selinux: avoid implicit conversions in the LSM hooks

author Christian Göttsche <cgzones@googlemail.com>

Thu, 6 Jul 2023 13:23:27 +0000 (15:23 +0200)

committer Paul Moore <paul@paul-moore.com>

Tue, 18 Jul 2023 22:29:48 +0000 (18:29 -0400)
author Christian Göttsche <cgzones@googlemail.com>
Thu, 6 Jul 2023 13:23:27 +0000 (15:23 +0200)
committer Paul Moore <paul@paul-moore.com>
Tue, 18 Jul 2023 22:29:48 +0000 (18:29 -0400)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c

index b8a8a4f..fff5060 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1125,7 +1125,7 @@ static inline int default_protocol_dgram(int protocol)
  
  static inline u16 socket_type_to_security_class(int family, int type, int protocol)
  {
-       int extsockclass = selinux_policycap_extsockclass();
+       bool extsockclass = selinux_policycap_extsockclass();
  
         switch (family) {
         case PF_UNIX:
@@ -5027,15 +5027,13 @@ static int selinux_sock_rcv_skb_compat(struct sock *sk, struct sk_buff *skb,
  
  static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb)
  {
-       int err;
+       int err, peerlbl_active, secmark_active;
         struct sk_security_struct *sksec = sk->sk_security;
         u16 family = sk->sk_family;
         u32 sk_sid = sksec->sid;
         struct common_audit_data ad;
         struct lsm_network_audit net = {0,};
         char *addrp;
-       u8 secmark_active;
-       u8 peerlbl_active;
  
         if (family != PF_INET && family != PF_INET6)
                 return 0;
@@ -5498,11 +5496,11 @@ static void selinux_inet_conn_established(struct sock *sk, struct sk_buff *skb)
  
  static int selinux_secmark_relabel_packet(u32 sid)
  {
-       const struct task_security_struct *__tsec;
+       const struct task_security_struct *tsec;
         u32 tsid;
  
-       __tsec = selinux_cred(current_cred());
-       tsid = __tsec->sid;
+       tsec = selinux_cred(current_cred());
+       tsid = tsec->sid;
  
         return avc_has_perm(tsid, sid, SECCLASS_PACKET, PACKET__RELABELTO,
                             NULL);
@@ -6000,8 +5998,7 @@ static int selinux_msg_queue_associate(struct kern_ipc_perm *msq, int msqflg)
  
  static int selinux_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd)
  {
-       int err;
-       int perms;
+       u32 perms;
  
         switch (cmd) {
         case IPC_INFO:
@@ -6024,8 +6021,7 @@ static int selinux_msg_queue_msgctl(struct kern_ipc_perm *msq, int cmd)
                 return 0;
         }
  
-       err = ipc_has_perm(msq, perms);
-       return err;
+       return ipc_has_perm(msq, perms);
  }
  
  static int selinux_msg_queue_msgsnd(struct kern_ipc_perm *msq, struct msg_msg *msg, int msqflg)
@@ -6130,8 +6126,7 @@ static int selinux_shm_associate(struct kern_ipc_perm *shp, int shmflg)
  /* Note, at this point, shp is locked down */
  static int selinux_shm_shmctl(struct kern_ipc_perm *shp, int cmd)
  {
-       int perms;
-       int err;
+       u32 perms;
  
         switch (cmd) {
         case IPC_INFO:
@@ -6158,8 +6153,7 @@ static int selinux_shm_shmctl(struct kern_ipc_perm *shp, int cmd)
                 return 0;
         }
  
-       err = ipc_has_perm(shp, perms);
-       return err;
+       return ipc_has_perm(shp, perms);
  }
  
  static int selinux_shm_shmat(struct kern_ipc_perm *shp,
@@ -6928,7 +6922,7 @@ static int selinux_uring_override_creds(const struct cred *new)
   */
  static int selinux_uring_sqpoll(void)
  {
-       int sid = current_sid();
+       u32 sid = current_sid();
  
         return avc_has_perm(sid, sid,
                             SECCLASS_IO_URING, IO_URING__SQPOLL, NULL);
author	Christian Göttsche <cgzones@googlemail.com>
	Thu, 6 Jul 2023 13:23:27 +0000 (15:23 +0200)
committer	Paul Moore <paul@paul-moore.com>
	Tue, 18 Jul 2023 22:29:48 +0000 (18:29 -0400)