From: Paul Moore <paul.moore@hp.com>
To: selinux@tycho.nsa.gov, netdev@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: [PATCH v7 01/17] netlabel: Fix some sparse warnings
Date: Mon, 06 Oct 2008 15:19:48 -0400 [thread overview]
Message-ID: <20081006191948.15686.24567.stgit@flek.lan> (raw)
In-Reply-To: <20081006191516.15686.80823.stgit@flek.lan>
Fix a few sparse warnings. One dealt with a RCU lock being held on error,
another dealt with an improper type caused by a signed/unsigned mixup while
the rest appeared to be caused by using rcu_dereference() in a
list_for_each_entry_rcu() call. The latter probably isn't a big deal, but
I derive a certain pleasure from knowing that the net/netlabel is nice and
clean.
Thanks to James Morris for pointing out the issues and demonstrating how
to run sparse.
Signed-off-by: Paul Moore <paul.moore@hp.com>
---
net/netlabel/netlabel_cipso_v4.c | 4 ++--
net/netlabel/netlabel_domainhash.c | 12 ++++++------
net/netlabel/netlabel_unlabeled.c | 12 ++++++------
3 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c
index 0aec318..aaf5003 100644
--- a/net/netlabel/netlabel_cipso_v4.c
+++ b/net/netlabel/netlabel_cipso_v4.c
@@ -491,7 +491,7 @@ list_start:
doi_def = cipso_v4_doi_getdef(doi);
if (doi_def == NULL) {
ret_val = -EINVAL;
- goto list_failure;
+ goto list_failure_lock;
}
ret_val = nla_put_u32(ans_skb, NLBL_CIPSOV4_A_MTYPE, doi_def->type);
@@ -655,7 +655,7 @@ static int netlbl_cipsov4_listall(struct sk_buff *skb,
struct netlink_callback *cb)
{
struct netlbl_cipsov4_doiwalk_arg cb_arg;
- int doi_skip = cb->args[0];
+ u32 doi_skip = cb->args[0];
cb_arg.nl_cb = cb;
cb_arg.skb = skb;
diff --git a/net/netlabel/netlabel_domainhash.c b/net/netlabel/netlabel_domainhash.c
index 643c032..dc42206 100644
--- a/net/netlabel/netlabel_domainhash.c
+++ b/net/netlabel/netlabel_domainhash.c
@@ -115,13 +115,13 @@ static u32 netlbl_domhsh_hash(const char *key)
static struct netlbl_dom_map *netlbl_domhsh_search(const char *domain)
{
u32 bkt;
+ struct list_head *bkt_list;
struct netlbl_dom_map *iter;
if (domain != NULL) {
bkt = netlbl_domhsh_hash(domain);
- list_for_each_entry_rcu(iter,
- &rcu_dereference(netlbl_domhsh)->tbl[bkt],
- list)
+ bkt_list = &rcu_dereference(netlbl_domhsh)->tbl[bkt];
+ list_for_each_entry_rcu(iter, bkt_list, list)
if (iter->valid && strcmp(iter->domain, domain) == 0)
return iter;
}
@@ -410,6 +410,7 @@ int netlbl_domhsh_walk(u32 *skip_bkt,
{
int ret_val = -ENOENT;
u32 iter_bkt;
+ struct list_head *iter_list;
struct netlbl_dom_map *iter_entry;
u32 chain_cnt = 0;
@@ -417,9 +418,8 @@ int netlbl_domhsh_walk(u32 *skip_bkt,
for (iter_bkt = *skip_bkt;
iter_bkt < rcu_dereference(netlbl_domhsh)->size;
iter_bkt++, chain_cnt = 0) {
- list_for_each_entry_rcu(iter_entry,
- &rcu_dereference(netlbl_domhsh)->tbl[iter_bkt],
- list)
+ iter_list = &rcu_dereference(netlbl_domhsh)->tbl[iter_bkt];
+ list_for_each_entry_rcu(iter_entry, iter_list, list)
if (iter_entry->valid) {
if (chain_cnt++ < *skip_chain)
continue;
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c
index 921c118..cc105a1 100644
--- a/net/netlabel/netlabel_unlabeled.c
+++ b/net/netlabel/netlabel_unlabeled.c
@@ -381,12 +381,12 @@ static struct netlbl_unlhsh_addr6 *netlbl_unlhsh_search_addr6(
static struct netlbl_unlhsh_iface *netlbl_unlhsh_search_iface(int ifindex)
