Re: [PATCH 2/3] selinux: move debug functions into debug configuration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Jul 18, 2023 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@xxxxxxxxxxxxxx> wrote:
> 
> avtab_hash_eval() and hashtab_stat() are only used in policydb.c when
> the configuration SECURITY_SELINUX_DEBUG is enabled.
> 
> Move the function declarations and definitions under that configuration
> as well.
> 
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
> ---
>  security/selinux/ss/avtab.c   | 2 ++
>  security/selinux/ss/avtab.h   | 3 +++
>  security/selinux/ss/hashtab.c | 3 ++-
>  security/selinux/ss/hashtab.h | 2 ++
>  4 files changed, 9 insertions(+), 1 deletion(-)

...

> diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h
> index d6742fd9c560..0ea1ee9d4dae 100644
> --- a/security/selinux/ss/avtab.h
> +++ b/security/selinux/ss/avtab.h
> @@ -92,7 +92,10 @@ int avtab_alloc(struct avtab *, u32);
>  int avtab_alloc_dup(struct avtab *new, const struct avtab *orig);
>  struct avtab_datum *avtab_search(struct avtab *h, const struct avtab_key *k);
>  void avtab_destroy(struct avtab *h);
> +
> +#ifdef CONFIG_SECURITY_SELINUX_DEBUG
>  void avtab_hash_eval(struct avtab *h, const char *tag);
> +#endif

Let's do the usual dummy function here so we don't have to use the
CONFIG_SECURITY_SELINUX_DEBUG more than we have to ...

#ifdef CONFIG_SECURITY_SELINUX_DEBUG
void avtab_hash_eval(struct avtab *h, const char *tag);
#else
void avtab_hash_eval(struct avtab *h, const char *tag)
{
	return;
}
#endif

Please do the same for symtab_hash_eval() too so we can get rid of
the #ifdef in the callers.

> diff --git a/security/selinux/ss/hashtab.h b/security/selinux/ss/hashtab.h
> index 043a773bf0b7..7836c0995871 100644
> --- a/security/selinux/ss/hashtab.h
> +++ b/security/selinux/ss/hashtab.h
> @@ -142,7 +142,9 @@ int hashtab_duplicate(struct hashtab *new, struct hashtab *orig,
>  		int (*destroy)(void *k, void *d, void *args),
>  		void *args);
>  
> +#ifdef CONFIG_SECURITY_SELINUX_DEBUG
>  /* Fill info with some hash table statistics */
>  void hashtab_stat(struct hashtab *h, struct hashtab_info *info);
> +#endif

Same thing here.

--
paul-moore.com
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux