All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] fix warnings in selinux-usr
@ 2006-05-05 16:18 Karl MacMillan
  2006-05-06 18:56 ` Ivan Gyurdiev
  2006-05-08 12:49 ` Stephen Smalley
  0 siblings, 2 replies; 9+ messages in thread
From: Karl MacMillan @ 2006-05-05 16:18 UTC (permalink / raw)
  To: selinux; +Cc: selinux-dev

[-- Attachment #1: Type: text/plain, Size: 2361 bytes --]

Steve,

Attached is a patch that fixes many warnings that have crept into the
selinux-usr code over time, making it difficult to ascertain whether
code changes have introduced new warnings.

Fixing some of the warnings required the introduction of unsafe casts,
but those casts were occurring implicitly anyway (see
libsemanage/src/booleans_policydb.c for an example).

I fixed one of the long standing lex warnings that has always been
irritating, but I was unable to fix the warnings in the semanage
configuration file parser. That parser should not rewritten to remove
the lex dependency in the future anyway.

Overview of changes:

 checkpolicy/policy_scan.l                           |    3
 checkpolicy/test/dismod.c                           |    1
 checkpolicy/test/dispol.c                           |    1
 libselinux/src/booleans.c                           |    2
 libselinux/src/context.c                            |    8
 libsemanage/src/booleans_policydb.c                 |   36 +++
 libsemanage/src/conf-scan.l                         |    1
 libsemanage/src/database_policydb.h                 |   91 +++++----
 libsemanage/src/fcontexts_local.c                   |    2
 libsemanage/src/interfaces_policydb.c               |   28 ++-
 libsemanage/src/nodes_policydb.c                    |   27 ++
 libsemanage/src/ports_policydb.c                    |   27 ++
 libsemanage/src/semanage_store.c                    |   10 -
 libsemanage/src/users_base_policydb.c               |   27 ++
 libsepol/include/sepol/policydb/policydb.h          |    3
 libsepol/include/sepol/policydb/util.h              |   32 +++
 libsepol/src/assertion.c                            |    1
 libsepol/src/debug.h                                |   39 +++-
 libsepol/src/policydb.c                             |  180
+++++++++++++++++++
 libsepol/src/util.c                                 |  186
--------------------
 policycoreutils/semodule_expand/semodule_expand.c   |   11 -
 policycoreutils/semodule_package/semodule_package.c |    4
 policycoreutils/setsebool/setsebool.c               |    8
 23 files changed, 440 insertions(+), 288 deletions(-)

This patch is relative to the test-framework patches that I sent earlier
in the week, but I can re-base off HEAD if you would prefer.

Please apply.

Karl

-- 
Karl MacMillan
Tresys Technology
www.tresys.com

[-- Attachment #2: fix-warnings-05052006.diff --]
[-- Type: text/x-patch, Size: 42284 bytes --]

diff --exclude=.svn -ruN ../test_framework/checkpolicy/policy_scan.l ./checkpolicy/policy_scan.l
--- ../test_framework/checkpolicy/policy_scan.l	2006-04-28 14:41:12.000000000 -0400
+++ ./checkpolicy/policy_scan.l	2006-05-05 11:52:33.000000000 -0400
@@ -40,6 +40,9 @@
 
 unsigned int policydb_errors = 0;
 %}
+
+%option nounput
+
 %array
 letter  [A-Za-z]
 digit   [0-9]
diff --exclude=.svn -ruN ../test_framework/checkpolicy/test/dismod.c ./checkpolicy/test/dismod.c
--- ../test_framework/checkpolicy/test/dismod.c	2006-04-28 14:41:12.000000000 -0400
+++ ./checkpolicy/test/dismod.c	2006-05-05 11:52:33.000000000 -0400
@@ -33,6 +33,7 @@
 #include <sepol/policydb/flask.h>
 #include <sepol/policydb/link.h>
 #include <sepol/policydb/module.h>
+#include <sepol/policydb/util.h>
 
 #include <byteswap.h>
 #include <endian.h>
diff --exclude=.svn -ruN ../test_framework/checkpolicy/test/dispol.c ./checkpolicy/test/dispol.c
--- ../test_framework/checkpolicy/test/dispol.c	2006-04-28 14:41:12.000000000 -0400
+++ ./checkpolicy/test/dispol.c	2006-05-05 11:52:33.000000000 -0400
@@ -22,6 +22,7 @@
 #include <sepol/policydb/services.h>
 #include <sepol/policydb/conditional.h>
 #include <sepol/policydb/expand.h>
+#include <sepol/policydb/util.h>
 #include <getopt.h>
 #include <assert.h>
 #include <unistd.h>
diff --exclude=.svn -ruN ../test_framework/libselinux/src/booleans.c ./libselinux/src/booleans.c
--- ../test_framework/libselinux/src/booleans.c	2006-04-28 14:41:12.000000000 -0400
+++ ./libselinux/src/booleans.c	2006-05-05 11:52:33.000000000 -0400
@@ -309,7 +309,7 @@
 		int val;
 		char boolname[BUFSIZ];
 		char *buffer;
-		char *inbuf=NULL;
+		inbuf=NULL;
 		__fsetlocking(boolf, FSETLOCKING_BYCALLER);
 		while ((len=getline(&inbuf, &size, boolf)) > 0) {
 			buffer=strdup(inbuf);
diff --exclude=.svn -ruN ../test_framework/libselinux/src/context.c ./libselinux/src/context.c
--- ../test_framework/libselinux/src/context.c	2006-04-28 14:41:12.000000000 -0400
+++ ./libselinux/src/context.c	2006-05-05 11:52:33.000000000 -0400
@@ -137,7 +137,7 @@
 
