On Mon, Nov 11, 2024 at 8:51 AM Christian Göttsche
<cgoettsche@xxxxxxxxxxxxx> wrote:
>
> From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>
> Use const parameters where applicable to signal immutability.
>
> Rename the passed iterator avrule from avrule to narule, to make clear
> its the neverallow rule to assert against, not the allow rule to check.
>
> Drop needless branch in check_assertions(), since in the case avrules is
> NULL the for loop won't execute and errors will stay at 0, so 0 will be
> returned regardless. Also there is no call to free() as mentioned in the
> outdated comment.
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
For these three patches:
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> v3:
> - use C99 bool where applicable
> - minor additions
> v2:
> add patch
> ---
> libsepol/include/sepol/policydb/policydb.h | 4 +-
> libsepol/src/assertion.c | 222 ++++++++++-----------
> 2 files changed, 107 insertions(+), 119 deletions(-)
>
> diff --git a/libsepol/include/sepol/policydb/policydb.h b/libsepol/include/sepol/policydb/policydb.h
> index f73e21fc..88fb3672 100644
> --- a/libsepol/include/sepol/policydb/policydb.h
> +++ b/libsepol/include/sepol/policydb/policydb.h
> @@ -698,9 +698,9 @@ extern void level_datum_init(level_datum_t * x);
> extern void level_datum_destroy(level_datum_t * x);
> extern void cat_datum_init(cat_datum_t * x);
> extern void cat_datum_destroy(cat_datum_t * x);
> -extern int check_assertion(policydb_t *p, avrule_t *avrule);
> +extern int check_assertion(policydb_t *p, const avrule_t *avrule);
> extern int check_assertions(sepol_handle_t * handle,
> - policydb_t * p, avrule_t * avrules);
> + policydb_t * p, const avrule_t * avrules);
>
> extern int symtab_insert(policydb_t * x, uint32_t sym,
> hashtab_key_t key, hashtab_datum_t datum,
> diff --git a/libsepol/src/assertion.c b/libsepol/src/assertion.c
> index 5e129883..e0e8685f 100644
> --- a/libsepol/src/assertion.c
> +++ b/libsepol/src/assertion.c
> @@ -20,6 +20,7 @@
> * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
> */
>
> +#include <stdbool.h>
> #include <sepol/policydb/avtab.h>
> #include <sepol/policydb/policydb.h>
> #include <sepol/policydb/expand.h>
> @@ -31,35 +32,31 @@
> struct avtab_match_args {
> sepol_handle_t *handle;
> policydb_t *p;
> - avrule_t *avrule;
> + const avrule_t *narule;
> avtab_t *avtab;
> unsigned long errors;
> };
>
> -static const char* policy_name(policydb_t *p) {
> - const char *policy_file = "policy.conf";
> - if (p->name) {
> - policy_file = p->name;
> - }
> - return policy_file;
> +static const char* policy_name(const policydb_t *p) {
> + return p->name ?: "policy.conf";
> }
>
> -static void report_failure(sepol_handle_t *handle, policydb_t *p, const avrule_t *avrule,
> +static void report_failure(sepol_handle_t *handle, const policydb_t *p, const avrule_t *narule,
> unsigned int stype, unsigned int ttype,
> const class_perm_node_t *curperm, uint32_t perms)
> {
> char *permstr = sepol_av_to_string(p, curperm->tclass, perms);
>
> - if (avrule->source_filename) {
> + if (narule->source_filename) {
