Re: [RFC PATCH v3 3/9] [fixup] fix handling of SECSID_NULL

Ondrej Mosnacek <omosnace@xxxxxxxxxx> · Fri, 30 Nov 2018 16:13:12 +0100

On Thu, Nov 29, 2018 at 11:14 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
> On Thu, Nov 29, 2018 at 7:56 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote:
> >
> > ---
> >  security/selinux/ss/sidtab.c | 18 ++++++++++--------
> >  1 file changed, 10 insertions(+), 8 deletions(-)
>
> A quick administrative comment: please don't send "[fixup]" patches
> except under the most extreme circumstances, especially in the case
> where you are respinning the patch{set}.  Using fixup patches makes it
> much harder for me to review, test, apply your patches which makes me
> grumpy.
>
> I don't like being grumpy.

Oh, sorry... I hoped it would actually make review easier to have each
new change clearly separated out. Now I will know that's not case and
will change my practices accordingly.

I will do a new squashed respin identical to this patchset (except for
one tiny change that came into my mind in the meantime).

>
> > diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
> > index e157d8240cf1..31588d704b98 100644
> > --- a/security/selinux/ss/sidtab.c
> > +++ b/security/selinux/ss/sidtab.c
> > @@ -123,17 +123,19 @@ static struct context *sidtab_search_core(struct sidtab *s, u32 sid, int force)
> >         struct context *context;
> >         struct sidtab_isid_entry *entry;
> >
> > -       if (!s || sid == 0)
> > +       if (!s)
> >                 return NULL;
> >
> > -       if (sid > SECINITSID_NUM) {
> > -               context = sidtab_lookup(s, sid - (SECINITSID_NUM + 1));
> > -       } else {
> > -               entry = &s->isids[sid - 1];
> > -               context = entry->set ? &entry->context : NULL;
> > +       if (sid != 0) {
> > +               if (sid > SECINITSID_NUM) {
> > +                       context = sidtab_lookup(s, sid - (SECINITSID_NUM + 1));
> > +               } else {
> > +                       entry = &s->isids[sid - 1];
> > +                       context = entry->set ? &entry->context : NULL;
> > +               }
> > +               if (context && (!context->len || force))
> > +                       return context;
> >         }
> > -       if (context && (!context->len || force))
> > -               return context;
> >
> >         entry = &s->isids[SECINITSID_UNLABELED - 1];
> >         return entry->set ? &entry->context : NULL;
> > --
> > 2.19.2
> >
>
>
> --
> paul moore
> www.paul-moore.com

--
Ondrej Mosnacek <omosnace at redhat dot com>
Associate Software Engineer, Security Technologies
Red Hat, Inc.