summaryrefslogtreecommitdiff
path: root/security/selinux/ss/services.c
diff options
context:
space:
mode:
authorChristian Göttsche <cgzones@googlemail.com>2023-07-18 20:06:27 +0200
committerPaul Moore <paul@paul-moore.com>2023-07-19 11:04:28 -0400
commit08a12b39e289fedf755afbc81de44a5cd1286b4b (patch)
tree54a223508300e5a7b350d67ad53e931d836a44fa /security/selinux/ss/services.c
parent90aa4f5e92f2797c3c86e05f588ab277b0e0ba39 (diff)
selinux: drop avtab_search()
avtab_search() shares the same logic with avtab_search_node(), except that it returns, if found, a pointer to the struct avtab_node member datum instead of the node itself. Since the member is an embedded struct, and not a pointer, the returned value of avtab_search() and avtab_search_node() will always in unison either be NULL or non-NULL. Drop avtab_search() and replace its calls by avtab_search_node() to deduplicate logic and adopt the only caller caring for the type of the returned value accordingly. Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux/ss/services.c')
-rw-r--r--security/selinux/ss/services.c13
1 files changed, 6 insertions, 7 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 83b85536cd2b..fa47e4e38935 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1706,8 +1706,7 @@ static int security_compute_sid(u32 ssid,
struct context *scontext, *tcontext, newcontext;
struct sidtab_entry *sentry, *tentry;
struct avtab_key avkey;
- struct avtab_datum *avdatum;
- struct avtab_node *node;
+ struct avtab_node *avnode, *node;
u16 tclass;
int rc = 0;
bool sock;
@@ -1815,22 +1814,22 @@ retry:
avkey.target_type = tcontext->type;
avkey.target_class = tclass;
avkey.specified = specified;
- avdatum = avtab_search(&policydb->te_avtab, &avkey);
+ avnode = avtab_search_node(&policydb->te_avtab, &avkey);
/* If no permanent rule, also check for enabled conditional rules */
- if (!avdatum) {
+ if (!avnode) {
node = avtab_search_node(&policydb->te_cond_avtab, &avkey);
for (; node; node = avtab_search_node_next(node, specified)) {
if (node->key.specified & AVTAB_ENABLED) {
- avdatum = &node->datum;
+ avnode = node;
break;
}
}
}
- if (avdatum) {
+ if (avnode) {
/* Use the type from the type transition/member/change rule. */
- newcontext.type = avdatum->u.data;
+ newcontext.type = avnode->datum.u.data;
}
/* if we have a objname this is a file trans check so check those rules */