> ERR(handle, "neverallow on line %lu of %s (or line %lu of %s) violated by allow %s %s:%s {%s };",
> - avrule->source_line, avrule->source_filename, avrule->line, policy_name(p),
> + narule->source_line, narule->source_filename, narule->line, policy_name(p),
> p->p_type_val_to_name[stype],
> p->p_type_val_to_name[ttype],
> p->p_class_val_to_name[curperm->tclass - 1],
> permstr ?: "<format-failure>");
> - } else if (avrule->line) {
> + } else if (narule->line) {
> ERR(handle, "neverallow on line %lu violated by allow %s %s:%s {%s };",
> - avrule->line, p->p_type_val_to_name[stype],
> + narule->line, p->p_type_val_to_name[stype],
> p->p_type_val_to_name[ttype],
> p->p_class_val_to_name[curperm->tclass - 1],
> permstr ?: "<format-failure>");
> @@ -74,29 +71,29 @@ static void report_failure(sepol_handle_t *handle, policydb_t *p, const avrule_t
> free(permstr);
> }
>
> -static int match_any_class_permissions(class_perm_node_t *cp, uint32_t class, uint32_t data)
> +static bool match_any_class_permissions(const class_perm_node_t *cp, uint32_t class, uint32_t data)
> {
> for (; cp; cp = cp->next) {
> if ((cp->tclass == class) && (cp->data & data))
> - return 1;
> + return true;
> }
>
> - return 0;
> + return false;
> }
>
> -static int extended_permissions_and(uint32_t *perms1, uint32_t *perms2) {
> +static bool extended_permissions_and(const uint32_t *perms1, const uint32_t *perms2) {
> size_t i;
> for (i = 0; i < EXTENDED_PERMS_LEN; i++) {
> if (perms1[i] & perms2[i])
> - return 1;
> + return true;
> }
>
> - return 0;
> + return false;
> }
>
> -static int check_extended_permissions(av_extended_perms_t *neverallow, avtab_extended_perms_t *allow)
> +static bool check_extended_permissions(const av_extended_perms_t *neverallow, const avtab_extended_perms_t *allow)
> {
> - int rc = 0;
> + bool rc = false;
> if ((neverallow->specified == AVRULE_XPERMS_IOCTLFUNCTION)
> && (allow->specified == AVTAB_XPERMS_IOCTLFUNCTION)) {
> if (neverallow->driver == allow->driver)
> @@ -121,8 +118,8 @@ static int check_extended_permissions(av_extended_perms_t *neverallow, avtab_ext
>
> /* Compute which allowed extended permissions violate the neverallow rule */
> static void extended_permissions_violated(avtab_extended_perms_t *result,
> - av_extended_perms_t *neverallow,
> - avtab_extended_perms_t *allow)
> + const av_extended_perms_t *neverallow,
> + const avtab_extended_perms_t *allow)
> {
> size_t i;
> if ((neverallow->specified == AVRULE_XPERMS_IOCTLFUNCTION)
> @@ -157,21 +154,20 @@ static void extended_permissions_violated(avtab_extended_perms_t *result,
>
> /* Same scenarios of interest as check_assertion_extended_permissions */
> static int report_assertion_extended_permissions(sepol_handle_t *handle,
> - policydb_t *p, const avrule_t *avrule,
> + policydb_t *p, const avrule_t *narule,
> unsigned int stype, unsigned int ttype,
> const class_perm_node_t *curperm, uint32_t perms,
> - avtab_key_t *k, avtab_t *avtab)
> + const avtab_key_t *k, avtab_t *avtab)
> {
> avtab_ptr_t node;
> avtab_key_t tmp_key;
> avtab_extended_perms_t *xperms;
> avtab_extended_perms_t error;
> - ebitmap_t *sattr = &p->type_attr_map[stype];
> - ebitmap_t *tattr = &p->type_attr_map[ttype];
