diff options
author | Eric Paris <eparis@redhat.com> | 2008-04-18 17:38:29 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-04-21 05:07:31 -0400 |
commit | 7c2b240ef2ae05a0081b4004176fd5838cecc4f6 (patch) | |
tree | 2013e70b664b108b396864e61c658f3a84347076 /security/selinux/ss/conditional.c | |
parent | eb5df9a7ae794a7e352e0582011e9e2b586051b5 (diff) |
SELinux: conditional.c whitespace, syntax, and static declaraction cleanups
This patch changes conditional.c to fix whitespace and syntax issues. Things that
are fixed may include (does not not have to include)
whitespace at end of lines
spaces followed by tabs
spaces used instead of tabs
spacing around parenthesis
locateion of { around struct and else clauses
location of * in pointer declarations
removal of initialization of static data to keep it in the right section
useless {} in if statemetns
useless checking for NULL before kfree
fixing of the indentation depth of switch statements
and any number of other things I forgot to mention
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/ss/conditional.c')
-rw-r--r-- | security/selinux/ss/conditional.c | 59 |
1 files changed, 26 insertions, 33 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index a996cf1d378a..5691af498c40 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c | |||
@@ -1,9 +1,9 @@ | |||
1 | /* Authors: Karl MacMillan <kmacmillan@tresys.com> | 1 | /* Authors: Karl MacMillan <kmacmillan@tresys.com> |
2 | * Frank Mayer <mayerf@tresys.com> | 2 | * Frank Mayer <mayerf@tresys.com> |
3 | * | 3 | * |
4 | * Copyright (C) 2003 - 2004 Tresys Technology, LLC | 4 | * Copyright (C) 2003 - 2004 Tresys Technology, LLC |
5 | * This program is free software; you can redistribute it and/or modify | 5 | * This program is free software; you can redistribute it and/or modify |
6 | * it under the terms of the GNU General Public License as published by | 6 | * it under the terms of the GNU General Public License as published by |
7 | * the Free Software Foundation, version 2. | 7 | * the Free Software Foundation, version 2. |
8 | */ | 8 | */ |
9 | 9 | ||
@@ -90,7 +90,7 @@ static int cond_evaluate_expr(struct policydb *p, struct cond_expr *expr) | |||
90 | int evaluate_cond_node(struct policydb *p, struct cond_node *node) | 90 | int evaluate_cond_node(struct policydb *p, struct cond_node *node) |
91 | { | 91 | { |
92 | int new_state; | 92 | int new_state; |
93 | struct cond_av_list* cur; | 93 | struct cond_av_list *cur; |
94 | 94 | ||
95 | new_state = cond_evaluate_expr(p, node->expr); | 95 | new_state = cond_evaluate_expr(p, node->expr); |
96 | if (new_state != node->cur_state) { | 96 | if (new_state != node->cur_state) { |
@@ -99,20 +99,18 @@ int evaluate_cond_node(struct policydb *p, struct cond_node *node) | |||
99 | printk(KERN_ERR "SELinux: expression result was undefined - disabling all rules.\n"); | 99 | printk(KERN_ERR "SELinux: expression result was undefined - disabling all rules.\n"); |
100 | /* turn the rules on or off */ | 100 | /* turn the rules on or off */ |
101 | for (cur = node->true_list; cur != NULL; cur = cur->next) { | 101 | for (cur = node->true_list; cur != NULL; cur = cur->next) { |
102 | if (new_state <= 0) { | 102 | if (new_state <= 0) |
103 | cur->node->key.specified &= ~AVTAB_ENABLED; | 103 | cur->node->key.specified &= ~AVTAB_ENABLED; |
