diff options
author | Christian Göttsche <cgzones@googlemail.com> | 2023-07-18 20:06:27 +0200 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2023-07-19 11:04:28 -0400 |
commit | 08a12b39e289fedf755afbc81de44a5cd1286b4b (patch) | |
tree | 54a223508300e5a7b350d67ad53e931d836a44fa /security/selinux/ss/services.c | |
parent | 90aa4f5e92f2797c3c86e05f588ab277b0e0ba39 (diff) |
selinux: drop avtab_search()
avtab_search() shares the same logic with avtab_search_node(), except
that it returns, if found, a pointer to the struct avtab_node member
datum instead of the node itself. Since the member is an embedded
struct, and not a pointer, the returned value of avtab_search() and
avtab_search_node() will always in unison either be NULL or non-NULL.
Drop avtab_search() and replace its calls by avtab_search_node() to
deduplicate logic and adopt the only caller caring for the type of
the returned value accordingly.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux/ss/services.c')
-rw-r--r-- | security/selinux/ss/services.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 83b85536cd2b..fa47e4e38935 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1706,8 +1706,7 @@ static int security_compute_sid(u32 ssid, struct context *scontext, *tcontext, newcontext; struct sidtab_entry *sentry, *tentry; struct avtab_key avkey; - struct avtab_datum *avdatum; - struct avtab_node *node; + struct avtab_node *avnode, *node; u16 tclass; int rc = 0; bool sock; @@ -1815,22 +1814,22 @@ retry: avkey.target_type = tcontext->type; avkey.target_class = tclass; avkey.specified = specified; - avdatum = avtab_search(&policydb->te_avtab, &avkey); + avnode = avtab_search_node(&policydb->te_avtab, &avkey); /* If no permanent rule, also check for enabled conditional rules */ - if (!avdatum) { + if (!avnode) { node = avtab_search_node(&policydb->te_cond_avtab, &avkey); for (; node; node = avtab_search_node_next(node, specified)) { if (node->key.specified & AVTAB_ENABLED) { - avdatum = &node->datum; + avnode = node; break; } } } - if (avdatum) { + if (avnode) { /* Use the type from the type transition/member/change rule. */ - newcontext.type = avdatum->u.data; + newcontext.type = avnode->datum.u.data; } /* if we have a objname this is a file trans check so check those rules */ |