> + const ebitmap_t *sattr = &p->type_attr_map[stype];
> + const ebitmap_t *tattr = &p->type_attr_map[ttype];
> ebitmap_node_t *snode, *tnode;
> unsigned int i, j;
> - int rc;
> - int found_xperm = 0;
> + bool found_xperm = false;
> int errors = 0;
>
> memcpy(&tmp_key, k, sizeof(avtab_key_t));
> @@ -189,18 +185,17 @@ static int report_assertion_extended_permissions(sepol_handle_t *handle,
> && (xperms->specified != AVTAB_XPERMS_IOCTLDRIVER)
> && (xperms->specified != AVTAB_XPERMS_NLMSG))
> continue;
> - found_xperm = 1;
> - rc = check_extended_permissions(avrule->xperms, xperms);
> + found_xperm = true;
> /* failure on the extended permission check_extended_permissions */
> - if (rc) {
> + if (check_extended_permissions(narule->xperms, xperms)) {
> char *permstring;
>
> - extended_permissions_violated(&error, avrule->xperms, xperms);
> + extended_permissions_violated(&error, narule->xperms, xperms);
> permstring = sepol_extended_perms_to_string(&error);
>
> ERR(handle, "neverallowxperm on line %lu of %s (or line %lu of %s) violated by\n"
> "allowxperm %s %s:%s %s;",
> - avrule->source_line, avrule->source_filename, avrule->line, policy_name(p),
> + narule->source_line, narule->source_filename, narule->line, policy_name(p),
> p->p_type_val_to_name[i],
> p->p_type_val_to_name[j],
> p->p_class_val_to_name[curperm->tclass - 1],
> @@ -219,7 +214,7 @@ static int report_assertion_extended_permissions(sepol_handle_t *handle,
>
> ERR(handle, "neverallowxperm on line %lu of %s (or line %lu of %s) violated by\n"
> "allow %s %s:%s {%s };",
> - avrule->source_line, avrule->source_filename, avrule->line, policy_name(p),
> + narule->source_line, narule->source_filename, narule->line, policy_name(p),
> p->p_type_val_to_name[stype],
> p->p_type_val_to_name[ttype],
> p->p_class_val_to_name[curperm->tclass - 1],
> @@ -240,26 +235,26 @@ static int report_assertion_avtab_matches(avtab_key_t *k, avtab_datum_t *d, void
> sepol_handle_t *handle = a->handle;
> policydb_t *p = a->p;
> avtab_t *avtab = a->avtab;
> - avrule_t *avrule = a->avrule;
> - class_perm_node_t *cp;
> + const avrule_t *narule = a->narule;
> + const class_perm_node_t *cp;
> uint32_t perms;
> ebitmap_t src_matches, tgt_matches, self_matches;
> ebitmap_node_t *snode, *tnode;
> unsigned int i, j;
> - const int is_avrule_self = (avrule->flags & RULE_SELF) != 0;
> - const int is_avrule_notself = (avrule->flags & RULE_NOTSELF) != 0;
> + const bool is_narule_self = (narule->flags & RULE_SELF) != 0;
> + const bool is_narule_notself = (narule->flags & RULE_NOTSELF) != 0;
>
> if ((k->specified & AVTAB_ALLOWED) == 0)
> return 0;
>
> - if (!match_any_class_permissions(avrule->perms, k->target_class, d->data))
> + if (!match_any_class_permissions(narule->perms, k->target_class, d->data))
> return 0;
>
> ebitmap_init(&src_matches);
> ebitmap_init(&tgt_matches);
> ebitmap_init(&self_matches);
>
> - rc = ebitmap_and(&src_matches, &avrule->stypes.types,
> + rc = ebitmap_and(&src_matches, &narule->stypes.types,
> &p->attr_type_map[k->source_type - 1]);
> if (rc < 0)
> goto oom;
> @@ -267,22 +262,22 @@ static int report_assertion_avtab_matches(avtab_key_t *k, avtab_datum_t *d, void
