On Tue, 2010-05-04 at 11:31 -0400, Paul Moore wrote:
> On Tuesday 04 May 2010 09:52:25 am Stephen Smalley wrote:
> > On Mon, 2010-05-03 at 18:11 -0400, Paul Moore wrote:
> > > Consolidate the basic sockcreate_sid logic into a single helper function
> > > which allows us to do some cleanups in the related code.
> > >
> > > Signed-off-by: XXX
> > > ---
> > >
> > > security/selinux/hooks.c | 32 ++++++++++++--------------------
> > > 1 files changed, 12 insertions(+), 20 deletions(-)
> > >
> > > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> > > index 09973e2..4034a3a 100644
> > > --- a/security/selinux/hooks.c
> > > +++ b/security/selinux/hooks.c
> > > @@ -3730,6 +3730,12 @@ static int selinux_skb_peerlbl_sid(struct sk_buff
> > > *skb, u16 family, u32 *sid)
> > >
> > > }
> > >
> > > /* socket security operations */
> > >
> > > +
> > > +static u32 socket_sockcreate_sid(const struct task_security_struct
> > > *tsec) +{
> > > + return tsec->sockcreate_sid ? tsec->sockcreate_sid : tsec->sid;
> >
> > Why is this clearer than just:
> > return tsec->sockcreate_sid ?: tsec->sid;
>
> It is more explicit?
>
> Honestly, it is just a personal preference thing; if you want it the other way
> just say so and I'll change it back. The value to me is in the
> socket_has_perm() and _post_create() cleanup ...
More opportunity for inconsistency, IMHO. Nothing wrong with the ?:
syntax.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
