[PATCH] smack: clean up smack_enabled to be more readable
Casey Schaufler
casey at schaufler-ca.com
Wed Nov 3 16:01:00 UTC 2021
On 11/3/2021 12:31 AM, Austin Kim wrote:
> The smack_enabled is only set to 0, 1. So changing type of smack_enabled
> as bool may make relevant routine be more readable.
>
> Signed-off-by: Austin Kim <austindh.kim at gmail.com>
A couple of changes below.
> ---
> security/smack/smack.h | 2 +-
> security/smack/smack_lsm.c | 4 ++--
> security/smack/smack_netfilter.c | 2 +-
> security/smack/smackfs.c | 2 +-
> 4 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/security/smack/smack.h b/security/smack/smack.h
> index 99c3422596ab..dc1726f5953f 100644
> --- a/security/smack/smack.h
> +++ b/security/smack/smack.h
> @@ -302,7 +302,7 @@ int smack_populate_secattr(struct smack_known *skp);
> /*
> * Shared data.
> */
> -extern int smack_enabled __initdata;
> +extern bool smack_enabled __initdata;
> extern int smack_cipso_direct;
> extern int smack_cipso_mapped;
> extern struct smack_known *smack_net_ambient;
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index efd35b07c7f8..ba3b46bd2ceb 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -56,7 +56,7 @@ static DEFINE_MUTEX(smack_ipv6_lock);
> static LIST_HEAD(smk_ipv6_port_list);
> #endif
> struct kmem_cache *smack_rule_cache;
> -int smack_enabled __initdata;
> +bool smack_enabled __initdata;
>
> #define A(s) {"smack"#s, sizeof("smack"#s) - 1, Opt_##s}
> static struct {
> @@ -4953,7 +4953,7 @@ static __init int smack_init(void)
> * Register with LSM
> */
> security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack");
> - smack_enabled = 1;
> + smack_enabled = true;
>
> pr_info("Smack: Initializing.\n");
> #ifdef CONFIG_SECURITY_SMACK_NETFILTER
> diff --git a/security/smack/smack_netfilter.c b/security/smack/smack_netfilter.c
> index b945c1d3a743..82092d9387a3 100644
> --- a/security/smack/smack_netfilter.c
> +++ b/security/smack/smack_netfilter.c
> @@ -70,7 +70,7 @@ static struct pernet_operations smack_net_ops = {
>
> static int __init smack_nf_ip_init(void)
> {
> - if (smack_enabled == 0)
> + if (smack_enabled == false)
If you want to use a bool you should use it fully.
+ if (!smack_enabled)
> return 0;
>
> printk(KERN_DEBUG "Smack: Registering netfilter hooks\n");
> diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
> index 658eab05599e..7649ad8cc335 100644
> --- a/security/smack/smackfs.c
> +++ b/security/smack/smackfs.c
> @@ -2993,7 +2993,7 @@ static int __init init_smk_fs(void)
> int err;
> int rc;
>
> - if (smack_enabled == 0)
> + if (smack_enabled == false)
Same here.
> return 0;
>
> err = smk_init_sysfs();
More information about the Linux-security-module-archive
mailing list