[PATCH 3/5] selinux: use consistent pointer types for boolean arrays

Christian Göttsche <cgzones@xxxxxxxxxxxxxx> · Thu, 17 Feb 2022 15:21:26 +0100

Use a consistent type of unsigned int* for boolean arrays, instead of
using implicit casts to and from int*.

Reported by sparse:

    security/selinux/selinuxfs.c:1481:30: warning: incorrect type in assignment (different signedness)
    security/selinux/selinuxfs.c:1481:30:    expected unsigned int *
    security/selinux/selinuxfs.c:1481:30:    got int *[addressable] values
    security/selinux/selinuxfs.c:1398:48: warning: incorrect type in argument 3 (different signedness)
    security/selinux/selinuxfs.c:1398:48:    expected int *values
    security/selinux/selinuxfs.c:1398:48:    got unsigned int *bool_pending_values

Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>

---
A more invasive change would be to change all boolean arrays to bool*.
---
 security/selinux/include/conditional.h | 4 ++--
 security/selinux/selinuxfs.c           | 2 +-
 security/selinux/ss/services.c         | 9 +++++----
 3 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/security/selinux/include/conditional.h b/security/selinux/include/conditional.h
index b09343346e3f..9e65aa409318 100644
--- a/security/selinux/include/conditional.h
+++ b/security/selinux/include/conditional.h
@@ -14,9 +14,9 @@
 #include "security.h"
 
 int security_get_bools(struct selinux_policy *policy,
-		       u32 *len, char ***names, int **values);
+		       u32 *len, char ***names, unsigned int **values);
 
-int security_set_bools(struct selinux_state *state, u32 len, int *values);
+int security_set_bools(struct selinux_state *state, u32 len, unsigned int *values);
 
 int security_get_bool_value(struct selinux_state *state, u32 index);
 
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index f2f6203e0fff..5216a321bbb0 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -1428,7 +1428,7 @@ static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_
 	struct inode_security_struct *isec;
 	char **names = NULL, *page;
 	u32 i, num;
-	int *values = NULL;
+	unsigned int *values = NULL;
 	u32 sid;
 
 	ret = -ENOMEM;
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 6901dc07680d..7865926962ab 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -3023,7 +3023,7 @@ int security_fs_use(struct selinux_state *state, struct super_block *sb)
 }
 
 int security_get_bools(struct selinux_policy *policy,
-		       u32 *len, char ***names, int **values)
+		       u32 *len, char ***names, unsigned int **values)
 {
 	struct policydb *policydb;
 	u32 i;
@@ -3045,7 +3045,7 @@ int security_get_bools(struct selinux_policy *policy,
 		goto err;
 
 	rc = -ENOMEM;
-	*values = kcalloc(*len, sizeof(int), GFP_ATOMIC);
+	*values = kcalloc(*len, sizeof(unsigned int), GFP_ATOMIC);
 	if (!*values)
 		goto err;
 
@@ -3075,7 +3075,7 @@ int security_get_bools(struct selinux_policy *policy,
 }
 
 
-int security_set_bools(struct selinux_state *state, u32 len, int *values)
+int security_set_bools(struct selinux_state *state, u32 len, unsigned int *values)
 {
 	struct selinux_policy *newpolicy, *oldpolicy;
 	int rc;
@@ -3175,7 +3175,8 @@ int security_get_bool_value(struct selinux_state *state,
 static int security_preserve_bools(struct selinux_policy *oldpolicy,
 				struct selinux_policy *newpolicy)
 {
-	int rc, *bvalues = NULL;
+	int rc;
+	unsigned int *bvalues = NULL;
 	char **bnames = NULL;
 	struct cond_bool_datum *booldatum;
 	u32 i, nbools = 0;
-- 
2.35.1