{
u32 bkt;
+ struct list_head *bkt_list;
struct netlbl_unlhsh_iface *iter;
bkt = netlbl_unlhsh_hash(ifindex);
- list_for_each_entry_rcu(iter,
- &rcu_dereference(netlbl_unlhsh)->tbl[bkt],
- list)
+ bkt_list = &rcu_dereference(netlbl_unlhsh)->tbl[bkt];
+ list_for_each_entry_rcu(iter, bkt_list, list)
if (iter->valid && iter->ifindex == ifindex)
return iter;
@@ -1427,6 +1427,7 @@ static int netlbl_unlabel_staticlist(struct sk_buff *skb,
struct netlbl_unlhsh_iface *iface;
struct netlbl_unlhsh_addr4 *addr4;
struct netlbl_unlhsh_addr6 *addr6;
+ struct list_head *iter_list;
cb_arg.nl_cb = cb;
cb_arg.skb = skb;
@@ -1436,9 +1437,8 @@ static int netlbl_unlabel_staticlist(struct sk_buff *skb,
for (iter_bkt = skip_bkt;
iter_bkt < rcu_dereference(netlbl_unlhsh)->size;
iter_bkt++, iter_chain = 0, iter_addr4 = 0, iter_addr6 = 0) {
- list_for_each_entry_rcu(iface,
- &rcu_dereference(netlbl_unlhsh)->tbl[iter_bkt],
- list) {
+ iter_list = &rcu_dereference(netlbl_unlhsh)->tbl[iter_bkt];
+ list_for_each_entry_rcu(iface, iter_list, list) {
if (!iface->valid ||
iter_chain++ < skip_chain)
continue;
next prev parent reply other threads:[~2008-10-06 19:19 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-10-06 19:19 [PATCH v7 00/17] Labeled networking patches for 2.6.28 Paul Moore
2008-10-06 19:19 ` Paul Moore [this message]
2008-10-10 21:45 ` [PATCH v7 01/17] netlabel: Fix some sparse warnings James Morris
2008-10-06 19:19 ` [PATCH v7 02/17] selinux: Cleanup the NetLabel glue code Paul Moore
2008-10-06 19:20 ` [PATCH v7 03/17] selinux: Correctly handle IPv4 packets on IPv6 sockets in all cases Paul Moore
2008-10-06 19:20 ` [PATCH v7 04/17] netlabel: Remove unneeded in-kernel API functions Paul Moore
2008-10-06 19:20 ` [PATCH v7 05/17] selinux: Better local/forward check in selinux_ip_postroute() Paul Moore
2008-10-06 19:20 ` [PATCH v7 06/17] selinux: Fix a problem in security_netlbl_sid_to_secattr() Paul Moore
2008-10-06 19:20 ` [PATCH v7 07/17] selinux: Fix missing calls to netlbl_skbuff_err() Paul Moore
2008-10-06 19:20 ` [PATCH v7 08/17] smack: " Paul Moore
2008-10-06 19:20 ` [PATCH v7 09/17] netlabel: Replace protocol/NetLabel linking with refrerence counts Paul Moore
2008-10-06 19:20 ` [PATCH v7 10/17] netlabel: Add a generic way to create ordered linked lists of network addrs Paul Moore
2008-10-06 19:20 ` [PATCH v7 11/17] netlabel: Add network address selectors to the NetLabel/LSM domain mapping Paul Moore
2008-10-06 19:21 ` [PATCH v7 12/17] netlabel: Add functionality to set the security attributes of a packet Paul Moore
2008-10-06 19:21 ` [PATCH v7 13/17] selinux: Set socket NetLabel based on connection endpoint Paul Moore
2008-10-06 19:21 ` [PATCH v7 14/17] selinux: Cache NetLabel secattrs in the socket's security struct Paul Moore
2008-10-06 19:21 ` [PATCH v7 15/17] netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts Paul Moore
2008-10-06 19:21 ` [PATCH v7 16/17] cipso: Add support for native local labeling and fixup mapping names Paul Moore
2008-10-06 19:21 ` [PATCH v7 17/17] netlabel: Add configuration support for local labeling Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081006191948.15686.24567.stgit@flek.lan \
--to=paul.moore@hp.com \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).