 /* Returns nonzero iff failed */
 
-static int set_comp(context_private_t* n,int index, const char *str)
+static int set_comp(context_private_t* n,int idx, const char *str)
 {
 	char *t = NULL;
         const char *p;
@@ -146,15 +146,15 @@
 		if ( !t ) { return 1; }
 		for ( p = str; *p; p++ ) {
 			if ( *p == '\t' || *p == '\n' || *p == '\r' ||
-			     ((*p == ':' || *p == ' ') && index != COMP_RANGE) ) {
+			     ((*p == ':' || *p == ' ') && idx != COMP_RANGE) ) {
 				free(t);
 				return 1;
 			}
 		}
 		strcpy(t,str);
 	}
-        conditional_free(&n->component[index]);
-        n->component[index] = t;
+        conditional_free(&n->component[idx]);
+        n->component[idx] = t;
         return 0;
 }
 
diff --exclude=.svn -ruN ../test_framework/libsemanage/src/booleans_policydb.c ./libsemanage/src/booleans_policydb.c
--- ../test_framework/libsemanage/src/booleans_policydb.c	2006-04-28 14:41:11.000000000 -0400
+++ ./libsemanage/src/booleans_policydb.c	2006-05-05 11:52:33.000000000 -0400
@@ -1,3 +1,21 @@
+/*
+ * Copyright (C) 2006 Tresys Technology, LLC
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ */
+
 /* Copyright (C) 2005 Red Hat, Inc. */
 
 struct semanage_bool;
@@ -20,16 +38,18 @@
 record_policydb_table_t SEMANAGE_BOOL_POLICYDB_RTABLE = {
 	.add         = NULL, 
 	.modify      = NULL,
-	.set         = sepol_bool_set,
-	.query       = sepol_bool_query,
-	.count       = sepol_bool_count,
-	.exists      = sepol_bool_exists, 
-	.iterate     = sepol_bool_iterate,
+/* FIXME: these casts depend on stucts in libsepol matching structs
+ * in libsemanage. This is incredibly fragile - the casting gets
+ * rid of warnings, but is not type safe.
+ */
+	.set         = (record_policydb_table_set_t)sepol_bool_set,
+	.query       = (record_policydb_table_query_t)sepol_bool_query,
+	.count       = (record_policydb_table_count_t)sepol_bool_count,
+	.exists      = (record_policydb_table_exists_t)sepol_bool_exists, 
+	.iterate     = (record_policydb_table_iterate_t)sepol_bool_iterate,
 };
 
-int bool_policydb_dbase_init(
-	semanage_handle_t* handle,
-	dbase_config_t* dconfig) {
+int bool_policydb_dbase_init(semanage_handle_t* handle, dbase_config_t* dconfig) {
 
 	if (dbase_policydb_init(
 		handle, 
diff --exclude=.svn -ruN ../test_framework/libsemanage/src/conf-scan.l ./libsemanage/src/conf-scan.l
--- ../test_framework/libsemanage/src/conf-scan.l	2006-04-28 14:41:11.000000000 -0400
+++ ./libsemanage/src/conf-scan.l	2006-05-05 11:52:33.000000000 -0400
@@ -18,7 +18,6 @@
  */
 
 %{
-        
 #include "conf-parse.h"
 
 #include <ctype.h>
diff --exclude=.svn -ruN ../test_framework/libsemanage/src/database_policydb.h ./libsemanage/src/database_policydb.h
--- ../test_framework/libsemanage/src/database_policydb.h	2006-04-28 14:41:11.000000000 -0400
+++ ./libsemanage/src/database_policydb.h	2006-05-05 11:52:33.000000000 -0400
@@ -1,3 +1,21 @@
+/*
+ * Copyright (C) 2006 Tresys Technology, LLC
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ */
+
 /* Copyright (C) 2005 Red Hat, Inc. */
 
 #ifndef _SEMANAGE_DATABASE_POLICYDB_INTERNAL_H_
@@ -11,61 +29,46 @@
 struct dbase_policydb;
 typedef struct dbase_policydb dbase_policydb_t;
 
