From: Petr Lautrbach <plautrba@redhat.com>
To: SElinux list <selinux@vger.kernel.org>
Cc: "James Carter" <jwcart2@gmail.com>,
"Christian Göttsche" <cgzones@googlemail.com>
Subject: Re: [PATCH 1/2] libsepol: mark immutable mls and context parameter const
Date: Wed, 06 Apr 2022 11:27:11 +0200 [thread overview]
Message-ID: <87h776pno0.fsf@redhat.com> (raw)
In-Reply-To: <CAP+JOzSVU+mGXv5Z36xTxy7U=FJbW2+oCC7S6cQzi9ssLo8LZg@mail.gmail.com>
James Carter <jwcart2@gmail.com> writes:
> On Fri, Apr 1, 2022 at 9:49 AM Christian Göttsche
> <cgzones@googlemail.com> wrote:
>>
>> Make it more obvious which parameters are read-only and not being
>> modified and allow callers to pass const pointers.
>>
>> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
>
> For these two patches:
> Acked-by: James Carter <jwcart2@gmail.com>
Both merged, thanks!
>> ---
>> libsepol/include/sepol/policydb/context.h | 14 +++++++-------
>> libsepol/include/sepol/policydb/mls_types.h | 12 ++++++------
>> libsepol/src/mls.c | 17 +++++++++--------
>> libsepol/src/mls.h | 4 ++--
>> 4 files changed, 24 insertions(+), 23 deletions(-)
>>
>> diff --git a/libsepol/include/sepol/policydb/context.h b/libsepol/include/sepol/policydb/context.h
>> index 37cdc591..025c894f 100644
>> --- a/libsepol/include/sepol/policydb/context.h
>> +++ b/libsepol/include/sepol/policydb/context.h
>> @@ -43,7 +43,7 @@ static inline void mls_context_init(context_struct_t * c)
>> }
>>
>> static inline int mls_context_cpy(context_struct_t * dst,
>> - context_struct_t * src)
>> + const context_struct_t * src)
>> {
>>
>> if (mls_range_cpy(&dst->range, &src->range) < 0)
>> @@ -55,7 +55,7 @@ static inline int mls_context_cpy(context_struct_t * dst,
>> /*
>> * Sets both levels in the MLS range of 'dst' to the low level of 'src'.
>> */
>> -static inline int mls_context_cpy_low(context_struct_t *dst, context_struct_t *src)
>> +static inline int mls_context_cpy_low(context_struct_t *dst, const context_struct_t *src)
>> {
>> int rc;
>>
>> @@ -75,7 +75,7 @@ out:
>> /*
>> * Sets both levels in the MLS range of 'dst' to the high level of 'src'.
>> */
>> -static inline int mls_context_cpy_high(context_struct_t *dst, context_struct_t *src)
>> +static inline int mls_context_cpy_high(context_struct_t *dst, const context_struct_t *src)
>> {
>> int rc;
>>
>> @@ -92,12 +92,12 @@ out:
>> return rc;
>> }
>>
>> -static inline int mls_context_glblub(context_struct_t *dst, context_struct_t *c1, context_struct_t *c2)
>> +static inline int mls_context_glblub(context_struct_t *dst, const context_struct_t *c1, const context_struct_t *c2)
>> {
>> return mls_range_glblub(&dst->range, &c1->range, &c2->range);
>> }
>>
>> -static inline int mls_context_cmp(context_struct_t * c1, context_struct_t * c2)
>> +static inline int mls_context_cmp(const context_struct_t * c1, const context_struct_t * c2)
>> {
>> return (mls_level_eq(&c1->range.level[0], &c2->range.level[0]) &&
>> mls_level_eq(&c1->range.level[1], &c2->range.level[1]));
>> @@ -118,7 +118,7 @@ static inline void context_init(context_struct_t * c)
>> memset(c, 0, sizeof(*c));
>> }
>>
>> -static inline int context_cpy(context_struct_t * dst, context_struct_t * src)
>> +static inline int context_cpy(context_struct_t * dst, const context_struct_t * src)
>> {
>> dst->user = src->user;
>> dst->role = src->role;