> if (ebitmap_is_empty(&src_matches))
> goto exit;
>
> - if (is_avrule_notself) {
> - if (ebitmap_is_empty(&avrule->ttypes.types)) {
> + if (is_narule_notself) {
> + if (ebitmap_is_empty(&narule->ttypes.types)) {
> /* avrule tgt is of the form ~self */
> rc = ebitmap_cpy(&tgt_matches, &p->attr_type_map[k->target_type -1]);
> } else {
> /* avrule tgt is of the form {ATTR -self} */
> - rc = ebitmap_and(&tgt_matches, &avrule->ttypes.types, &p->attr_type_map[k->target_type - 1]);
> + rc = ebitmap_and(&tgt_matches, &narule->ttypes.types, &p->attr_type_map[k->target_type - 1]);
> }
> if (rc)
> goto oom;
> } else {
> - rc = ebitmap_and(&tgt_matches, &avrule->ttypes.types, &p->attr_type_map[k->target_type -1]);
> + rc = ebitmap_and(&tgt_matches, &narule->ttypes.types, &p->attr_type_map[k->target_type -1]);
> if (rc < 0)
> goto oom;
>
> - if (is_avrule_self) {
> + if (is_narule_self) {
> rc = ebitmap_and(&self_matches, &src_matches, &p->attr_type_map[k->target_type - 1]);
> if (rc < 0)
> goto oom;
> @@ -298,7 +293,7 @@ static int report_assertion_avtab_matches(avtab_key_t *k, avtab_datum_t *d, void
> if (ebitmap_is_empty(&tgt_matches))
> goto exit;
>
> - for (cp = avrule->perms; cp; cp = cp->next) {
> + for (cp = narule->perms; cp; cp = cp->next) {
>
> perms = cp->data & d->data;
> if ((cp->tclass != k->target_class) || !perms) {
> @@ -307,16 +302,16 @@ static int report_assertion_avtab_matches(avtab_key_t *k, avtab_datum_t *d, void
>
> ebitmap_for_each_positive_bit(&src_matches, snode, i) {
> ebitmap_for_each_positive_bit(&tgt_matches, tnode, j) {
> - if (is_avrule_self && i != j)
> + if (is_narule_self && i != j)
> continue;
> - if (is_avrule_notself && i == j)
> + if (is_narule_notself && i == j)
> continue;
> - if (avrule->specified == AVRULE_XPERMS_NEVERALLOW) {
> - a->errors += report_assertion_extended_permissions(handle,p, avrule,
> + if (narule->specified == AVRULE_XPERMS_NEVERALLOW) {
> + a->errors += report_assertion_extended_permissions(handle,p, narule,
> i, j, cp, perms, k, avtab);
> } else {
> a->errors++;
> - report_failure(handle, p, avrule, i, j, cp, perms);
> + report_failure(handle, p, narule, i, j, cp, perms);
> }
> }
> }
> @@ -330,22 +325,22 @@ exit:
> return rc;
> }
>
> -static int report_assertion_failures(sepol_handle_t *handle, policydb_t *p, avrule_t *avrule)
> +static int report_assertion_failures(sepol_handle_t *handle, policydb_t *p, const avrule_t *narule)
> {
> int rc;
> - struct avtab_match_args args;
> -
> - args.handle = handle;
> - args.p = p;
> - args.avrule = avrule;
> - args.errors = 0;
> + struct avtab_match_args args = {
> + .handle = handle,
> + .p = p,
> + .narule = narule,
> + .errors = 0,
> + };
>
> - args.avtab = &p->te_avtab;
> + args.avtab = &p->te_avtab;
> rc = avtab_map(&p->te_avtab, report_assertion_avtab_matches, &args);
> if (rc < 0)
> goto oom;
>
> - args.avtab = &p->te_cond_avtab;
> + args.avtab = &p->te_cond_avtab;
> rc = avtab_map(&p->te_cond_avtab, report_assertion_avtab_matches, &args);
> if (rc < 0)
> goto oom;
> @@ -360,19 +355,19 @@ oom:
> * Look up the extended permissions in avtab and verify that neverallowed
> * permissions are not granted.
