[PATCH] selinux: Remove redundant check for unknown labeling behavior

Paul Moore paul at paul-moore.com
Fri May 19 18:43:00 UTC 2017


On Fri, May 19, 2017 at 1:09 PM, Matthias Kaehlcke <mka at chromium.org> wrote:
> The check is already performed in ocontext_read() when the policy is
> loaded. Removing the array also fixes the following warning when
> building with clang:
>
> security/selinux/hooks.c:338:20: error: variable 'labeling_behaviors'
>     is not needed and will not be emitted
>     [-Werror,-Wunneeded-internal-declaration]
>
> Signed-off-by: Matthias Kaehlcke <mka at chromium.org>
> ---
>  security/selinux/hooks.c | 16 ----------------
>  1 file changed, 16 deletions(-)

Merged, thanks everyone.

> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index e67a526d1f30..2e0227b0304f 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -398,18 +398,6 @@ static void superblock_free_security(struct super_block *sb)
>         kfree(sbsec);
>  }
>
> -/* The file system's label must be initialized prior to use. */
> -
> -static const char *labeling_behaviors[7] = {
> -       "uses xattr",
> -       "uses transition SIDs",
> -       "uses task SIDs",
> -       "uses genfs_contexts",
> -       "not configured for labeling",
> -       "uses mountpoint labeling",
> -       "uses native labeling",
> -};
> -
>  static inline int inode_doinit(struct inode *inode)
>  {
>         return inode_doinit_with_dentry(inode, NULL);
> @@ -524,10 +512,6 @@ static int sb_finish_set_opts(struct super_block *sb)
>                 }
>         }
>
> -       if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors))
> -               printk(KERN_ERR "SELinux: initialized (dev %s, type %s), unknown behavior\n",
> -                      sb->s_id, sb->s_type->name);
> -
>         sbsec->flags |= SE_SBINITIALIZED;
>         if (selinux_is_sblabel_mnt(sb))
>                 sbsec->flags |= SBLABEL_MNT;
> --
> 2.13.0.303.g4ebf302169-goog
>



-- 
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



More information about the Linux-security-module-archive mailing list