+typedef int (*record_policydb_table_add_t)(sepol_handle_t* h, sepol_policydb_t* p, 
+					   const record_key_t* rkey, const record_t* record);
+
+typedef int (*record_policydb_table_modify_t) (sepol_handle_t* h, sepol_policydb_t* p, 
+					       const record_key_t* rkey, const record_t* record);
+
+typedef int (*record_policydb_table_set_t) (sepol_handle_t* h, sepol_policydb_t* p,
+					    const record_key_t* rkey, const record_t* record);
+
+typedef int (*record_policydb_table_query_t) (sepol_handle_t* h, const sepol_policydb_t* p,
+					      const record_key_t* rkey, record_t** response);
+
+typedef int (*record_policydb_table_count_t) (sepol_handle_t* h, const sepol_policydb_t* p,
+					      unsigned int* response);
+
+typedef int (*record_policydb_table_exists_t) (sepol_handle_t* h, const sepol_policydb_t* p,
+					       const record_key_t* rkey, int* response);
+		
+typedef int (*record_policydb_table_iterate_t) (sepol_handle_t* h, const sepol_policydb_t* p,
+						int (*fn)(const record_t* r, void* fn_arg),
+						void* arg);
+
 /* POLICYDB extension to RECORD interface - method table */
 typedef struct record_policydb_table {
-
 	/* Add policy record */
-	int (*add) (
-		sepol_handle_t* handle,
-		sepol_policydb_t* policydb, 
-		const record_key_t* rkey,
-		const record_t* record);
-
+	record_policydb_table_add_t add;
 	/* Modify policy record, or add if 
 	 * the key isn't found */
-	int (*modify) (
-		sepol_handle_t* handle,
-		sepol_policydb_t* policydb, 
-		const record_key_t* rkey,
-		const record_t* record);
-
+	record_policydb_table_modify_t modify;
 	/* Set policy record */
-	int (*set) (
-		sepol_handle_t* handle,
-		sepol_policydb_t* policydb,
-		const record_key_t* rkey,
-		const record_t* record);
-
+	record_policydb_table_set_t set;
 	/* Query policy record  - return the record
 	 * or NULL if it isn't found */
-	int (*query) (
-		sepol_handle_t* handle,
-		const sepol_policydb_t* policydb,
-		const record_key_t* rkey,
-		record_t** response);
-
+	record_policydb_table_query_t query;
 	/* Count records */
-	int (*count) (
-		sepol_handle_t* handle,
-		const sepol_policydb_t* policydb,
-		unsigned int* response);
-
+	record_policydb_table_count_t count;
 	/* Check if a record exists */
-	int (*exists) (
-		sepol_handle_t* handle,
-		const sepol_policydb_t* policydb,
-		const record_key_t* rkey,
-		int* response);
-		
+	record_policydb_table_exists_t exists;
 	/* Iterate over records */
-	int (*iterate) (
-		sepol_handle_t* handle,
-		const sepol_policydb_t* policydb,
-		int (*fn)(
-			const record_t* record, 
-			void* fn_arg),
-		void* arg);
-
+	record_policydb_table_iterate_t iterate;
 } record_policydb_table_t;
 
 /* Initialize database */
diff --exclude=.svn -ruN ../test_framework/libsemanage/src/fcontexts_local.c ./libsemanage/src/fcontexts_local.c
--- ../test_framework/libsemanage/src/fcontexts_local.c	2006-04-28 14:41:11.000000000 -0400
+++ ./libsemanage/src/fcontexts_local.c	2006-05-05 11:52:33.000000000 -0400
@@ -102,7 +102,7 @@
 	const char* type_str = semanage_fcontext_get_type_str(type);
 	semanage_context_t* con = semanage_fcontext_get_con(fcon);
 
-	if (con && sepol_context_check(handle->sepolh, policydb, con) < 0)
+	if (con && sepol_context_check(handle->sepolh, policydb, (sepol_context_t*)con) < 0)
 		goto invalid;
 
 	return 0;
diff --exclude=.svn -ruN ../test_framework/libsemanage/src/interfaces_policydb.c ./libsemanage/src/interfaces_policydb.c
--- ../test_framework/libsemanage/src/interfaces_policydb.c	2006-04-28 14:41:11.000000000 -0400
+++ ./libsemanage/src/interfaces_policydb.c	2006-05-05 11:52:33.000000000 -0400
@@ -1,3 +1,21 @@
+/*
+ * Copyright (C) 2006 Tresys Technology, LLC
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ */
+
 /* Copyright (C) 2005 Red Hat, Inc. */
 
 struct semanage_iface;
@@ -19,12 +37,12 @@
 /* INTERFACE RECRORD (SEPOL): POLICYDB extension: method table */
 record_policydb_table_t SEMANAGE_IFACE_POLICYDB_RTABLE = {
 	.add         = NULL,
-	.modify      = sepol_iface_modify,
+	.modify      = (record_policydb_table_modify_t)sepol_iface_modify,
 	.set         = NULL,
-	.query       = sepol_iface_query,
-        .count       = sepol_iface_count,
-	.exists      = sepol_iface_exists, 
-	.iterate     = sepol_iface_iterate,
+	.query       = (record_policydb_table_query_t)sepol_iface_query,
+        .count       = (record_policydb_table_count_t)sepol_iface_count,
+	.exists      = (record_policydb_table_exists_t)sepol_iface_exists, 
+	.iterate     = (record_policydb_table_iterate_t)sepol_iface_iterate,
 };
 
 int iface_policydb_dbase_init(
diff --exclude=.svn -ruN ../test_framework/libsemanage/src/nodes_policydb.c ./libsemanage/src/nodes_policydb.c
--- ../test_framework/libsemanage/src/nodes_policydb.c	2006-04-28 14:41:11.000000000 -0400
+++ ./libsemanage/src/nodes_policydb.c	2006-05-05 12:03:37.000000000 -0400
@@ -1,3 +1,20 @@
+/*
+ * Copyright (C) 2006 Tresys Technology, LLC
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ */
 /* Copyright (C) 2005 Red Hat, Inc. */
 
 struct semanage_node;
@@ -19,12 +36,12 @@
 /* NODE RECORD (SEPOL): POLICYDB extension : method table */
 record_policydb_table_t SEMANAGE_NODE_POLICYDB_RTABLE = {
 	.add         = NULL, 
-	.modify      = sepol_node_modify,
+	.modify      = (record_policydb_table_modify_t)sepol_node_modify,
 	.set         = NULL, 
-	.query       = sepol_node_query,
-        .count       = sepol_node_count,
-	.exists      = sepol_node_exists,
-	.iterate     = sepol_node_iterate,
+	.query       = (record_policydb_table_query_t)sepol_node_query,
+        .count       = (record_policydb_table_count_t)sepol_node_count,
+	.exists      = (record_policydb_table_exists_t)sepol_node_exists,
+	.iterate     = (record_policydb_table_iterate_t)sepol_node_iterate,
 };
 
