> -----Original Message----- > From: selinux-owner@xxxxxxxxxxxxxxx [mailto:selinux-owner@xxxxxxxxxxxxxxx] > On Behalf Of Christian Göttsche > Sent: Monday, March 23, 2020 1:32 PM > To: selinux@xxxxxxxxxxxxxxx > Subject: [PATCH] tree-wide: replace last occurrences of security_context_t > > Follow-up of: 9eb9c9327563014ad6a807814e7975424642d5b9 ("Get rid of > security_context_t and fix const declarations.") > > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> > --- > mcstrans/src/mcscolor.c | 8 +++--- > mcstrans/src/mcstrans.c | 12 ++++----- > mcstrans/src/mcstrans.h | 4 +-- > mcstrans/src/mcstransd.c | 6 ++--- > mcstrans/utils/transcon.c | 2 +- > mcstrans/utils/untranscon.c | 2 +- > policycoreutils/newrole/newrole.c | 40 ++++++++++++++--------------- > policycoreutils/run_init/run_init.c | 4 +-- > policycoreutils/secon/secon.c | 19 +++++++------- > sandbox/seunshare.c | 10 ++++---- > 10 files changed, 54 insertions(+), 53 deletions(-) > > diff --git a/mcstrans/src/mcscolor.c b/mcstrans/src/mcscolor.c index > 4ee0db50..a3838850 100644 > --- a/mcstrans/src/mcscolor.c > +++ b/mcstrans/src/mcscolor.c > @@ -44,7 +44,7 @@ static setab_t *clist[N_COLOR]; static setab_t > *cend[N_COLOR]; static semnemonic_t *mnemonics; > > -static security_context_t my_context; > +static char *my_context; > > void finish_context_colors(void) { > setab_t *cur, *next; > @@ -76,7 +76,7 @@ void finish_context_colors(void) { } > > static int check_dominance(const char *pattern, const char *raw) { > - security_context_t ctx; > + char *ctx; > context_t con; > struct av_decision avd; > int rc = -1; > @@ -109,7 +109,7 @@ static int check_dominance(const char *pattern, const > char *raw) { > if (!raw) > goto out; > > - rc = security_compute_av_raw(ctx, (security_context_t)raw, > context_class, context_contains_perm, &avd); > + rc = security_compute_av_raw(ctx, raw, context_class, > +context_contains_perm, &avd); > if (rc) > goto out; > > @@ -282,7 +282,7 @@ static int parse_components(context_t con, char > **components) { > > /* Look up colors. > */ > -int raw_color(const security_context_t raw, char **color_str) { > +int raw_color(const char *raw, char **color_str) { > #define CHARS_PER_COLOR 16 > context_t con; > uint32_t i, j, mask = 0; > diff --git a/mcstrans/src/mcstrans.c b/mcstrans/src/mcstrans.c index > 96bdbdff..4a073ca4 100644 > --- a/mcstrans/src/mcstrans.c > +++ b/mcstrans/src/mcstrans.c > @@ -7,8 +7,8 @@ > > int init_translations(void); > void finish_context_translations(void); > - int trans_context(const security_context_t, security_context_t *); > - int untrans_context(const security_context_t, security_context_t *); > + int trans_context(const char *, char **); int untrans_context(const > + char *, char **); > > */ > > @@ -888,7 +888,7 @@ init_translations(void) { } > > char * > -extract_range(const security_context_t incon) { > +extract_range(const char *incon) { > context_t con = context_new(incon); > if (!con) { > syslog(LOG_ERR, "extract_range context_new(%s) failed: %s", > incon, strerror(errno)); @@ -911,7 +911,7 @@ extract_range(const > security_context_t incon) { } > > char * > -new_context_str(const security_context_t incon, const char *range) { > +new_context_str(const char *incon, const char *range) { > char *rcon = NULL; > context_t con = context_new(incon); > if (!con) { > @@ -1489,7 +1489,7 @@ err: > } > > int > -trans_context(const security_context_t incon, security_context_t *rcon) { > +trans_context(const char *incon, char **rcon) { > char *trans = NULL; > *rcon = NULL; > > @@ -1612,7 +1612,7 @@ trans_context(const security_context_t incon, > security_context_t *rcon) { } > > int > -untrans_context(const security_context_t incon, security_context_t *rcon) { > +untrans_context(const char *incon, char **rcon) { > char *raw = NULL; > *rcon = NULL; > > diff --git a/mcstrans/src/mcstrans.h b/mcstrans/src/mcstrans.h index > a2f68c18..e5cda93b 100644 > --- a/mcstrans/src/mcstrans.h > +++ b/mcstrans/src/mcstrans.h > @@ -4,6 +4,6 @@ > > extern int init_translations(void); > extern void finish_context_translations(void); > -extern int trans_context(const security_context_t, security_context_t *); - > extern int untrans_context(const security_context_t, security_context_t *); > +extern int trans_context(const char *, char **); extern int > +untrans_context(const char *, char **); > > diff --git a/mcstrans/src/mcstransd.c b/mcstrans/src/mcstransd.c index > 85899493..07c052fd 100644 > --- a/mcstrans/src/mcstransd.c > +++ b/mcstrans/src/mcstransd.c > @@ -45,12 +45,12 @@ > > extern int init_translations(void); > extern void finish_context_translations(void); > -extern int trans_context(const security_context_t, security_context_t *); - > extern int untrans_context(const security_context_t, security_context_t *); > +extern int trans_context(const char *, char **); extern int > +untrans_context(const char *, char **); > > extern int init_colors(void); > extern void finish_context_colors(void); -extern int raw_color(const > security_context_t, char **); > +extern int raw_color(const char *, char **); > > #define SETRANSD_PATHNAME "/sbin/mcstransd" > > diff --git a/mcstrans/utils/transcon.c b/mcstrans/utils/transcon.c index > f4ded53e..4bf1bd56 100644 > --- a/mcstrans/utils/transcon.c > +++ b/mcstrans/utils/transcon.c > @@ -14,7 +14,7 @@ static __attribute__((__noreturn__)) void usage(const char > *progname) } > > int main(int argc, char **argv) { > - security_context_t scon; > + char *scon; > if ( argc != 2 ) usage(argv[0]); > if (init_translations()==0) { > if(trans_context(argv[1],&scon) == 0) { diff --git > a/mcstrans/utils/untranscon.c b/mcstrans/utils/untranscon.c index > 85cea294..81668746 100644 > --- a/mcstrans/utils/untranscon.c > +++ b/mcstrans/utils/untranscon.c > @@ -13,7 +13,7 @@ static __attribute__((__noreturn__)) void usage(const char > *progname) > exit(1); > } > int main(int argc, char **argv) { > - security_context_t scon; > + char *scon; > if ( argc != 2 ) usage(argv[0]); > if (init_translations()==0) { > if(untrans_context(argv[1],&scon) == 0) { diff --git > a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c > index e70051b1..36e2ba9c 100644 > --- a/policycoreutils/newrole/newrole.c > +++ b/policycoreutils/newrole/newrole.c > @@ -643,8 +643,8 @@ static int transition_to_caller_uid() #ifdef > AUDIT_LOG_PRIV > /* Send audit message */ > static > -int send_audit_message(int success, security_context_t old_context, > - security_context_t new_context, const char *ttyn) > +int send_audit_message(int success, const char *old_context, > + const char *new_context, const char *ttyn) > { > char *msg = NULL; > int rc; > @@ -677,9 +677,9 @@ int send_audit_message(int success, security_context_t > old_context, #else static inline > int send_audit_message(int success __attribute__ ((unused)), > - security_context_t old_context > + const char *old_context > __attribute__ ((unused)), > - security_context_t new_context > + const char *new_context > __attribute__ ((unused)), const char *ttyn > __attribute__ ((unused))) > { > @@ -695,14 +695,14 @@ static inline > * This function will not fail if it can not relabel the tty when selinux is > * in permissive mode. > */ > -static int relabel_tty(const char *ttyn, security_context_t new_context, > - security_context_t * tty_context, > - security_context_t * new_tty_context) > +static int relabel_tty(const char *ttyn, const char *new_context, > + char **tty_context, > + char **new_tty_context) > { > int fd, rc; > int enforcing = security_getenforce(); > - security_context_t tty_con = NULL; > - security_context_t new_tty_con = NULL; > + char *tty_con = NULL; > + char *new_tty_con = NULL; > > if (!ttyn) > return 0; > @@ -775,11 +775,11 @@ static int relabel_tty(const char *ttyn, > security_context_t new_context, > * Returns zero on success, non-zero otherwise > */ > static int restore_tty_label(int fd, const char *ttyn, > - security_context_t tty_context, > - security_context_t new_tty_context) > + const char *tty_context, > + const char *new_tty_context) > { > int rc = 0; > - security_context_t chk_tty_context = NULL; > + char *chk_tty_context = NULL; > > if (!ttyn) > goto skip_relabel; > @@ -816,8 +816,8 @@ static int restore_tty_label(int fd, const char *ttyn, > * Returns zero on success, non-zero otherwise. > */ > static int parse_command_line_arguments(int argc, char **argv, char *ttyn, > - security_context_t old_context, > - security_context_t * new_context, > + const char *old_context, > + char **new_context, > int *preserve_environment) > { > int flag_index; /* flag index in argv[] */ > @@ -827,8 +827,8 @@ static int parse_command_line_arguments(int argc, char > **argv, char *ttyn, > char *type_ptr = NULL; /* stores malloc'd data from get_default_type */ > char *level_s = NULL; /* level spec'd by user in argv[] */ > char *range_ptr = NULL; > - security_context_t new_con = NULL; > - security_context_t tty_con = NULL; > + char *new_con = NULL; > + char *tty_con = NULL; > context_t context = NULL; /* manipulatable form of new_context */ > const struct option long_options[] = { > {"role", 1, 0, 'r'}, > @@ -1021,10 +1021,10 @@ static int set_signal_handles(void) > > int main(int argc, char *argv[]) > { > - security_context_t new_context = NULL; /* target security context > */ > - security_context_t old_context = NULL; /* original securiy context > */ > - security_context_t tty_context = NULL; /* current context of tty > */ > - security_context_t new_tty_context = NULL; /* new context of tty */ > + char *new_context = NULL; /* target security context */ > + char *old_context = NULL; /* original securiy context */ > + char *tty_context = NULL; /* current context of tty */ > + char *new_tty_context = NULL; /* new context of tty */ > > struct passwd pw; /* struct derived from passwd file line */ > char *ttyn = NULL; /* tty path */ > diff --git a/policycoreutils/run_init/run_init.c b/policycoreutils/run_init/run_init.c > index a007ce49..1c5eb68e 100644 > --- a/policycoreutils/run_init/run_init.c > +++ b/policycoreutils/run_init/run_init.c > @@ -303,7 +303,7 @@ int authenticate_user(void) > * out: The CONTEXT associated with the context. > * return: 0 on success, -1 on failure. > */ > -int get_init_context(security_context_t * context) > +int get_init_context(char **context) > { > > FILE *fp; > @@ -354,7 +354,7 @@ int main(int argc, char *argv[]) > > extern char *optarg; /* used by getopt() for arg strings */ > extern int opterr; /* controls getopt() error messages */ > - security_context_t new_context; /* context for the init script > context */ > + char *new_context; /* context for the init script context */ > > #ifdef USE_NLS > setlocale(LC_ALL, ""); > diff --git a/policycoreutils/secon/secon.c b/policycoreutils/secon/secon.c index > 477057a6..d257a9a1 100644 > --- a/policycoreutils/secon/secon.c > +++ b/policycoreutils/secon/secon.c > @@ -341,7 +341,7 @@ static void cmd_line(int argc, char *argv[]) > errx(EXIT_FAILURE, "SELinux is not enabled"); } > > -static int my_getXcon_raw(pid_t pid, security_context_t * con, const char *val) > +static int my_getXcon_raw(pid_t pid, char **con, const char *val) > { > char buf[4096]; > FILE *fp = NULL; > @@ -371,23 +371,23 @@ static int my_getXcon_raw(pid_t pid, > security_context_t * con, const char *val) > return (0); > } > > -static int my_getpidexeccon_raw(pid_t pid, security_context_t * con) > +static int my_getpidexeccon_raw(pid_t pid, char **con) > { > return (my_getXcon_raw(pid, con, "exec")); } -static int > my_getpidfscreatecon_raw(pid_t pid, security_context_t * con) > +static int my_getpidfscreatecon_raw(pid_t pid, char **con) > { > return (my_getXcon_raw(pid, con, "fscreate")); } -static int > my_getpidkeycreatecon_raw(pid_t pid, security_context_t * con) > +static int my_getpidkeycreatecon_raw(pid_t pid, char **con) > { > return (my_getXcon_raw(pid, con, "keycreate")); } > > -static security_context_t get_scon(void) > +static char *get_scon(void) > { > static char dummy_NIL[1] = ""; > - security_context_t con = NULL, con_tmp; > + char *con = NULL, *con_tmp; > int ret = -1; > > switch (opts->from_type) { > @@ -620,9 +620,10 @@ static void disp__con_val(const char *name, const char > *val, > done = TRUE; > } > > -static void disp_con(security_context_t scon_raw) > +static void disp_con(const char *scon_raw) > { > - security_context_t scon_trans, scon; > + char *scon_trans; > + const char *scon; > context_t con = NULL; > char *color_str = NULL; > struct context_color_t color = { .valid = 0 }; @@ -748,7 +749,7 @@ static > void disp_con(security_context_t scon_raw) > > int main(int argc, char *argv[]) > { > - security_context_t scon_raw = NULL; > + char *scon_raw = NULL; > > cmd_line(argc, argv); > > diff --git a/sandbox/seunshare.c b/sandbox/seunshare.c index > 9707a456..d626e98d 100644 > --- a/sandbox/seunshare.c > +++ b/sandbox/seunshare.c > @@ -431,13 +431,13 @@ static int cleanup_tmpdir(const char *tmpdir, const char > *src, > * to clean it up. > */ > static char *create_tmpdir(const char *src, struct stat *src_st, > - struct stat *out_st, struct passwd *pwd, security_context_t execcon) > + struct stat *out_st, struct passwd *pwd, const char *execcon) > { > char *tmpdir = NULL; > char *cmdbuf = NULL; > int fd_t = -1, fd_s = -1; > struct stat tmp_st; > - security_context_t con = NULL; > + char *con = NULL; > > /* get selinux context */ > if (execcon) { > @@ -549,10 +549,10 @@ good: > #define PROC_BASE "/proc" > > static int > -killall (security_context_t execcon) > +killall (const char *execcon) > { > DIR *dir; > - security_context_t scon; > + char *scon; > struct dirent *de; > pid_t *pid_table, pid, self; > int i; > @@ -615,7 +615,7 @@ killall (security_context_t execcon) > > int main(int argc, char **argv) { > int status = -1; > - security_context_t execcon = NULL; > + const char *execcon = NULL; > > int clflag; /* holds codes for command line flags */ > int kill_all = 0; > -- > 2.26.0.rc2 Nice, I also see you also made updates to correct const * issues with the Existing API like, for example, like send_audit_message(). Acked-by: William Roberts <william.c.roberts@xxxxxxxxx>