104 | } else { | 104 | else |
105 | cur->node->key.specified |= AVTAB_ENABLED; | 105 | cur->node->key.specified |= AVTAB_ENABLED; |
106 | } | ||
107 | } | 106 | } |
108 | 107 | ||
109 | for (cur = node->false_list; cur != NULL; cur = cur->next) { | 108 | for (cur = node->false_list; cur != NULL; cur = cur->next) { |
110 | /* -1 or 1 */ | 109 | /* -1 or 1 */ |
111 | if (new_state) { | 110 | if (new_state) |
112 | cur->node->key.specified &= ~AVTAB_ENABLED; | 111 | cur->node->key.specified &= ~AVTAB_ENABLED; |
113 | } else { | 112 | else |
114 | cur->node->key.specified |= AVTAB_ENABLED; | 113 | cur->node->key.specified |= AVTAB_ENABLED; |
115 | } | ||
116 | } | 114 | } |
117 | } | 115 | } |
118 | return 0; | 116 | return 0; |
@@ -174,8 +172,8 @@ void cond_policydb_destroy(struct policydb *p) | |||
174 | int cond_init_bool_indexes(struct policydb *p) | 172 | int cond_init_bool_indexes(struct policydb *p) |
175 | { | 173 | { |
176 | kfree(p->bool_val_to_struct); | 174 | kfree(p->bool_val_to_struct); |
177 | p->bool_val_to_struct = (struct cond_bool_datum**) | 175 | p->bool_val_to_struct = (struct cond_bool_datum **) |
178 | kmalloc(p->p_bools.nprim * sizeof(struct cond_bool_datum*), GFP_KERNEL); | 176 | kmalloc(p->p_bools.nprim * sizeof(struct cond_bool_datum *), GFP_KERNEL); |
179 | if (!p->bool_val_to_struct) | 177 | if (!p->bool_val_to_struct) |
180 | return -1; | 178 | return -1; |
181 | return 0; | 179 | return 0; |
@@ -200,7 +198,7 @@ int cond_index_bool(void *key, void *datum, void *datap) | |||
200 | return -EINVAL; | 198 | return -EINVAL; |
201 | 199 | ||
202 | p->p_bool_val_to_name[booldatum->value - 1] = key; | 200 | p->p_bool_val_to_name[booldatum->value - 1] = key; |
203 | p->bool_val_to_struct[booldatum->value -1] = booldatum; | 201 | p->bool_val_to_struct[booldatum->value - 1] = booldatum; |
204 | 202 | ||
205 | return 0; | 203 | return 0; |
206 | } | 204 | } |
@@ -252,8 +250,7 @@ err: | |||
252 | return -1; | 250 | return -1; |
253 | } | 251 | } |
254 | 252 | ||
255 | struct cond_insertf_data | 253 | struct cond_insertf_data { |
256 | { | ||
257 | struct policydb *p; | 254 | struct policydb *p; |
258 | struct cond_av_list *other; | 255 | struct cond_av_list *other; |
259 | struct cond_av_list *head; | 256 | struct cond_av_list *head; |
@@ -353,9 +350,8 @@ static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list * | |||
353 | return -1; | 350 | return -1; |
354 | 351 | ||
355 | len = le32_to_cpu(buf[0]); | 352 | len = le32_to_cpu(buf[0]); |
356 | if (len == 0) { | 353 | if (len == 0) |
357 | return 0; | 354 | return 0; |
358 | } | ||
359 | 355 | ||
360 | data.p = p; | 356 | data.p = p; |
361 | data.other = other; | 357 | data.other = other; |
@@ -408,15 +404,14 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp) | |||
408 | /* expr */ | 404 | /* expr */ |
409 | len = le32_to_cpu(buf[0]); | 405 | len = le32_to_cpu(buf[0]); |
410 | 406 | ||
411 | for (i = 0; i < len; i++ ) { | 407 | for (i = 0; i < len; i++) { |
412 | rc = next_entry(buf, fp, sizeof(u32) * 2); | 408 | rc = next_entry(buf, fp, sizeof(u32) * 2); |
413 | if (rc < 0) | 409 | if (rc < 0) |
414 | goto err; | 410 | goto err; |
415 | 411 | ||
416 | expr = kzalloc(sizeof(struct cond_expr), GFP_KERNEL); | 412 | expr = kzalloc(sizeof(struct cond_expr), GFP_KERNEL); |