 int node_policydb_dbase_init(
diff --exclude=.svn -ruN ../test_framework/libsemanage/src/ports_policydb.c ./libsemanage/src/ports_policydb.c
--- ../test_framework/libsemanage/src/ports_policydb.c	2006-04-28 14:41:11.000000000 -0400
+++ ./libsemanage/src/ports_policydb.c	2006-05-05 12:04:25.000000000 -0400
@@ -1,3 +1,20 @@
+/*
+ * Copyright (C) 2006 Tresys Technology, LLC
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ */
 /* Copyright (C) 2005 Red Hat, Inc. */
 
 struct semanage_port;
@@ -19,12 +36,12 @@
 /* PORT RECORD (SEPOL): POLICYDB extension : method table */
 record_policydb_table_t SEMANAGE_PORT_POLICYDB_RTABLE = {
 	.add         = NULL, 
-	.modify      = sepol_port_modify,
+	.modify      = (record_policydb_table_modify_t)sepol_port_modify,
 	.set         = NULL, 
-	.query       = sepol_port_query,
-        .count       = sepol_port_count,
-	.exists      = sepol_port_exists,
-	.iterate     = sepol_port_iterate,
+	.query       = (record_policydb_table_query_t)sepol_port_query,
+        .count       = (record_policydb_table_count_t)sepol_port_count,
+	.exists      = (record_policydb_table_exists_t)sepol_port_exists,
+	.iterate     = (record_policydb_table_iterate_t)sepol_port_iterate,
 };
 
 int port_policydb_dbase_init(
diff --exclude=.svn -ruN ../test_framework/libsemanage/src/semanage_store.c ./libsemanage/src/semanage_store.c
--- ../test_framework/libsemanage/src/semanage_store.c	2006-04-28 14:41:11.000000000 -0400
+++ ./libsemanage/src/semanage_store.c	2006-05-05 11:52:33.000000000 -0400
@@ -1813,15 +1813,15 @@
 /* Replicates strchr, but limits search to buf_len characters. */
 static char *semanage_fc_strnchr(const char *buf, size_t buf_len, char c)
 {
-	size_t index = 0;
+	size_t idx = 0;
 
 	if (buf == NULL) return NULL;
 	if (buf_len <= 0) return NULL;
 
-	while (index < buf_len) {
-		if (buf[index] == c) 
-			return (char *)buf+index;
-		index++;
+	while (idx < buf_len) {
+		if (buf[idx] == c) 
+			return (char *)buf+idx;
+		idx++;
 	}
 
 	return NULL;
diff --exclude=.svn -ruN ../test_framework/libsemanage/src/users_base_policydb.c ./libsemanage/src/users_base_policydb.c
--- ../test_framework/libsemanage/src/users_base_policydb.c	2006-04-28 14:41:11.000000000 -0400
+++ ./libsemanage/src/users_base_policydb.c	2006-05-05 12:04:48.000000000 -0400
@@ -1,3 +1,20 @@
+/*
+ * Copyright (C) 2006 Tresys Technology, LLC
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ */
 /* Copyright (C) 2005 Red Hat, Inc. */
 
 struct semanage_user_base;
@@ -19,12 +36,12 @@
 /* USER BASE record: POLICYDB extension: method table */
 record_policydb_table_t SEMANAGE_USER_BASE_POLICYDB_RTABLE = {
 	.add         = NULL,
-	.modify      = sepol_user_modify,
+	.modify      = (record_policydb_table_modify_t)sepol_user_modify,
 	.set         = NULL,
-	.query       = sepol_user_query, 
-	.count       = sepol_user_count,
-	.exists      = sepol_user_exists,
-	.iterate     = sepol_user_iterate,
+	.query       = (record_policydb_table_query_t)sepol_user_query, 
+	.count       = (record_policydb_table_count_t)sepol_user_count,
+	.exists      = (record_policydb_table_exists_t)sepol_user_exists,
+	.iterate     = (record_policydb_table_iterate_t)sepol_user_iterate,
 };
 
 int user_base_policydb_dbase_init(
diff --exclude=.svn -ruN ../test_framework/libsepol/include/sepol/policydb/policydb.h ./libsepol/include/sepol/policydb/policydb.h
--- ../test_framework/libsepol/include/sepol/policydb/policydb.h	2006-04-28 14:41:12.000000000 -0400
+++ ./libsepol/include/sepol/policydb/policydb.h	2006-05-05 11:52:33.000000000 -0400
@@ -510,9 +510,6 @@
                   uint32_t scope, uint32_t avrule_decl_id,
                   uint32_t *value);
 
-extern char *sepol_av_to_string(policydb_t *policydbp, uint32_t tclass, 
-			 sepol_access_vector_t av);
-
 /* A policy "file" may be a memory region referenced by a (data, len) pair
    or a file referenced by a FILE pointer. */
 typedef struct policy_file {
diff --exclude=.svn -ruN ../test_framework/libsepol/include/sepol/policydb/util.h ./libsepol/include/sepol/policydb/util.h
--- ../test_framework/libsepol/include/sepol/policydb/util.h	1969-12-31 19:00:00.000000000 -0500
+++ ./libsepol/include/sepol/policydb/util.h	2006-05-05 11:52:33.000000000 -0400
@@ -0,0 +1,32 @@
+/* Authors: Karl MacMillan <kmacmillan@tresys.com>
+ *
+ * A set of utility functions that aid policy decision when dealing
+ * with hierarchal namespaces.
+ *
+ * Copyright (C) 2006 Tresys Technology, LLC
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ */
+
+#ifndef __SEPOL_UTIL_H__
+#define __SEPOL_UTIL_H__
+
+
+extern int add_i_to_a(uint32_t i, uint32_t *cnt, uint32_t **a);
+
+extern char *sepol_av_to_string(policydb_t *policydbp, uint32_t tclass, 
+			 sepol_access_vector_t av);
+
+#endif
diff --exclude=.svn -ruN ../test_framework/libsepol/src/assertion.c ./libsepol/src/assertion.c
--- ../test_framework/libsepol/src/assertion.c	2006-04-28 14:41:12.000000000 -0400
+++ ./libsepol/src/assertion.c	2006-05-05 11:52:33.000000000 -0400
@@ -23,6 +23,7 @@
 #include <sepol/policydb/avtab.h>
 #include <sepol/policydb/policydb.h>
 #include <sepol/policydb/expand.h>
+#include <sepol/policydb/util.h>
 
