On Sunday, January 11, 2015 11:44:30 PM Rickard Strandqvist wrote:
> Remove the function mls_import_netlbl_cat() that is not used anywhere.
>
> This was partially found by using a static code analysis program called
> cppcheck.
>
> Signed-off-by: Rickard Strandqvist <rickard_strandqvist@xxxxxxxxxxxxxxxxxx>
> ---
> security/selinux/ss/mls.c | 38 --------------------------------------
> security/selinux/ss/mls.h | 7 -------
> 2 files changed, 45 deletions(-)
Thanks for bringing this up and sending a patch.
However, what we should probably do is take the existing MLS category code in
security_netlbl_secattr_to_sid() and reconcile it with the code in
mls_import_netlbl_cat() and convert security_netlbl_secattr_to_sid() to using
the mls_import_netlbl_cat() function.
Is that something you want to try? If not, let me know and we'll work on it.
> diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
> index d307b37..c01c755 100644
> --- a/security/selinux/ss/mls.c
> +++ b/security/selinux/ss/mls.c
> @@ -631,42 +631,4 @@ int mls_export_netlbl_cat(struct context *context,
>
> return rc;
> }
> -
> -/**
> - * mls_import_netlbl_cat - Import the MLS categories from NetLabel
> - * @context: the security context
> - * @secattr: the NetLabel security attributes
> - *
> - * Description:
> - * Copy the NetLabel security attributes into the SELinux context; since
> the - * NetLabel security attribute only contains a single MLS category use
> it for - * both the low and high categories of the context. Returns zero
> on success, - * negative values on failure.
> - *
> - */
> -int mls_import_netlbl_cat(struct context *context,
> - struct netlbl_lsm_secattr *secattr)
> -{
> - int rc;
> -
> - if (!policydb.mls_enabled)
> - return 0;
> -
> - rc = ebitmap_netlbl_import(&context->range.level[0].cat,
> - secattr->attr.mls.cat);
> - if (rc != 0)
> - goto import_netlbl_cat_failure;
> -
> - rc = ebitmap_cpy(&context->range.level[1].cat,
> - &context->range.level[0].cat);
> - if (rc != 0)
> - goto import_netlbl_cat_failure;
> -
> - return 0;
> -
> -import_netlbl_cat_failure:
> - ebitmap_destroy(&context->range.level[0].cat);
> - ebitmap_destroy(&context->range.level[1].cat);
> - return rc;
> -}
> #endif /* CONFIG_NETLABEL */
> diff --git a/security/selinux/ss/mls.h b/security/selinux/ss/mls.h
> index e4369e3..11d3c8f 100644
> --- a/security/selinux/ss/mls.h
> +++ b/security/selinux/ss/mls.h
> @@ -62,8 +62,6 @@ void mls_import_netlbl_lvl(struct context *context,
> struct netlbl_lsm_secattr *secattr);
> int mls_export_netlbl_cat(struct context *context,
> struct netlbl_lsm_secattr *secattr);
> -int mls_import_netlbl_cat(struct context *context,
> - struct netlbl_lsm_secattr *secattr);
> #else
> static inline void mls_export_netlbl_lvl(struct context *context,
> struct netlbl_lsm_secattr *secattr)
> @@ -80,11 +78,6 @@ static inline int mls_export_netlbl_cat(struct context
> *context, {
> return -ENOMEM;
> }
> -static inline int mls_import_netlbl_cat(struct context *context,
> - struct netlbl_lsm_secattr *secattr)
> -{
> - return -ENOMEM;
> -}
> #endif
>
> #endif /* _SS_MLS_H */
--
paul moore
www.paul-moore.com
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
