diff options
Diffstat (limited to 'security/selinux/ss/conditional.c')
| -rw-r--r-- | security/selinux/ss/conditional.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index fb4efe4f4bc8..4a4e35cac22b 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c | |||
| @@ -29,7 +29,7 @@ static int cond_evaluate_expr(struct policydb *p, struct cond_expr *expr) | |||
| 29 | int s[COND_EXPR_MAXDEPTH]; | 29 | int s[COND_EXPR_MAXDEPTH]; |
| 30 | int sp = -1; | 30 | int sp = -1; |
| 31 | 31 | ||
| 32 | for (cur = expr; cur != NULL; cur = cur->next) { | 32 | for (cur = expr; cur; cur = cur->next) { |
| 33 | switch (cur->expr_type) { | 33 | switch (cur->expr_type) { |
| 34 | case COND_BOOL: | 34 | case COND_BOOL: |
| 35 | if (sp == (COND_EXPR_MAXDEPTH - 1)) | 35 | if (sp == (COND_EXPR_MAXDEPTH - 1)) |
| @@ -97,14 +97,14 @@ int evaluate_cond_node(struct policydb *p, struct cond_node *node) | |||
| 97 | if (new_state == -1) | 97 | if (new_state == -1) |
| 98 | printk(KERN_ERR "SELinux: expression result was undefined - disabling all rules.\n"); | 98 | printk(KERN_ERR "SELinux: expression result was undefined - disabling all rules.\n"); |
| 99 | /* turn the rules on or off */ | 99 | /* turn the rules on or off */ |
| 100 | for (cur = node->true_list; cur != NULL; cur = cur->next) { | 100 | for (cur = node->true_list; cur; cur = cur->next) { |
| 101 | if (new_state <= 0) | 101 | if (new_state <= 0) |
| 102 | cur->node->key.specified &= ~AVTAB_ENABLED; | 102 | cur->node->key.specified &= ~AVTAB_ENABLED; |
| 103 | else | 103 | else |
| 104 | cur->node->key.specified |= AVTAB_ENABLED; | 104 | cur->node->key.specified |= AVTAB_ENABLED; |
| 105 | } | 105 | } |
| 106 | 106 | ||
| 107 | for (cur = node->false_list; cur != NULL; cur = cur->next) { | 107 | for (cur = node->false_list; cur; cur = cur->next) { |
| 108 | /* -1 or 1 */ | 108 | /* -1 or 1 */ |
| 109 | if (new_state) | 109 | if (new_state) |
| 110 | cur->node->key.specified &= ~AVTAB_ENABLED; | 110 | cur->node->key.specified &= ~AVTAB_ENABLED; |
| @@ -128,7 +128,7 @@ int cond_policydb_init(struct policydb *p) | |||
| 128 | static void cond_av_list_destroy(struct cond_av_list *list) | 128 | static void cond_av_list_destroy(struct cond_av_list *list) |
| 129 | { | 129 | { |
| 130 | struct cond_av_list *cur, *next; | 130 | struct cond_av_list *cur, *next; |
| 131 | for (cur = list; cur != NULL; cur = next) { | 131 | for (cur = list; cur; cur = next) { |
| 132 | next = cur->next; | 132 | next = cur->next; |
| 133 | /* the avtab_ptr_t node is destroy by the avtab */ | 133 | /* the avtab_ptr_t node is destroy by the avtab */ |
| 134 | kfree(cur); | 134 | kfree(cur); |
| @@ -139,7 +139,7 @@ static void cond_node_destroy(struct cond_node *node) | |||
| 139 | { | 139 | { |
| 140 | struct cond_expr *cur_expr, *next_expr; | 140 | struct cond_expr *cur_expr, *next_expr; |
| 141 | 141 | ||
| 142 | for (cur_expr = node->expr; cur_expr != NULL; cur_expr = next_expr) { | 142 | for (cur_expr = node->expr; cur_expr; cur_expr = next_expr) { |
| 143 | next_expr = cur_expr->next; | 143 | next_expr = cur_expr->next; |
| 144 | kfree(cur_expr); | 144 | kfree(cur_expr); |
| 145 | } | 145 | } |
| @@ -155,7 +155,7 @@ static void cond_list_destroy(struct cond_node *list) | |||
| 155 | if (list == NULL) | 155 | if (list == NULL) |
| 156 | return; | 156 | return; |
| 157 | 157 | ||
| 158 | for (cur = list; cur != NULL; cur = next) { | 158 | for (cur = list; cur; cur = next) { |
| 159 | next = cur->next; | 159 | next = cur->next; |
| 160 | cond_node_destroy(cur); | 160 | cond_node_destroy(cur); |
| 161 | } | 161 | } |
| @@ -239,7 +239,7 @@ int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp) | |||
| 239 | rc = next_entry(key, fp, len); | 239 | rc = next_entry(key, fp, len); |
| 240 | if (rc < 0) | 240 | if (rc < 0) |
| 241 | goto err; | 241 | goto err; |
| 242 | key[len] = 0; | 242 | key[len] = '\0'; |
| 243 | if (hashtab_insert(h, key, booldatum)) | 243 | if (hashtab_insert(h, key, booldatum)) |
| 244 | goto err; | 244 | goto err; |
| 245 | 245 | ||
| @@ -291,7 +291,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum | |||
| 291 | goto err; | 291 | goto err; |
| 292 | } | 292 | } |
| 293 | found = 0; | 293 | found = 0; |
| 294 | for (cur = other; cur != NULL; cur = cur->next) { | 294 | for (cur = other; cur; cur = cur->next) { |
| 295 | if (cur->node == node_ptr) { | 295 | if (cur->node == node_ptr) { |
| 296 | found = 1; | 296 | found = 1; |
| 297 | break; | 297 | break; |
| @@ -485,7 +485,7 @@ void cond_compute_av(struct avtab *ctab, struct avtab_key *key, struct av_decisi | |||
| 485 | if (!ctab || !key || !avd) | 485 | if (!ctab || !key || !avd) |
| 486 | return; | 486 | return; |
| 487 | 487 | ||
| 488 | for (node = avtab_search_node(ctab, key); node != NULL; | 488 | for (node = avtab_search_node(ctab, key); node; |
| 489 | node = avtab_search_node_next(node, key->specified)) { | 489 | node = avtab_search_node_next(node, key->specified)) { |
| 490 | if ((u16)(AVTAB_ALLOWED|AVTAB_ENABLED) == | 490 | if ((u16)(AVTAB_ALLOWED|AVTAB_ENABLED) == |
| 491 | (node->key.specified & (AVTAB_ALLOWED|AVTAB_ENABLED))) | 491 | (node->key.specified & (AVTAB_ALLOWED|AVTAB_ENABLED))) |