[PATCH] smack: clean up smack_enabled to be more readable

Casey Schaufler casey at schaufler-ca.com
Wed Nov 3 16:01:00 UTC 2021


On 11/3/2021 12:31 AM, Austin Kim wrote:
> The smack_enabled is only set to 0, 1. So changing type of smack_enabled
> as bool may make relevant routine be more readable.
>
> Signed-off-by: Austin Kim <austindh.kim at gmail.com>

A couple of changes below.

> ---
>   security/smack/smack.h           | 2 +-
>   security/smack/smack_lsm.c       | 4 ++--
>   security/smack/smack_netfilter.c | 2 +-
>   security/smack/smackfs.c         | 2 +-
>   4 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/security/smack/smack.h b/security/smack/smack.h
> index 99c3422596ab..dc1726f5953f 100644
> --- a/security/smack/smack.h
> +++ b/security/smack/smack.h
> @@ -302,7 +302,7 @@ int smack_populate_secattr(struct smack_known *skp);
>   /*
>    * Shared data.
>    */
> -extern int smack_enabled __initdata;
> +extern bool smack_enabled __initdata;
>   extern int smack_cipso_direct;
>   extern int smack_cipso_mapped;
>   extern struct smack_known *smack_net_ambient;
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index efd35b07c7f8..ba3b46bd2ceb 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -56,7 +56,7 @@ static DEFINE_MUTEX(smack_ipv6_lock);
>   static LIST_HEAD(smk_ipv6_port_list);
>   #endif
>   struct kmem_cache *smack_rule_cache;
> -int smack_enabled __initdata;
> +bool smack_enabled __initdata;
>   
>   #define A(s) {"smack"#s, sizeof("smack"#s) - 1, Opt_##s}
>   static struct {
> @@ -4953,7 +4953,7 @@ static __init int smack_init(void)
>   	 * Register with LSM
>   	 */
>   	security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack");
> -	smack_enabled = 1;
> +	smack_enabled = true;
>   
>   	pr_info("Smack:  Initializing.\n");
>   #ifdef CONFIG_SECURITY_SMACK_NETFILTER
> diff --git a/security/smack/smack_netfilter.c b/security/smack/smack_netfilter.c
> index b945c1d3a743..82092d9387a3 100644
> --- a/security/smack/smack_netfilter.c
> +++ b/security/smack/smack_netfilter.c
> @@ -70,7 +70,7 @@ static struct pernet_operations smack_net_ops = {
>   
>   static int __init smack_nf_ip_init(void)
>   {
> -	if (smack_enabled == 0)
> +	if (smack_enabled == false)

If you want to use a bool you should use it fully.
  +	if (!smack_enabled)

>   		return 0;
>   
>   	printk(KERN_DEBUG "Smack: Registering netfilter hooks\n");
> diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
> index 658eab05599e..7649ad8cc335 100644
> --- a/security/smack/smackfs.c
> +++ b/security/smack/smackfs.c
> @@ -2993,7 +2993,7 @@ static int __init init_smk_fs(void)
>   	int err;
>   	int rc;
>   
> -	if (smack_enabled == 0)
> +	if (smack_enabled == false)

Same here.

>   		return 0;
>   
>   	err = smk_init_sysfs();



More information about the Linux-security-module-archive mailing list