> */
> -static int check_assertion_extended_permissions_avtab(avrule_t *avrule, avtab_t *avtab,
> +static bool check_assertion_extended_permissions_avtab(const avrule_t *narule, avtab_t *avtab,
> unsigned int stype, unsigned int ttype,
> - avtab_key_t *k, policydb_t *p)
> + const avtab_key_t *k, policydb_t *p)
> {
> avtab_ptr_t node;
> avtab_key_t tmp_key;
> - avtab_extended_perms_t *xperms;
> - av_extended_perms_t *neverallow_xperms = avrule->xperms;
> - ebitmap_t *sattr = &p->type_attr_map[stype];
> - ebitmap_t *tattr = &p->type_attr_map[ttype];
> + const avtab_extended_perms_t *xperms;
> + const av_extended_perms_t *neverallow_xperms = narule->xperms;
> + const ebitmap_t *sattr = &p->type_attr_map[stype];
> + const ebitmap_t *tattr = &p->type_attr_map[ttype];
> ebitmap_node_t *snode, *tnode;
> unsigned int i, j;
> - int rc = 1;
> + bool ret = true;
>
> memcpy(&tmp_key, k, sizeof(avtab_key_t));
> tmp_key.specified = AVTAB_XPERMS_ALLOWED;
> @@ -390,14 +385,14 @@ static int check_assertion_extended_permissions_avtab(avrule_t *avrule, avtab_t
> && (xperms->specified != AVTAB_XPERMS_IOCTLDRIVER)
> && (xperms->specified != AVTAB_XPERMS_NLMSG))
> continue;
> - rc = check_extended_permissions(neverallow_xperms, xperms);
> - if (rc)
> - return rc;
> + ret = check_extended_permissions(neverallow_xperms, xperms);
> + if (ret)
> + return ret;
> }
> }
> }
>
> - return rc;
> + return ret;
> }
>
> /*
> @@ -416,21 +411,21 @@ static int check_assertion_extended_permissions_avtab(avrule_t *avrule, avtab_t
> * 4. FAIL - The ioctl permission is granted AND the extended permission is
> * granted
> */
> -static int check_assertion_extended_permissions(avrule_t *avrule, avtab_t *avtab,
> - avtab_key_t *k, policydb_t *p)
> +static int check_assertion_extended_permissions(const avrule_t *narule, avtab_t *avtab,
> + const avtab_key_t *k, policydb_t *p)
> {
> ebitmap_t src_matches, tgt_matches, self_matches;
> unsigned int i, j;
> ebitmap_node_t *snode, *tnode;
> - const int is_avrule_self = (avrule->flags & RULE_SELF) != 0;
> - const int is_avrule_notself = (avrule->flags & RULE_NOTSELF) != 0;
> + const bool is_narule_self = (narule->flags & RULE_SELF) != 0;
> + const bool is_narule_notself = (narule->flags & RULE_NOTSELF) != 0;
> int rc;
>
> ebitmap_init(&src_matches);
> ebitmap_init(&tgt_matches);
> ebitmap_init(&self_matches);
>
> - rc = ebitmap_and(&src_matches, &avrule->stypes.types,
> + rc = ebitmap_and(&src_matches, &narule->stypes.types,
> &p->attr_type_map[k->source_type - 1]);
> if (rc < 0)
> goto oom;
> @@ -440,22 +435,22 @@ static int check_assertion_extended_permissions(avrule_t *avrule, avtab_t *avtab
> goto exit;
> }
>
> - if (is_avrule_notself) {
> - if (ebitmap_is_empty(&avrule->ttypes.types)) {
> + if (is_narule_notself) {
> + if (ebitmap_is_empty(&narule->ttypes.types)) {
> /* avrule tgt is of the form ~self */
> rc = ebitmap_cpy(&tgt_matches, &p->attr_type_map[k->target_type -1]);