417 | if (!expr) { | 413 | if (!expr) |
418 | goto err; | 414 | goto err; |
419 | } | ||
420 | 415 | ||
421 | expr->expr_type = le32_to_cpu(buf[0]); | 416 | expr->expr_type = le32_to_cpu(buf[0]); |
422 | expr->bool = le32_to_cpu(buf[1]); | 417 | expr->bool = le32_to_cpu(buf[1]); |
@@ -426,11 +421,10 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp) | |||
426 | goto err; | 421 | goto err; |
427 | } | 422 | } |
428 | 423 | ||
429 | if (i == 0) { | 424 | if (i == 0) |
430 | node->expr = expr; | 425 | node->expr = expr; |
431 | } else { | 426 | else |
432 | last->next = expr; | 427 | last->next = expr; |
433 | } | ||
434 | last = expr; | 428 | last = expr; |
435 | } | 429 | } |
436 | 430 | ||
@@ -469,11 +463,10 @@ int cond_read_list(struct policydb *p, void *fp) | |||
469 | if (cond_read_node(p, node, fp) != 0) | 463 | if (cond_read_node(p, node, fp) != 0) |
470 | goto err; | 464 | goto err; |
471 | 465 | ||
472 | if (i == 0) { | 466 | if (i == 0) |
473 | p->cond_list = node; | 467 | p->cond_list = node; |
474 | } else { | 468 | else |
475 | last->next = node; | 469 | last->next = node; |
476 | } | ||
477 | last = node; | 470 | last = node; |
478 | } | 471 | } |
479 | return 0; | 472 | return 0; |
@@ -490,24 +483,24 @@ void cond_compute_av(struct avtab *ctab, struct avtab_key *key, struct av_decisi | |||
490 | { | 483 | { |
491 | struct avtab_node *node; | 484 | struct avtab_node *node; |
492 | 485 | ||
493 | if(!ctab || !key || !avd) | 486 | if (!ctab || !key || !avd) |
494 | return; | 487 | return; |
495 | 488 | ||
496 | for(node = avtab_search_node(ctab, key); node != NULL; | 489 | for (node = avtab_search_node(ctab, key); node != NULL; |
497 | node = avtab_search_node_next(node, key->specified)) { | 490 | node = avtab_search_node_next(node, key->specified)) { |
498 | if ( (u16) (AVTAB_ALLOWED|AVTAB_ENABLED) == | 491 | if ((u16)(AVTAB_ALLOWED|AVTAB_ENABLED) == |
499 | (node->key.specified & (AVTAB_ALLOWED|AVTAB_ENABLED))) | 492 | (node->key.specified & (AVTAB_ALLOWED|AVTAB_ENABLED))) |
500 | avd->allowed |= node->datum.data; | 493 | avd->allowed |= node->datum.data; |
501 | if ( (u16) (AVTAB_AUDITDENY|AVTAB_ENABLED) == | 494 | if ((u16)(AVTAB_AUDITDENY|AVTAB_ENABLED) == |
502 | (node->key.specified & (AVTAB_AUDITDENY|AVTAB_ENABLED))) | 495 | (node->key.specified & (AVTAB_AUDITDENY|AVTAB_ENABLED))) |
503 | /* Since a '0' in an auditdeny mask represents a | 496 | /* Since a '0' in an auditdeny mask represents a |
504 | * permission we do NOT want to audit (dontaudit), we use | 497 | * permission we do NOT want to audit (dontaudit), we use |
505 | * the '&' operand to ensure that all '0's in the mask | 498 | * the '&' operand to ensure that all '0's in the mask |
506 | * are retained (much unlike the allow and auditallow cases). | 499 | * are retained (much unlike the allow and auditallow cases). |
507 | */ | 500 | */ |
508 | avd->auditdeny &= node->datum.data; | 501 | avd->auditdeny &= node->datum.data; |
509 | if ( (u16) (AVTAB_AUDITALLOW|AVTAB_ENABLED) == | 502 | if ((u16)(AVTAB_AUDITALLOW|AVTAB_ENABLED) == |
510 | (node->key.specified & (AVTAB_AUDITALLOW|AVTAB_ENABLED))) | 503 | (node->key.specified & (AVTAB_AUDITALLOW|AVTAB_ENABLED))) |
511 | avd->auditallow |= node->datum.data; | 504 | avd->auditallow |= node->datum.data; |
512 | } | 505 | } |
513 | return; | 506 | return; |