>> @@ -135,7 +135,7 @@ static inline void context_destroy(context_struct_t * c)
>> mls_context_destroy(c);
>> }
>>
>> -static inline int context_cmp(context_struct_t * c1, context_struct_t * c2)
>> +static inline int context_cmp(const context_struct_t * c1, const context_struct_t * c2)
>> {
>> return ((c1->user == c2->user) &&
>> (c1->role == c2->role) &&
>> diff --git a/libsepol/include/sepol/policydb/mls_types.h b/libsepol/include/sepol/policydb/mls_types.h
>> index 0ba6d9de..12990c69 100644
>> --- a/libsepol/include/sepol/policydb/mls_types.h
>> +++ b/libsepol/include/sepol/policydb/mls_types.h
>> @@ -50,7 +50,7 @@ typedef struct mls_range {
>> mls_level_t level[2]; /* low == level[0], high == level[1] */
>> } mls_range_t;
>>
>> -static inline int mls_range_glblub(struct mls_range *dst, struct mls_range *r1, struct mls_range *r2)
>> +static inline int mls_range_glblub(struct mls_range *dst, const struct mls_range *r1, const struct mls_range *r2)
>> {
>> if (r1->level[1].sens < r2->level[0].sens || r2->level[1].sens < r1->level[0].sens) {
>> /* These ranges have no common sensitivities */
>> @@ -74,7 +74,7 @@ static inline int mls_range_glblub(struct mls_range *dst, struct mls_range *r1,
>> }
>>
>>
>> -static inline int mls_level_cpy(struct mls_level *dst, struct mls_level *src)
>> +static inline int mls_level_cpy(struct mls_level *dst, const struct mls_level *src)
>> {
>>
>> dst->sens = src->sens;
>> @@ -119,7 +119,7 @@ static inline int mls_level_dom(const struct mls_level *l1, const struct mls_lev
>> (mls_level_dom(&(r2).level[0], &(r1).level[0]) && \
>> mls_level_dom(&(r1).level[1], &(r2).level[1]))
>>
>> -static inline int mls_range_cpy(mls_range_t * dst, mls_range_t * src)
>> +static inline int mls_range_cpy(mls_range_t * dst, const mls_range_t * src)
>> {
>>
>> if (mls_level_cpy(&dst->level[0], &src->level[0]) < 0)
>> @@ -149,7 +149,7 @@ static inline void mls_range_destroy(struct mls_range *r)
>> mls_level_destroy(&r->level[1]);
>> }
>>
>> -static inline int mls_range_eq(struct mls_range *r1, struct mls_range *r2)
>> +static inline int mls_range_eq(const struct mls_range *r1, const struct mls_range *r2)
>> {
>> return (mls_level_eq(&r1->level[0], &r2->level[0]) &&
>> mls_level_eq(&r1->level[1], &r2->level[1]));
>> @@ -174,10 +174,10 @@ extern void mls_semantic_cat_init(mls_semantic_cat_t *c);
>> extern void mls_semantic_cat_destroy(mls_semantic_cat_t *c);
>> extern void mls_semantic_level_init(mls_semantic_level_t *l);
>> extern void mls_semantic_level_destroy(mls_semantic_level_t *l);
>> -extern int mls_semantic_level_cpy(mls_semantic_level_t *dst, mls_semantic_level_t *src);
>> +extern int mls_semantic_level_cpy(mls_semantic_level_t *dst, const mls_semantic_level_t *src);
>> extern void mls_semantic_range_init(mls_semantic_range_t *r);
>> extern void mls_semantic_range_destroy(mls_semantic_range_t *r);
>> -extern int mls_semantic_range_cpy(mls_semantic_range_t *dst, mls_semantic_range_t *src);
>> +extern int mls_semantic_range_cpy(mls_semantic_range_t *dst, const mls_semantic_range_t *src);
>>
>> #ifdef __cplusplus
>> }
>> diff --git a/libsepol/src/mls.c b/libsepol/src/mls.c
>> index 366a1114..4ffe9814 100644
>> --- a/libsepol/src/mls.c
>> +++ b/libsepol/src/mls.c
>> @@ -451,7 +451,7 @@ int mls_context_to_sid(const policydb_t * policydb,
>> * Copies the MLS range from `src' into `dst'.