 #include "debug.h"
 
diff --exclude=.svn -ruN ../test_framework/libsepol/src/debug.h ./libsepol/src/debug.h
--- ../test_framework/libsepol/src/debug.h	2006-04-28 14:41:12.000000000 -0400
+++ ./libsepol/src/debug.h	2006-05-05 12:05:19.000000000 -0400
@@ -1,3 +1,21 @@
+/*
+ * Copyright (C) 2006 Tresys Technology, LLC
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ */
+
 #ifndef _SEPOL_INTERNAL_DEBUG_H_
 #define _SEPOL_INTERNAL_DEBUG_H_
 
@@ -10,17 +28,22 @@
 #define STATUS_ERR -1
 #define STATUS_NODATA 1
 
+/* FIXME: this needs to become a real function. Declaring variables
+ * in a macro is _evil_ as it can shadow other variables in local scope.
+ * The variable h has been renamed to _sepol_h to reduce this chance, but
+ * it is still wrong.
+ */
 #define msg_write(handle_arg, level_arg,			   \
 		  channel_arg, func_arg, ...) do {		   \
-		sepol_handle_t *h = (handle_arg) ?: &sepol_compat_handle; \
-		if (h->msg_callback) {				   \
-			h->msg_fname = func_arg;		   \
-			h->msg_channel = channel_arg;		   \
-			h->msg_level = level_arg;		   \
+		sepol_handle_t *_sepol_h = (handle_arg) ?: &sepol_compat_handle; \
+		if (_sepol_h->msg_callback) {			   \
+			_sepol_h->msg_fname = func_arg;		   \
+			_sepol_h->msg_channel = channel_arg;	   \
+			_sepol_h->msg_level = level_arg;	   \
 								   \
-			h->msg_callback(			   \
-				h->msg_callback_arg,		   \
-				h, __VA_ARGS__);		   \
+			_sepol_h->msg_callback(			   \
+				_sepol_h->msg_callback_arg,	   \
+				_sepol_h, __VA_ARGS__);		   \
 		}                                                  \
 	} while(0)
 
diff --exclude=.svn -ruN ../test_framework/libsepol/src/policydb.c ./libsepol/src/policydb.c
--- ../test_framework/libsepol/src/policydb.c	2006-04-28 14:41:12.000000000 -0400
+++ ./libsepol/src/policydb.c	2006-05-05 11:52:33.000000000 -0400
@@ -48,6 +48,7 @@
 #include <sepol/policydb/expand.h>
 #include <sepol/policydb/conditional.h>
 #include <sepol/policydb/avrule_block.h>
+#include <sepol/policydb/util.h>
 
