selinux: rename the {is,set}_enforcing() functions

Rename is_enforcing() to enforcing_enabled() and enforcing_set() to set_enforcing(). Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Paul Moore <paul@paul-moore.com> 2018-03-01 17:38:30 -0500
committer: Paul Moore <paul@paul-moore.com> 2018-03-02 14:18:55 -0500
commit: e5a5ca96a42ca7eee19cf8694377308771350950 (patch)
tree: 84e47c0215d6e2e6e29df3077c55d8bec7c634ba
parent: aa8e712cee93d520e96a2ca8e3a20f807c937e3f (diff)
6 files changed, 14 insertions, 14 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 36124f48a5ff..54b09cc03b55 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -985,7 +985,7 @@ static noinline int avc_denied(u32 ssid, u32 tsid,
        if (flags & AVC_STRICT)
                return -EACCES;
-        if (is_enforcing(&selinux_state) &&
+        if (enforcing_enabled(&selinux_state) &&
            !(avd->flags & AVD_FLAGS_PERMISSIVE))
                return -EACCES;
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index d78f9e2f6df0..337fb325e5cc 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -5407,7 +5407,7 @@ static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb)
                               sk->sk_protocol, nlh->nlmsg_type,
                               secclass_map[sksec->sclass - 1].name,
                               task_pid_nr(current), current->comm);
-                        if (!is_enforcing(&selinux_state) ||
+                        if (!enforcing_enabled(&selinux_state) ||
                            security_get_allow_unknown(&selinux_state))
                                err = 0;
                }
@@ -6937,7 +6937,7 @@ static __init int selinux_init(void)
        printk(KERN_INFO "SELinux:  Initializing.\n");
        memset(&selinux_state, 0, sizeof(selinux_state));
-        set_enforcing(&selinux_state, selinux_enforcing_boot);
+        enforcing_set(&selinux_state, selinux_enforcing_boot);
        selinux_state.checkreqprot = selinux_checkreqprot_boot;
        selinux_ss_init(&selinux_state.ss);
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index c3a1ef10e710..f1db09a5f521 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -111,22 +111,22 @@ void selinux_ss_init(struct selinux_ss **ss);
 extern struct selinux_state selinux_state;
 #ifdef CONFIG_SECURITY_SELINUX_DEVELOP
-static inline bool is_enforcing(struct selinux_state *state)
+static inline bool enforcing_enabled(struct selinux_state *state)
 {
        return state->enforcing;
 }
-static inline void set_enforcing(struct selinux_state *state, bool value)
+static inline void enforcing_set(struct selinux_state *state, bool value)
 {
        state->enforcing = value;
 }
 #else
-static inline bool is_enforcing(struct selinux_state *state)
+static inline bool enforcing_enabled(struct selinux_state *state)
 {
        return true;
 }
-static inline void set_enforcing(struct selinux_state *state, bool value)
+static inline void enforcing_set(struct selinux_state *state, bool value)
 {
 }
 #endif
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 98492755adbf..0dbd5fd6a396 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -98,7 +98,7 @@ static ssize_t sel_read_enforce(struct file *filp, char __user *buf,
        ssize_t length;
        length = scnprintf(tmpbuf, TMPBUFLEN, "%d",
-                           is_enforcing(&selinux_state));
+                           enforcing_enabled(&selinux_state));
        return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
 }
@@ -128,7 +128,7 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
        new_value = !!new_value;
-        old_value = is_enforcing(&selinux_state);
+        old_value = enforcing_enabled(&selinux_state);
        if (new_value != old_value) {
                length = avc_has_perm(current_sid(), SECINITSID_SECURITY,
@@ -141,7 +141,7 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
                        new_value, old_value,
                        from_kuid(&init_user_ns, audit_get_loginuid(current)),
                        audit_get_sessionid(current));
-                set_enforcing(&selinux_state, new_value);
+                enforcing_set(&selinux_state, new_value);
                if (new_value)
                        avc_ss_reset(0);
                selnl_notify_setenforce(new_value);
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 3698352213d7..4785ca552d51 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -752,7 +752,7 @@ out:
        kfree(n);
        kfree(t);
-        if (!is_enforcing(state))
+        if (!enforcing_enabled(state))
                return 0;
        return -EPERM;
 }
@@ -1596,7 +1596,7 @@ out:
        kfree(s);
        kfree(t);
        kfree(n);
-        if (!is_enforcing(state))
+        if (!enforcing_enabled(state))
                return 0;
        return -EACCES;
 }
@@ -1907,7 +1907,7 @@ static inline int convert_context_handle_invalid_context(
        char *s;
        u32 len;
-        if (is_enforcing(state))
+        if (enforcing_enabled(state))
                return -EINVAL;
        if (!context_struct_to_string(policydb, context, &s, &len)) {
diff --git a/security/selinux/ss/status.c b/security/selinux/ss/status.c
index 043efc59f8e4..a121de45ac0e 100644
--- a/security/selinux/ss/status.c
+++ b/security/selinux/ss/status.c
@@ -56,7 +56,7 @@ struct page *selinux_kernel_status_page(struct selinux_state *state)
                        status->version = SELINUX_KERNEL_STATUS_VERSION;
                        status->sequence = 0;
-                        status->enforcing = is_enforcing(state);
+                        status->enforcing = enforcing_enabled(state);
                        /*
                         * NOTE: the next policyload event shall set
                         * a positive value on the status->policyload,
author	Paul Moore <paul@paul-moore.com>	2018-03-01 17:38:30 -0500
committer	Paul Moore <paul@paul-moore.com>	2018-03-02 14:18:55 -0500
commit	e5a5ca96a42ca7eee19cf8694377308771350950 (patch)
tree	84e47c0215d6e2e6e29df3077c55d8bec7c634ba
parent	aa8e712cee93d520e96a2ca8e3a20f807c937e3f (diff)

diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 36124f48a5ff..54b09cc03b55 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c
@@ -985,7 +985,7 @@ static noinline int avc_denied(u32 ssid, u32 tsid,
985	if (flags & AVC_STRICT)	985	if (flags & AVC_STRICT)
986	return -EACCES;	986	return -EACCES;
987		987
988	if (is_enforcing(&selinux_state) &&	988	if (enforcing_enabled(&selinux_state) &&
989	!(avd->flags & AVD_FLAGS_PERMISSIVE))	989	!(avd->flags & AVD_FLAGS_PERMISSIVE))
990	return -EACCES;	990	return -EACCES;
991		991


diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d78f9e2f6df0..337fb325e5cc 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c
@@ -5407,7 +5407,7 @@ static int selinux_nlmsg_perm(struct sock sk, struct sk_buff skb)
5407	sk->sk_protocol, nlh->nlmsg_type,	5407	sk->sk_protocol, nlh->nlmsg_type,
5408	secclass_map[sksec->sclass - 1].name,	5408	secclass_map[sksec->sclass - 1].name,
5409	task_pid_nr(current), current->comm);	5409	task_pid_nr(current), current->comm);
5410	if (!is_enforcing(&selinux_state) \|\|	5410	if (!enforcing_enabled(&selinux_state) \|\|
5411	security_get_allow_unknown(&selinux_state))	5411	security_get_allow_unknown(&selinux_state))
5412	err = 0;	5412	err = 0;
5413	}	5413	}
@@ -6937,7 +6937,7 @@ static __init int selinux_init(void)
6937	printk(KERN_INFO "SELinux: Initializing.\n");	6937	printk(KERN_INFO "SELinux: Initializing.\n");
6938		6938
6939	memset(&selinux_state, 0, sizeof(selinux_state));	6939	memset(&selinux_state, 0, sizeof(selinux_state));
6940	set_enforcing(&selinux_state, selinux_enforcing_boot);	6940	enforcing_set(&selinux_state, selinux_enforcing_boot);
6941	selinux_state.checkreqprot = selinux_checkreqprot_boot;	6941	selinux_state.checkreqprot = selinux_checkreqprot_boot;
6942	selinux_ss_init(&selinux_state.ss);	6942	selinux_ss_init(&selinux_state.ss);
6943		6943


diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index c3a1ef10e710..f1db09a5f521 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h
@@ -111,22 +111,22 @@ void selinux_ss_init(struct selinux_ss **ss);
111	extern struct selinux_state selinux_state;	111	extern struct selinux_state selinux_state;
112		112
113	#ifdef CONFIG_SECURITY_SELINUX_DEVELOP	113	#ifdef CONFIG_SECURITY_SELINUX_DEVELOP
114	static inline bool is_enforcing(struct selinux_state *state)	114	static inline bool enforcing_enabled(struct selinux_state *state)
115	{	115	{
116	return state->enforcing;	116	return state->enforcing;
117	}	117	}
118		118
119	static inline void set_enforcing(struct selinux_state *state, bool value)	119	static inline void enforcing_set(struct selinux_state *state, bool value)
120	{	120	{
121	state->enforcing = value;	121	state->enforcing = value;
122	}	122	}
123	#else	123	#else
124	static inline bool is_enforcing(struct selinux_state *state)	124	static inline bool enforcing_enabled(struct selinux_state *state)
125	{	125	{
126	return true;	126	return true;
127	}	127	}
128		128
129	static inline void set_enforcing(struct selinux_state *state, bool value)	129	static inline void enforcing_set(struct selinux_state *state, bool value)
130	{	130	{
131	}	131	}
132	#endif	132	#endif


diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index 98492755adbf..0dbd5fd6a396 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c
@@ -98,7 +98,7 @@ static ssize_t sel_read_enforce(struct file filp, char __user buf,
98	ssize_t length;	98	ssize_t length;
99		99
100	length = scnprintf(tmpbuf, TMPBUFLEN, "%d",	100	length = scnprintf(tmpbuf, TMPBUFLEN, "%d",
101	is_enforcing(&selinux_state));	101	enforcing_enabled(&selinux_state));
102	return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);	102	return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
103	}	103	}
104		104
@@ -128,7 +128,7 @@ static ssize_t sel_write_enforce(struct file file, const char __user buf,
128		128
129	new_value = !!new_value;	129	new_value = !!new_value;
130		130
131	old_value = is_enforcing(&selinux_state);	131	old_value = enforcing_enabled(&selinux_state);
132		132
133	if (new_value != old_value) {	133	if (new_value != old_value) {
134	length = avc_has_perm(current_sid(), SECINITSID_SECURITY,	134	length = avc_has_perm(current_sid(), SECINITSID_SECURITY,
@@ -141,7 +141,7 @@ static ssize_t sel_write_enforce(struct file file, const char __user buf,
141	new_value, old_value,	141	new_value, old_value,
142	from_kuid(&init_user_ns, audit_get_loginuid(current)),	142	from_kuid(&init_user_ns, audit_get_loginuid(current)),
143	audit_get_sessionid(current));	143	audit_get_sessionid(current));
144	set_enforcing(&selinux_state, new_value);	144	enforcing_set(&selinux_state, new_value);
145	if (new_value)	145	if (new_value)
146	avc_ss_reset(0);	146	avc_ss_reset(0);
147	selnl_notify_setenforce(new_value);	147	selnl_notify_setenforce(new_value);


diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 3698352213d7..4785ca552d51 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c
@@ -752,7 +752,7 @@ out:
752	kfree(n);	752	kfree(n);
753	kfree(t);	753	kfree(t);
754		754
755	if (!is_enforcing(state))	755	if (!enforcing_enabled(state))
756	return 0;	756	return 0;
757	return -EPERM;	757	return -EPERM;
758	}	758	}
@@ -1596,7 +1596,7 @@ out:
1596	kfree(s);	1596	kfree(s);
1597	kfree(t);	1597	kfree(t);
1598	kfree(n);	1598	kfree(n);
1599	if (!is_enforcing(state))	1599	if (!enforcing_enabled(state))
1600	return 0;	1600	return 0;
1601	return -EACCES;	1601	return -EACCES;
1602	}	1602	}
@@ -1907,7 +1907,7 @@ static inline int convert_context_handle_invalid_context(
1907	char *s;	1907	char *s;
1908	u32 len;	1908	u32 len;
1909		1909
1910	if (is_enforcing(state))	1910	if (enforcing_enabled(state))
1911	return -EINVAL;	1911	return -EINVAL;
1912		1912
1913	if (!context_struct_to_string(policydb, context, &s, &len)) {	1913	if (!context_struct_to_string(policydb, context, &s, &len)) {


diff --git a/security/selinux/ss/status.c b/security/selinux/ss/status.c index 043efc59f8e4..a121de45ac0e 100644 --- a/security/selinux/ss/status.c +++ b/security/selinux/ss/status.c
@@ -56,7 +56,7 @@ struct page selinux_kernel_status_page(struct selinux_state state)
56		56
57	status->version = SELINUX_KERNEL_STATUS_VERSION;	57	status->version = SELINUX_KERNEL_STATUS_VERSION;
58	status->sequence = 0;	58	status->sequence = 0;
59	status->enforcing = is_enforcing(state);	59	status->enforcing = enforcing_enabled(state);
60	/*	60	/*
61	* NOTE: the next policyload event shall set	61	* NOTE: the next policyload event shall set
62	* a positive value on the status->policyload,	62	* a positive value on the status->policyload,