> } else {
> /* avrule tgt is of the form {ATTR -self} */
> - rc = ebitmap_and(&tgt_matches, &avrule->ttypes.types, &p->attr_type_map[k->target_type - 1]);
> + rc = ebitmap_and(&tgt_matches, &narule->ttypes.types, &p->attr_type_map[k->target_type - 1]);
> }
> if (rc < 0)
> goto oom;
> } else {
> - rc = ebitmap_and(&tgt_matches, &avrule->ttypes.types, &p->attr_type_map[k->target_type -1]);
> + rc = ebitmap_and(&tgt_matches, &narule->ttypes.types, &p->attr_type_map[k->target_type -1]);
> if (rc < 0)
> goto oom;
>
> - if (is_avrule_self) {
> + if (is_narule_self) {
> rc = ebitmap_and(&self_matches, &src_matches, &p->attr_type_map[k->target_type - 1]);
> if (rc < 0)
> goto oom;
> @@ -475,11 +470,11 @@ static int check_assertion_extended_permissions(avrule_t *avrule, avtab_t *avtab
>
> ebitmap_for_each_positive_bit(&src_matches, snode, i) {
> ebitmap_for_each_positive_bit(&tgt_matches, tnode, j) {
> - if (is_avrule_self && i != j)
> + if (is_narule_self && i != j)
> continue;
> - if (is_avrule_notself && i == j)
> + if (is_narule_notself && i == j)
> continue;
> - if (check_assertion_extended_permissions_avtab(avrule, avtab, i, j, k, p)) {
> + if (check_assertion_extended_permissions_avtab(narule, avtab, i, j, k, p)) {
> rc = 1;
> goto exit;
> }
> @@ -496,7 +491,7 @@ exit:
> return rc;
> }
>
> -static int check_assertion_notself_match(avtab_key_t *k, avrule_t *avrule, policydb_t *p)
> +static int check_assertion_notself_match(const avtab_key_t *k, const avrule_t *narule, policydb_t *p)
> {
> ebitmap_t src_matches, tgt_matches;
> unsigned int num_src_matches, num_tgt_matches;
> @@ -505,16 +500,16 @@ static int check_assertion_notself_match(avtab_key_t *k, avrule_t *avrule, polic
> ebitmap_init(&src_matches);
> ebitmap_init(&tgt_matches);
>
> - rc = ebitmap_and(&src_matches, &avrule->stypes.types, &p->attr_type_map[k->source_type - 1]);
> + rc = ebitmap_and(&src_matches, &narule->stypes.types, &p->attr_type_map[k->source_type - 1]);
> if (rc < 0)
> goto oom;
>
> - if (ebitmap_is_empty(&avrule->ttypes.types)) {
> + if (ebitmap_is_empty(&narule->ttypes.types)) {
> /* avrule tgt is of the form ~self */
> rc = ebitmap_cpy(&tgt_matches, &p->attr_type_map[k->target_type - 1]);
> } else {
> /* avrule tgt is of the form {ATTR -self} */
> - rc = ebitmap_and(&tgt_matches, &avrule->ttypes.types, &p->attr_type_map[k->target_type - 1]);
> + rc = ebitmap_and(&tgt_matches, &narule->ttypes.types, &p->attr_type_map[k->target_type - 1]);
> }
> if (rc < 0)
> goto oom;
> @@ -551,7 +546,7 @@ nomatch:
> return rc;
> }
>
> -static int check_assertion_self_match(avtab_key_t *k, avrule_t *avrule, policydb_t *p)
> +static int check_assertion_self_match(const avtab_key_t *k, const avrule_t *narule, policydb_t *p)
> {
> ebitmap_t src_matches;
> int rc;
> @@ -560,7 +555,7 @@ static int check_assertion_self_match(avtab_key_t *k, avrule_t *avrule, policydb
> * and the key's source.
