))\n" " \t\treturn 0;\n" " \tevm_status = evm_verify_current_integrity(dentry);\n" - "-\tif ((evm_status = INTEGRITY_PASS) ||\n" - "-\t (evm_status = INTEGRITY_NOXATTRS))\n" - "+\tif (evm_status = INTEGRITY_PASS || evm_status = INTEGRITY_NOXATTRS)\n" + "-\tif ((evm_status == INTEGRITY_PASS) ||\n" + "-\t (evm_status == INTEGRITY_NOXATTRS))\n" + "+\tif (evm_status == INTEGRITY_PASS || evm_status == INTEGRITY_NOXATTRS)\n" " \t\treturn 0;\n" " \tintegrity_audit_msg(AUDIT_INTEGRITY_METADATA, d_backing_inode(dentry),\n" " \t\t\t dentry->d_name.name, \"appraise_metadata\",\n" @@ -124,12 +106,12 @@ "@@ -401,7 +401,7 @@ int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name,\n" " \tresult = ima_protect_xattr(dentry, xattr_name, xattr_value,\n" " \t\t\t\t xattr_value_len);\n" - " \tif (result = 1) {\n" + " \tif (result == 1) {\n" "-\t\tif (!xattr_value_len || (xvalue->type >= IMA_XATTR_LAST))\n" "+\t\tif (!xattr_value_len || xvalue->type >= IMA_XATTR_LAST)\n" " \t\t\treturn -EINVAL;\n" " \t\tima_reset_appraise_flags(d_backing_inode(dentry),\n" - " \t\t\txvalue->type = EVM_IMA_XATTR_DIGSIG);\n" + " \t\t\txvalue->type == EVM_IMA_XATTR_DIGSIG);\n" "diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c\n" "index e4ab8ef8016e..747a4fd9e2de 100644\n" "--- a/security/integrity/ima/ima_main.c\n" @@ -146,7 +128,7 @@ "@@ -123,7 +123,7 @@ static void ima_check_last_writer(struct integrity_iint_cache *iint,\n" " \n" " \tinode_lock(inode);\n" - " \tif (atomic_read(&inode->i_writecount) = 1) {\n" + " \tif (atomic_read(&inode->i_writecount) == 1) {\n" "-\t\tif ((iint->version != inode->i_version) ||\n" "+\t\tif (iint->version != inode->i_version ||\n" " \t\t (iint->flags & IMA_NEW_FILE)) {\n" @@ -156,10 +138,10 @@ " \t * Included is the appraise submask.\n" " \t */\n" " \taction = ima_get_action(inode, mask, func, &pcr);\n" - "-\tviolation_check = ((func = FILE_CHECK || func = MMAP_CHECK) &&\n" + "-\tviolation_check = ((func == FILE_CHECK || func == MMAP_CHECK) &&\n" "-\t\t\t (ima_policy_flag & IMA_MEASURE));\n" "+\n" - "+\tviolation_check = (func = FILE_CHECK || func = MMAP_CHECK) &&\n" + "+\tviolation_check = (func == FILE_CHECK || func == MMAP_CHECK) &&\n" "+\t\t\t (ima_policy_flag & IMA_MEASURE);\n" " \tif (!action && !violation_check)\n" " \t\treturn 0;\n" @@ -190,12 +172,12 @@ " static int temp_ima_appraise;\n" "@@ -193,7 +193,7 @@ static int __init policy_setup(char *str)\n" " \twhile ((p = strsep(&str, \" |\\n\")) != NULL) {\n" - " \t\tif (*p = ' ')\n" + " \t\tif (*p == ' ')\n" " \t\t\tcontinue;\n" - "-\t\tif ((strcmp(p, \"tcb\") = 0) && !ima_policy)\n" - "+\t\tif (strcmp(p, \"tcb\") = 0 && !ima_policy)\n" + "-\t\tif ((strcmp(p, \"tcb\") == 0) && !ima_policy)\n" + "+\t\tif (strcmp(p, \"tcb\") == 0 && !ima_policy)\n" " \t\t\tima_policy = DEFAULT_TCB;\n" - " \t\telse if (strcmp(p, \"appraise_tcb\") = 0)\n" + " \t\telse if (strcmp(p, \"appraise_tcb\") == 0)\n" " \t\t\tima_use_appraise_tcb = 1;\n" "@@ -254,13 +254,13 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode,\n" " \tint i;\n" @@ -236,46 +218,46 @@ " \n" " \t\tif (result < 0)\n" " \t\t\tbreak;\n" - "-\t\tif ((*p = '\\0') || (*p = ' ') || (*p = '\\t'))\n" - "+\t\tif (*p = '\\0' || *p = ' ' || *p = '\\t')\n" + "-\t\tif ((*p == '\\0') || (*p == ' ') || (*p == '\\t'))\n" + "+\t\tif (*p == '\\0' || *p == ' ' || *p == '\\t')\n" " \t\t\tcontinue;\n" " \t\ttoken = match_token(p, policy_tokens, args);\n" " \t\tswitch (token) {\n" "@@ -686,8 +686,8 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)\n" " \t\t\t\tentry->func = MODULE_CHECK;\n" - " \t\t\telse if (strcmp(args[0].from, \"FIRMWARE_CHECK\") = 0)\n" + " \t\t\telse if (strcmp(args[0].from, \"FIRMWARE_CHECK\") == 0)\n" " \t\t\t\tentry->func = FIRMWARE_CHECK;\n" - "-\t\t\telse if ((strcmp(args[0].from, \"FILE_MMAP\") = 0)\n" - "-\t\t\t\t|| (strcmp(args[0].from, \"MMAP_CHECK\") = 0))\n" - "+\t\t\telse if (strcmp(args[0].from, \"FILE_MMAP\") = 0\n" - "+\t\t\t\t|| strcmp(args[0].from, \"MMAP_CHECK\") = 0)\n" + "-\t\t\telse if ((strcmp(args[0].from, \"FILE_MMAP\") == 0)\n" + "-\t\t\t\t|| (strcmp(args[0].from, \"MMAP_CHECK\") == 0))\n" + "+\t\t\telse if (strcmp(args[0].from, \"FILE_MMAP\") == 0\n" + "+\t\t\t\t|| strcmp(args[0].from, \"MMAP_CHECK\") == 0)\n" " \t\t\t\tentry->func = MMAP_CHECK;\n" - " \t\t\telse if (strcmp(args[0].from, \"BPRM_CHECK\") = 0)\n" + " \t\t\telse if (strcmp(args[0].from, \"BPRM_CHECK\") == 0)\n" " \t\t\t\tentry->func = BPRM_CHECK;\n" "@@ -714,7 +714,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)\n" - " \t\t\tif (*from = '^')\n" + " \t\t\tif (*from == '^')\n" " \t\t\t\tfrom++;\n" " \n" - "-\t\t\tif ((strcmp(from, \"MAY_EXEC\")) = 0)\n" - "+\t\t\tif (strcmp(from, \"MAY_EXEC\") = 0)\n" + "-\t\t\tif ((strcmp(from, \"MAY_EXEC\")) == 0)\n" + "+\t\t\tif (strcmp(from, \"MAY_EXEC\") == 0)\n" " \t\t\t\tentry->mask = MAY_EXEC;\n" - " \t\t\telse if (strcmp(from, \"MAY_WRITE\") = 0)\n" + " \t\t\telse if (strcmp(from, \"MAY_WRITE\") == 0)\n" " \t\t\t\tentry->mask = MAY_WRITE;\n" "@@ -757,13 +757,13 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)\n" " \t\t\tentry->uid_op = &uid_gt;\n" " \t\tcase Opt_uid_lt:\n" " \t\tcase Opt_euid_lt:\n" - "-\t\t\tif ((token = Opt_uid_lt) || (token = Opt_euid_lt))\n" - "+\t\t\tif (token = Opt_uid_lt || token = Opt_euid_lt)\n" + "-\t\t\tif ((token == Opt_uid_lt) || (token == Opt_euid_lt))\n" + "+\t\t\tif (token == Opt_uid_lt || token == Opt_euid_lt)\n" " \t\t\t\tentry->uid_op = &uid_lt;\n" " \t\tcase Opt_uid_eq:\n" " \t\tcase Opt_euid_eq:\n" - "-\t\t\tuid_token = (token = Opt_uid_eq) ||\n" - "-\t\t\t\t (token = Opt_uid_gt) ||\n" - "-\t\t\t\t (token = Opt_uid_lt);\n" - "+\t\t\tuid_token = token = Opt_uid_eq ||\n" - "+\t\t\t\t token = Opt_uid_gt ||\n" - "+\t\t\t\t token = Opt_uid_lt;\n" + "-\t\t\tuid_token = (token == Opt_uid_eq) ||\n" + "-\t\t\t\t (token == Opt_uid_gt) ||\n" + "-\t\t\t\t (token == Opt_uid_lt);\n" + "+\t\t\tuid_token = token == Opt_uid_eq ||\n" + "+\t\t\t\t token == Opt_uid_gt ||\n" + "+\t\t\t\t token == Opt_uid_lt;\n" " \n" " \t\t\tima_log_string_op(ab, uid_token ? \"uid\" : \"euid\",\n" " \t\t\t\t\t args[0].from, entry->uid_op);\n" @@ -293,8 +275,8 @@ " \t\t\t}\n" " \n" " \t\t\tima_log_string(ab, \"appraise_type\", args[0].from);\n" - "-\t\t\tif ((strcmp(args[0].from, \"imasig\")) = 0)\n" - "+\t\t\tif (strcmp(args[0].from, \"imasig\") = 0)\n" + "-\t\t\tif ((strcmp(args[0].from, \"imasig\")) == 0)\n" + "+\t\t\tif (strcmp(args[0].from, \"imasig\") == 0)\n" " \t\t\t\tentry->flags |= IMA_DIGSIG_REQUIRED;\n" " \t\t\telse\n" " \t\t\t\tresult = -EINVAL;\n" @@ -302,17 +284,17 @@ " \t\t\tbreak;\n" " \t\t}\n" " \t}\n" - "-\tif (!result && (entry->action = UNKNOWN))\n" - "+\tif (!result && entry->action = UNKNOWN)\n" + "-\tif (!result && (entry->action == UNKNOWN))\n" + "+\tif (!result && entry->action == UNKNOWN)\n" " \t\tresult = -EINVAL;\n" - " \telse if (entry->func = MODULE_CHECK)\n" + " \telse if (entry->func == MODULE_CHECK)\n" " \t\ttemp_ima_appraise |= IMA_APPRAISE_MODULES;\n" "@@ -1001,7 +1002,7 @@ void *ima_policy_next(struct seq_file *m, void *v, loff_t *pos)\n" " \trcu_read_unlock();\n" " \t(*pos)++;\n" " \n" - "-\treturn (&entry->list = ima_rules) ? NULL : entry;\n" - "+\treturn &entry->list = ima_rules ? NULL : entry;\n" + "-\treturn (&entry->list == ima_rules) ? NULL : entry;\n" + "+\treturn &entry->list == ima_rules ? NULL : entry;\n" " }\n" " \n" " void ima_policy_stop(struct seq_file *m, void *v)\n" @@ -324,10 +306,10 @@ " \n" " \trcu_read_lock();\n" " \tlist_for_each_entry_rcu(template_desc, &defined_templates, list) {\n" - "-\t\tif ((strcmp(template_desc->name, name) = 0) ||\n" - "-\t\t (strcmp(template_desc->fmt, name) = 0)) {\n" - "+\t\tif (strcmp(template_desc->name, name) = 0 ||\n" - "+\t\t strcmp(template_desc->fmt, name) = 0) {\n" + "-\t\tif ((strcmp(template_desc->name, name) == 0) ||\n" + "-\t\t (strcmp(template_desc->fmt, name) == 0)) {\n" + "+\t\tif (strcmp(template_desc->name, name) == 0 ||\n" + "+\t\t strcmp(template_desc->fmt, name) == 0) {\n" " \t\t\tfound = 1;\n" " \t\t\tbreak;\n" " \t\t}\n" @@ -357,8 +339,8 @@ "+\twhile (bufp < bufendp && count++ < khdr->count) {\n" " \t\tint enforce_mask = ENFORCE_FIELDS;\n" " \n" - "-\t\tenforce_mask |= (count = khdr->count) ? ENFORCE_BUFEND : 0;\n" - "+\t\tenforce_mask |= count = khdr->count ? ENFORCE_BUFEND : 0;\n" + "-\t\tenforce_mask |= (count == khdr->count) ? ENFORCE_BUFEND : 0;\n" + "+\t\tenforce_mask |= count == khdr->count ? ENFORCE_BUFEND : 0;\n" " \t\tret = ima_parse_buf(bufp, bufendp, &bufp, HDR__LAST, hdr, NULL,\n" " \t\t\t\t hdr_mask, enforce_mask, \"entry header\");\n" " \t\tif (ret < 0)\n" @@ -392,15 +374,15 @@ " \t\t\t\t\t enum data_formats datafmt,\n" " \t\t\t\t\t struct ima_field_data *field_data)\n" " {\n" - "-\tu32 len = (show = IMA_SHOW_BINARY_OLD_STRING_FMT) ?\n" - "+\tu32 len = show = IMA_SHOW_BINARY_OLD_STRING_FMT ?\n" + "-\tu32 len = (show == IMA_SHOW_BINARY_OLD_STRING_FMT) ?\n" + "+\tu32 len = show == IMA_SHOW_BINARY_OLD_STRING_FMT ?\n" " \t strlen(field_data->data) : field_data->len;\n" " \n" " \tif (show != IMA_SHOW_BINARY_NO_FIELD_LEN) {\n" "@@ -182,7 +182,7 @@ int ima_parse_buf(void *bufstartp, void *bufendp, void **bufcurp,\n" " \n" " \tfor (i = 0; i < maxfields; i++) {\n" - " \t\tif (len_mask = NULL || !test_bit(i, len_mask)) {\n" + " \t\tif (len_mask == NULL || !test_bit(i, len_mask)) {\n" "-\t\t\tif (bufp > (bufendp - sizeof(u32)))\n" "+\t\t\tif (bufp > bufendp - sizeof(u32))\n" " \t\t\t\tbreak;\n" @@ -414,6 +396,11 @@ "+\t\tif (bufp > bufendp - fields[i].len)\n" " \t\t\tbreak;\n" " \n" - " \t\tfields[i].data = bufp;" + " \t\tfields[i].data = bufp;\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -7e16d2995ff3db6c04de0b0c5d0fb5d3e03b97ad0ff9a3b690bc173200083e2b +2f958f00d224fa5104527acfa84cc7341b65bd3a0d473207d31fd4caad4fb729
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.