selinux: sparse fix: fix several warnings in the security server code

author James Morris <jmorris@namei.org>

Tue, 30 Aug 2011 02:52:32 +0000 (12:52 +1000)

committer James Morris <jmorris@namei.org>

Fri, 9 Sep 2011 23:56:32 +0000 (16:56 -0700)
author James Morris <jmorris@namei.org>
Tue, 30 Aug 2011 02:52:32 +0000 (12:52 +1000)
committer James Morris <jmorris@namei.org>
Fri, 9 Sep 2011 23:56:32 +0000 (16:56 -0700)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c

index 1206cee..e545b9f 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -89,6 +89,7 @@
  #include "xfrm.h"
  #include "netlabel.h"
  #include "audit.h"
+#include "avc_ss.h"
  
  #define NUM_SEL_MNT_OPTS 5
  
@@ -278,10 +279,6 @@ static void superblock_free_security(struct super_block *sb)
         kfree(sbsec);
  }
  
-/* The security server must be initialized before
-   any labeling or access decisions can be provided. */
-extern int ss_initialized;
-
  /* The file system's label must be initialized prior to use. */
  
  static const char *labeling_behaviors[6] = {
diff --git a/security/selinux/include/avc_ss.h b/security/selinux/include/avc_ss.h

index 4677aa5..d5c3284 100644 (file)
--- a/security/selinux/include/avc_ss.h
+++ b/security/selinux/include/avc_ss.h
@@ -18,5 +18,11 @@ struct security_class_mapping {
  
  extern struct security_class_mapping secclass_map[];
  
+/*
+ * The security server must be initialized before
+ * any labeling or access decisions can be provided.
+ */
+extern int ss_initialized;
+
  #endif /* _SELINUX_AVC_SS_H_ */
  
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c

index a533732..2ec9041 100644 (file)
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -555,7 +555,7 @@ static int cond_write_av_list(struct policydb *p,
         return 0;
  }
  
-int cond_write_node(struct policydb *p, struct cond_node *node,
+static int cond_write_node(struct policydb *p, struct cond_node *node,
                     struct policy_file *fp)
  {
         struct cond_expr *cur_expr;
diff --git a/security/selinux/ss/conditional.h b/security/selinux/ss/conditional.h

index 3f209c6..4d1f874 100644 (file)
--- a/security/selinux/ss/conditional.h
+++ b/security/selinux/ss/conditional.h
@@ -13,6 +13,7 @@
  #include "avtab.h"
  #include "symtab.h"
  #include "policydb.h"
+#include "../include/conditional.h"
  
  #define COND_EXPR_MAXDEPTH 10
  
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c

index 2381d0d..a7f61d5 100644 (file)
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -1743,8 +1743,6 @@ static int policydb_bounds_sanity_check(struct policydb *p)
         return 0;
  }
  
-extern int ss_initialized;
-
  u16 string_to_security_class(struct policydb *p, const char *name)
  {
         struct class_datum *cladatum;
author	James Morris <jmorris@namei.org>
	Tue, 30 Aug 2011 02:52:32 +0000 (12:52 +1000)
committer	James Morris <jmorris@namei.org>
	Fri, 9 Sep 2011 23:56:32 +0000 (16:56 -0700)
security/selinux/hooks.c		patch \| blob \| history
security/selinux/include/avc_ss.h		patch \| blob \| history
security/selinux/ss/conditional.c		patch \| blob \| history
security/selinux/ss/conditional.h		patch \| blob \| history
security/selinux/ss/policydb.c		patch \| blob \| history