>> */
>> static inline int mls_copy_context(context_struct_t * dst,
>> - context_struct_t * src)
>> + const context_struct_t * src)
>> {
>> int l, rc = 0;
>>
>> @@ -471,7 +471,7 @@ static inline int mls_copy_context(context_struct_t * dst,
>> * Copies the effective MLS range from `src' into `dst'.
>> */
>> static inline int mls_scopy_context(context_struct_t * dst,
>> - context_struct_t * src)
>> + const context_struct_t * src)
>> {
>> int l, rc = 0;
>>
>> @@ -490,7 +490,7 @@ static inline int mls_scopy_context(context_struct_t * dst,
>> /*
>> * Copies the MLS range `range' into `context'.
>> */
>> -static inline int mls_range_set(context_struct_t * context, mls_range_t * range)
>> +static inline int mls_range_set(context_struct_t * context, const mls_range_t * range)
>> {
>> int l, rc = 0;
>>
>> @@ -601,8 +601,8 @@ int mls_convert_context(policydb_t * oldp,
>> }
>>
>> int mls_compute_sid(policydb_t * policydb,
>> - context_struct_t * scontext,
>> - context_struct_t * tcontext,
>> + const context_struct_t * scontext,
>> + const context_struct_t * tcontext,
>> sepol_security_class_t tclass,
>> uint32_t specified, context_struct_t * newcontext)
>> {
>> @@ -755,9 +755,10 @@ void mls_semantic_level_destroy(mls_semantic_level_t * l)
>> }
>>
>> int mls_semantic_level_cpy(mls_semantic_level_t * dst,
>> - mls_semantic_level_t * src)
>> + const mls_semantic_level_t * src)
>> {
>> - mls_semantic_cat_t *cat, *newcat, *lnewcat = NULL;
>> + const mls_semantic_cat_t *cat;
>> + mls_semantic_cat_t *newcat, *lnewcat = NULL;
>>
>> mls_semantic_level_init(dst);
>> dst->sens = src->sens;
>> @@ -800,7 +801,7 @@ void mls_semantic_range_destroy(mls_semantic_range_t * r)
>> }
>>
>> int mls_semantic_range_cpy(mls_semantic_range_t * dst,
>> - mls_semantic_range_t * src)
>> + const mls_semantic_range_t * src)
>> {
>> if (mls_semantic_level_cpy(&dst->level[0], &src->level[0]) < 0)
>> return -1;
>> diff --git a/libsepol/src/mls.h b/libsepol/src/mls.h
>> index 5ca3cd51..eb4a1cb8 100644
>> --- a/libsepol/src/mls.h
>> +++ b/libsepol/src/mls.h
>> @@ -56,8 +56,8 @@ extern int mls_convert_context(policydb_t * oldp,
>> policydb_t * newp, context_struct_t * context);
>>
>> extern int mls_compute_sid(policydb_t * policydb,
>> - context_struct_t * scontext,
>> - context_struct_t * tcontext,
>> + const context_struct_t * scontext,
>> + const context_struct_t * tcontext,
>> sepol_security_class_t tclass,
>> uint32_t specified, context_struct_t * newcontext);
>>
>> --
>> 2.35.1
>>
prev parent reply other threads:[~2022-04-06 13:01 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-31 14:46 [PATCH 1/2] libsepol: mark immutable mls and context parameter const Christian Göttsche
2022-03-31 14:46 ` [PATCH 2/2] libsepol: mark immutable common helper " Christian Göttsche
2022-04-01 17:27 ` [PATCH 1/2] libsepol: mark immutable mls and context " James Carter
2022-04-06 9:27 ` Petr Lautrbach [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h776pno0.fsf@redhat.com \
--to=plautrba@redhat.com \
--cc=cgzones@googlemail.com \
--cc=jwcart2@gmail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.