> */
>
> - rc = ebitmap_and(&src_matches, &avrule->stypes.types, &p->attr_type_map[k->source_type - 1]);
> + rc = ebitmap_and(&src_matches, &narule->stypes.types, &p->attr_type_map[k->source_type - 1]);
> if (rc < 0)
> goto oom;
>
> @@ -582,29 +577,29 @@ static int check_assertion_avtab_match(avtab_key_t *k, avtab_datum_t *d, void *a
> int rc;
> struct avtab_match_args *a = (struct avtab_match_args *)args;
> policydb_t *p = a->p;
> - avrule_t *avrule = a->avrule;
> + const avrule_t *narule = a->narule;
> avtab_t *avtab = a->avtab;
>
> if ((k->specified & AVTAB_ALLOWED) == 0)
> goto nomatch;
>
> - if (!match_any_class_permissions(avrule->perms, k->target_class, d->data))
> + if (!match_any_class_permissions(narule->perms, k->target_class, d->data))
> goto nomatch;
>
> - if (!ebitmap_match_any(&avrule->stypes.types, &p->attr_type_map[k->source_type - 1]))
> + if (!ebitmap_match_any(&narule->stypes.types, &p->attr_type_map[k->source_type - 1]))
> goto nomatch;
>
> - if (avrule->flags & RULE_NOTSELF) {
> - rc = check_assertion_notself_match(k, avrule, p);
> + if (narule->flags & RULE_NOTSELF) {
> + rc = check_assertion_notself_match(k, narule, p);
> if (rc < 0)
> goto oom;
> if (rc == 0)
> goto nomatch;
> } else {
> /* neverallow may have tgts even if it uses SELF */
> - if (!ebitmap_match_any(&avrule->ttypes.types, &p->attr_type_map[k->target_type -1])) {
> - if (avrule->flags == RULE_SELF) {
> - rc = check_assertion_self_match(k, avrule, p);
> + if (!ebitmap_match_any(&narule->ttypes.types, &p->attr_type_map[k->target_type -1])) {
> + if (narule->flags == RULE_SELF) {
> + rc = check_assertion_self_match(k, narule, p);
> if (rc < 0)
> goto oom;
> if (rc == 0)
> @@ -615,8 +610,8 @@ static int check_assertion_avtab_match(avtab_key_t *k, avtab_datum_t *d, void *a
> }
> }
>
> - if (avrule->specified == AVRULE_XPERMS_NEVERALLOW) {
> - rc = check_assertion_extended_permissions(avrule, avtab, k, p);
> + if (narule->specified == AVRULE_XPERMS_NEVERALLOW) {
> + rc = check_assertion_extended_permissions(narule, avtab, k, p);
> if (rc < 0)
> goto oom;
> if (rc == 0)
> @@ -631,17 +626,17 @@ oom:
> return rc;
> }
>
> -int check_assertion(policydb_t *p, avrule_t *avrule)
> +int check_assertion(policydb_t *p, const avrule_t *narule)
> {
> int rc;
> - struct avtab_match_args args;
> + struct avtab_match_args args = {
> + .handle = NULL,
> + .p = p,
> + .narule = narule,
> + .errors = 0,
> + };
>
> - args.handle = NULL;
> - args.p = p;
> - args.avrule = avrule;
> - args.errors = 0;
> args.avtab = &p->te_avtab;
> -
> rc = avtab_map(&p->te_avtab, check_assertion_avtab_match, &args);
>
> if (rc == 0) {
> @@ -653,20 +648,13 @@ int check_assertion(policydb_t *p, avrule_t *avrule)
> }
>
> int check_assertions(sepol_handle_t * handle, policydb_t * p,
> - avrule_t * avrules)
> + const avrule_t * narules)
> {
> int rc;
> - avrule_t *a;
> + const avrule_t *a;
> unsigned long errors = 0;
>
> - if (!avrules) {
> - /* Since assertions are stored in avrules, if it is NULL
> - there won't be any to check. This also prevents an invalid
> - free if the avtabs are never initialized */
> - return 0;
> - }
> -
> - for (a = avrules; a != NULL; a = a->next) {
> + for (a = narules; a != NULL; a = a->next) {
> if (!(a->specified & (AVRULE_NEVERALLOW | AVRULE_XPERMS_NEVERALLOW)))
> continue;
> rc = check_assertion(p, a);
> --
> 2.45.2
>
>