 #include "private.h"
 #include "debug.h"
@@ -1024,6 +1025,185 @@
 	return 0;
 }
 
+/* Declare a symbol for a certain avrule_block context.  Insert it
+ * into a symbol table for a policy.  This function will handle
+ * inserting the appropriate scope information in addition to
+ * inserting the symbol into the hash table.
+ *
+ * arguments:
+ *   policydb_t *pol       module policy to modify
+ *   uint32_t sym          the symbole table for insertion (SYM_*)
+ *   hashtab_key_t key     the key for the symbol - not cloned
+ *   hashtab_datum_t data  the data for the symbol - not cloned
+ *   scope                 scope of this symbol, either SCOPE_REQ or SCOPE_DECL
+ *   avrule_decl_id        identifier for this symbol's encapsulating declaration
+ *   value (out)           assigned value to the symbol (if value is not NULL)
+ *
+ * returns:
+ *   0                     success
+ *   1                     success, but symbol already existed as a requirement
+ *                         (datum was not inserted and needs to be free()d)
+ *   -1                    general error
+ *   -2                    scope conflicted
+ *   -ENOMEM               memory error
+ *   error codes from hashtab_insert
+ */
+int symtab_insert(policydb_t *pol, uint32_t sym,
+                  hashtab_key_t key, hashtab_datum_t datum,
+                  uint32_t scope, uint32_t avrule_decl_id,
+                  uint32_t *value)
+{
+	int rc, retval = 0;
+	unsigned int i;
+        scope_datum_t *scope_datum;
+        
+        /* check if the symbol is already there.  multiple
+         * declarations of non-roles/non-users are illegal, but
+         * multiple requires are allowed. */
+        
+        /* FIX ME - the failures after the hashtab_insert will leave
+         * the policy in a inconsistent state. */
+        rc = hashtab_insert(pol->symtab[sym].table, key, datum);
+        if (rc == 0) {
+                /* if no value is passed in the symbol is not primary
+                 * (i.e. aliases) */
+                if (value)
+                        *value = ++pol->symtab[sym].nprim;
+        }
+        else if (rc == HASHTAB_PRESENT && scope == SCOPE_REQ) {
+                retval = 1;   /* symbol not added -- need to free() later */
+        }
+        else if (rc == HASHTAB_PRESENT && scope == SCOPE_DECL) {
+                if (sym == SYM_ROLES || sym == SYM_USERS) {
+                        /* allow multiple declarations for these two */
+                        retval = 1;
+                }
+                else {
+                        /* duplicate declarations not allowed for all else */
+                        return -2;
+                }
+        }
+        else {
+                return rc;
+        }
+
+        /* get existing scope information; if there is not one then
+         * create it */
+        scope_datum = (scope_datum_t *) hashtab_search(pol->scope[sym].table, key);
+        if (scope_datum == NULL) {
+		hashtab_key_t key2 = strdup((char*)key);
+		if (!key2)
+			return -ENOMEM;
+                if ((scope_datum = malloc(sizeof(*scope_datum))) == NULL) {
+			free(key2);
+                        return -ENOMEM;
+                }
+                scope_datum->scope = scope;
+                scope_datum->decl_ids = NULL;
+                scope_datum->decl_ids_len = 0;
+                if ((rc = hashtab_insert(pol->scope[sym].table, key2, scope_datum)) != 0) {	
+			free(key2);
+			free(scope_datum);
+                        return rc;
+                }
+        }
+        else if (scope_datum->scope == SCOPE_DECL) {
+                /* disallow multiple declarations for non-roles/users */
+                if (sym != SYM_ROLES && sym != SYM_USERS) {
+                        return -2;
+                }
+        }
+        else if (scope_datum->scope == SCOPE_REQ && scope == SCOPE_DECL) {
+                /* appending to required symbol only allowed for roles/users */
+                if (sym != SYM_ROLES && sym != SYM_USERS) {
+                        return -2;
+                }
+               	scope_datum->scope = SCOPE_DECL; 
+        }
+        else if (scope_datum->scope != scope) {
+                /* scope does not match */
+                return -2;
+        }
+
+        /* search through the pre-existing list to avoid adding duplicates */
+        for (i = 0; i < scope_datum->decl_ids_len; i++) {
+                if (scope_datum->decl_ids[i] == avrule_decl_id) {
+                        /* already there, so don't modify its scope */
+                        return retval;
+                }
+        }
+
+        if (add_i_to_a(avrule_decl_id,
+                       &scope_datum->decl_ids_len,
+                       &scope_datum->decl_ids) == -1) {
+                return -ENOMEM;
+        }
+        
+        return retval;
+}
+
+int type_set_or(type_set_t *dst, type_set_t *a, type_set_t *b)
+{
+        type_set_init(dst);
+
+        if (ebitmap_or(&dst->types, &a->types, &b->types)) {
+                return -1;
+        }
+        if (ebitmap_or(&dst->negset, &a->negset, &b->negset)) {
+                return -1;
+        }
+
+        dst->flags |= a->flags;
+        dst->flags |= b->flags;
+
+        return 0;
+}
+
+int type_set_cpy(type_set_t *dst, type_set_t *src)
+{
+        type_set_init(dst);
+
+        dst->flags = src->flags;
+        if (ebitmap_cpy(&dst->types, &src->types))
+                return -1;
+        if (ebitmap_cpy(&dst->negset, &src->negset))
+                return -1;
+
+        return 0;
+}
+
+int type_set_or_eq(type_set_t *dst, type_set_t *other)
+{
+        int ret;
+        type_set_t tmp;
+
+        if (type_set_or(&tmp, dst, other))
+                return -1;
+        type_set_destroy(dst);
+        ret = type_set_cpy(dst, &tmp);
+        type_set_destroy(&tmp);
+
+        return ret;
+}
+
+int role_set_get_role(role_set_t *x, uint32_t role)
+{
+        if (x->flags & ROLE_STAR)
+                return 1;
+
+        if (ebitmap_get_bit(&x->roles, role - 1)) {
+                if (x->flags & ROLE_COMP)
+                        return 0;
+                else
+                        return 1;
+        } else {
+                if (x->flags & ROLE_COMP)
+                        return 1;
+                else
+                        return 0;
+        }
+}
+
 /***********************************************************************/
 /* everything below is for policy reads */
 
diff --exclude=.svn -ruN ../test_framework/libsepol/src/util.c ./libsepol/src/util.c
--- ../test_framework/libsepol/src/util.c	2006-04-28 14:41:12.000000000 -0400
+++ ./libsepol/src/util.c	2006-05-05 11:54:00.000000000 -0400
@@ -1,10 +1,7 @@
 /* Authors: Joshua Brindle <jbrindle@tresys.com>
  * 	    Jason Tang <jtang@tresys.com>
  *
- * A set of utility functions that aid policy decision when dealing
- * with hierarchal namespaces.
- *
- * Copyright (C) 2005 Tresys Technology, LLC
+ * Copyright (C) 2005-2006 Tresys Technology, LLC
  *
  *  This library is free software; you can redistribute it and/or
  *  modify it under the terms of the GNU Lesser General Public
@@ -38,7 +35,7 @@
  * *a; it will be incremented upon successfully appending i.  If *a is
  * NULL then this function will create a new array (*cnt is reset to
  * 0).  Return 0 on success, -1 on out of memory. */
-static int add_i_to_a(uint32_t i, uint32_t *cnt, uint32_t **a)
+int add_i_to_a(uint32_t i, uint32_t *cnt, uint32_t **a)
 {
         if(cnt == NULL || a == NULL)
                 return -1;
@@ -61,185 +58,6 @@
         return 0;
 }
 
-int type_set_or(type_set_t *dst, type_set_t *a, type_set_t *b)
-{
-        type_set_init(dst);
-
-        if (ebitmap_or(&dst->types, &a->types, &b->types)) {
-                return -1;
-        }
-        if (ebitmap_or(&dst->negset, &a->negset, &b->negset)) {
-                return -1;
-        }
-
-        dst->flags |= a->flags;
-        dst->flags |= b->flags;
-
-        return 0;
-}
-
-int type_set_cpy(type_set_t *dst, type_set_t *src)
-{
-        type_set_init(dst);
-
-        dst->flags = src->flags;
-        if (ebitmap_cpy(&dst->types, &src->types))
-                return -1;
-        if (ebitmap_cpy(&dst->negset, &src->negset))
-                return -1;
-
-        return 0;
-}
-
-int type_set_or_eq(type_set_t *dst, type_set_t *other)
-{
-        int ret;
-        type_set_t tmp;
-
-        if (type_set_or(&tmp, dst, other))
-                return -1;
-        type_set_destroy(dst);
-        ret = type_set_cpy(dst, &tmp);
-        type_set_destroy(&tmp);
-
-        return ret;
-}
-
-int role_set_get_role(role_set_t *x, uint32_t role)
-{
-        if (x->flags & ROLE_STAR)
-                return 1;
-
-        if (ebitmap_get_bit(&x->roles, role - 1)) {
-                if (x->flags & ROLE_COMP)
-                        return 0;
-                else
-                        return 1;
-        } else {
-                if (x->flags & ROLE_COMP)
-                        return 1;
-                else
-                        return 0;
-        }
-}
-
-/* Declare a symbol for a certain avrule_block context.  Insert it
- * into a symbol table for a policy.  This function will handle
- * inserting the appropriate scope information in addition to
- * inserting the symbol into the hash table.
- *
- * arguments:
- *   policydb_t *pol       module policy to modify
- *   uint32_t sym          the symbole table for insertion (SYM_*)
- *   hashtab_key_t key     the key for the symbol - not cloned
- *   hashtab_datum_t data  the data for the symbol - not cloned
- *   scope                 scope of this symbol, either SCOPE_REQ or SCOPE_DECL
- *   avrule_decl_id        identifier for this symbol's encapsulating declaration
- *   value (out)           assigned value to the symbol (if value is not NULL)
- *
- * returns:
- *   0                     success
- *   1                     success, but symbol already existed as a requirement
- *                         (datum was not inserted and needs to be free()d)
- *   -1                    general error
- *   -2                    scope conflicted
- *   -ENOMEM               memory error
- *   error codes from hashtab_insert
- */
-int symtab_insert(policydb_t *pol, uint32_t sym,
-                  hashtab_key_t key, hashtab_datum_t datum,
-                  uint32_t scope, uint32_t avrule_decl_id,
-                  uint32_t *value)
-{
-	int rc, retval = 0;
-	unsigned int i;
-        scope_datum_t *scope_datum;
-        
-        /* check if the symbol is already there.  multiple
-         * declarations of non-roles/non-users are illegal, but
-         * multiple requires are allowed. */
-        
-        /* FIX ME - the failures after the hashtab_insert will leave
-         * the policy in a inconsistent state. */
-        rc = hashtab_insert(pol->symtab[sym].table, key, datum);
-        if (rc == 0) {
-                /* if no value is passed in the symbol is not primary
-                 * (i.e. aliases) */
-                if (value)
-                        *value = ++pol->symtab[sym].nprim;
-        }
-        else if (rc == HASHTAB_PRESENT && scope == SCOPE_REQ) {
-                retval = 1;   /* symbol not added -- need to free() later */
-        }
-        else if (rc == HASHTAB_PRESENT && scope == SCOPE_DECL) {
-                if (sym == SYM_ROLES || sym == SYM_USERS) {
-                        /* allow multiple declarations for these two */
-                        retval = 1;
-                }
-                else {
-                        /* duplicate declarations not allowed for all else */
-                        return -2;
-                }
-        }
-        else {
-                return rc;
-        }
-
-        /* get existing scope information; if there is not one then
-         * create it */
-        scope_datum = (scope_datum_t *) hashtab_search(pol->scope[sym].table, key);
-        if (scope_datum == NULL) {
-		hashtab_key_t key2 = strdup((char*)key);
-		if (!key2)
-			return -ENOMEM;
-                if ((scope_datum = malloc(sizeof(*scope_datum))) == NULL) {
-			free(key2);
-                        return -ENOMEM;
-                }
-                scope_datum->scope = scope;
-                scope_datum->decl_ids = NULL;
-                scope_datum->decl_ids_len = 0;
-                if ((rc = hashtab_insert(pol->scope[sym].table, key2, scope_datum)) != 0) {	
-			free(key2);
-			free(scope_datum);
-                        return rc;
-                }
-        }
-        else if (scope_datum->scope == SCOPE_DECL) {
-                /* disallow multiple declarations for non-roles/users */
-                if (sym != SYM_ROLES && sym != SYM_USERS) {
-                        return -2;
-                }
-        }
-        else if (scope_datum->scope == SCOPE_REQ && scope == SCOPE_DECL) {
-                /* appending to required symbol only allowed for roles/users */
-                if (sym != SYM_ROLES && sym != SYM_USERS) {
-                        return -2;
-                }
-                
-        }
-        else if (scope_datum->scope != scope) {
-                /* scope does not match */
-                return -2;
-        }
-
-        /* search through the pre-existing list to avoid adding duplicates */
-        for (i = 0; i < scope_datum->decl_ids_len; i++) {
-                if (scope_datum->decl_ids[i] == avrule_decl_id) {
-                        /* already there, so don't modify its scope */
-                        return retval;
-                }
-        }
-
-        if (add_i_to_a(avrule_decl_id,
-                       &scope_datum->decl_ids_len,
-                       &scope_datum->decl_ids) == -1) {
-                return -ENOMEM;
-        }
-        
-        return retval;
-}
-
 static int perm_name(hashtab_key_t key, hashtab_datum_t datum, void *data)
 {       
         struct val_to_name *v = data;
diff --exclude=.svn -ruN ../test_framework/policycoreutils/semodule_expand/semodule_expand.c ./policycoreutils/semodule_expand/semodule_expand.c
--- ../test_framework/policycoreutils/semodule_expand/semodule_expand.c	2006-04-28 14:41:12.000000000 -0400
+++ ./policycoreutils/semodule_expand/semodule_expand.c	2006-05-05 11:52:33.000000000 -0400
@@ -30,7 +30,7 @@
 
 static void usage(char *program_name)
 {
-        printf("usage: %s [-V -c [version]] basemodpkg outputfile\n", program_name);
+        printf("usage: %s [-V -a -c [version]] basemodpkg outputfile\n", program_name);
         exit(1);
 }
 
@@ -42,8 +42,9 @@
 	sepol_module_package_t *base;
 	sepol_policydb_t *out, *p;
 	FILE *fp, *outfile;
+	int check_assertions = 1;
 
-	while ((ch = getopt(argc, argv, "c:Vv")) != EOF) {
+	while ((ch = getopt(argc, argv, "c:Vva")) != EOF) {
                 switch (ch) {
                 case 'V':
                         show_version = 1;
@@ -67,6 +68,10 @@
 			policyvers = n;
 			break;
 		}
+		case 'a': {
+			check_assertions = 0;
+			break;
+		}
 		default:
 			usage(argv[0]);
 		}
@@ -130,7 +135,7 @@
                 exit(1);
         }
 
-        if (sepol_expand_module(NULL, p, out, verbose, 1)) {
+        if (sepol_expand_module(NULL, p, out, verbose, check_assertions)) {
         	fprintf(stderr, "%s:  Error while expanding policy\n", argv[0]);
         	exit(1);
         }
diff --exclude=.svn -ruN ../test_framework/policycoreutils/semodule_package/semodule_package.c ./policycoreutils/semodule_package/semodule_package.c
--- ../test_framework/policycoreutils/semodule_package/semodule_package.c	2006-04-28 14:41:12.000000000 -0400
+++ ./policycoreutils/semodule_package/semodule_package.c	2006-05-05 11:52:33.000000000 -0400
@@ -22,9 +22,9 @@
 char *progname = NULL;
 extern char *optarg;
 
-static void usage(char *progname)
+static void usage(char *prog)
 {
-	printf("usage: %s -o <output file> -m <module> [-f <file contexts>]\n", progname);
+	printf("usage: %s -o <output file> -m <module> [-f <file contexts>]\n", prog);
         printf("Options:\n");
         printf("  -o --outfile		Output file (required)\n");
         printf("  -m --module		Module file (required)\n");
diff --exclude=.svn -ruN ../test_framework/policycoreutils/setsebool/setsebool.c ./policycoreutils/setsebool/setsebool.c
--- ../test_framework/policycoreutils/setsebool/setsebool.c	2006-04-28 14:41:12.000000000 -0400
+++ ./policycoreutils/setsebool/setsebool.c	2006-05-05 11:52:33.000000000 -0400
@@ -78,9 +78,9 @@
 static int selinux_set_boolean_list(
 	size_t boolcnt, 
 	SELboolean *boollist, 
-	int permanent) {
+	int perm) {
 
-	if (security_set_boolean_list(boolcnt, boollist, permanent)) {
+	if (security_set_boolean_list(boolcnt, boollist, perm)) {
 		if (errno == ENOENT)
 			fprintf(stderr, "Could not change active booleans: "
 				"Invalid boolean\n");
@@ -97,7 +97,7 @@
 static int semanage_set_boolean_list(
 	size_t boolcnt, 
 	SELboolean *boollist,
-	int permanent) {
+	int perm) {
 
 	size_t j;
 	semanage_handle_t* handle = NULL;
@@ -141,7 +141,7 @@
 		if (semanage_bool_key_extract(handle, boolean, &bool_key) < 0)
 			goto err;
 
-		if (permanent && semanage_bool_modify_local(handle, bool_key, boolean) < 0)
+		if (perm && semanage_bool_modify_local(handle, bool_key, boolean) < 0)
 			goto err;
 
 		if (semanage_bool_set_active(handle, bool_key, boolean) < 0) {

^ permalink raw reply	[flat|nested] 9+ messages in thread
end of thread, other threads:[~2006-05-09 12:35 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-05-05 16:18 [PATCH] fix warnings in selinux-usr Karl MacMillan
2006-05-06 18:56 ` Ivan Gyurdiev
2006-05-08 12:26   ` Karl MacMillan
2006-05-08 22:40     ` Ivan Gyurdiev
2006-05-09 12:32       ` Karl MacMillan
2006-05-08 12:49 ` Stephen Smalley
2006-05-08 13:13   ` Karl MacMillan
2006-05-08 15:16     ` Karl MacMillan
2006-05-08 15:50       ` Stephen Smalley

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.