[PATCH] smack: clean up smack_enabled to be more readable

Austin Kim austindh.kim at gmail.com
Wed Nov 3 22:24:57 UTC 2021


2021년 11월 4일 (목) 오전 1:01, Casey Schaufler <casey at schaufler-ca.com>님이 작성:
>
> On 11/3/2021 12:31 AM, Austin Kim wrote:
> > The smack_enabled is only set to 0, 1. So changing type of smack_enabled
> > as bool may make relevant routine be more readable.
> >
> > Signed-off-by: Austin Kim <austindh.kim at gmail.com>
>
> A couple of changes below.
>
> > ---
> >   security/smack/smack.h           | 2 +-
> >   security/smack/smack_lsm.c       | 4 ++--
> >   security/smack/smack_netfilter.c | 2 +-
> >   security/smack/smackfs.c         | 2 +-
> >   4 files changed, 5 insertions(+), 5 deletions(-)
> >
> > diff --git a/security/smack/smack.h b/security/smack/smack.h
> > index 99c3422596ab..dc1726f5953f 100644
> > --- a/security/smack/smack.h
> > +++ b/security/smack/smack.h
> > @@ -302,7 +302,7 @@ int smack_populate_secattr(struct smack_known *skp);
> >   /*
> >    * Shared data.
> >    */
> > -extern int smack_enabled __initdata;
> > +extern bool smack_enabled __initdata;
> >   extern int smack_cipso_direct;
> >   extern int smack_cipso_mapped;
> >   extern struct smack_known *smack_net_ambient;
> > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> > index efd35b07c7f8..ba3b46bd2ceb 100644
> > --- a/security/smack/smack_lsm.c
> > +++ b/security/smack/smack_lsm.c
> > @@ -56,7 +56,7 @@ static DEFINE_MUTEX(smack_ipv6_lock);
> >   static LIST_HEAD(smk_ipv6_port_list);
> >   #endif
> >   struct kmem_cache *smack_rule_cache;
> > -int smack_enabled __initdata;
> > +bool smack_enabled __initdata;
> >
> >   #define A(s) {"smack"#s, sizeof("smack"#s) - 1, Opt_##s}
> >   static struct {
> > @@ -4953,7 +4953,7 @@ static __init int smack_init(void)
> >        * Register with LSM
> >        */
> >       security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack");
> > -     smack_enabled = 1;
> > +     smack_enabled = true;
> >
> >       pr_info("Smack:  Initializing.\n");
> >   #ifdef CONFIG_SECURITY_SMACK_NETFILTER
> > diff --git a/security/smack/smack_netfilter.c b/security/smack/smack_netfilter.c
> > index b945c1d3a743..82092d9387a3 100644
> > --- a/security/smack/smack_netfilter.c
> > +++ b/security/smack/smack_netfilter.c
> > @@ -70,7 +70,7 @@ static struct pernet_operations smack_net_ops = {
> >
> >   static int __init smack_nf_ip_init(void)
> >   {
> > -     if (smack_enabled == 0)
> > +     if (smack_enabled == false)
>
> If you want to use a bool you should use it fully.
>   +     if (!smack_enabled)
>
> >               return 0;
> >
> >       printk(KERN_DEBUG "Smack: Registering netfilter hooks\n");
> > diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
> > index 658eab05599e..7649ad8cc335 100644
> > --- a/security/smack/smackfs.c
> > +++ b/security/smack/smackfs.c
> > @@ -2993,7 +2993,7 @@ static int __init init_smk_fs(void)
> >       int err;
> >       int rc;
> >
> > -     if (smack_enabled == 0)
> > +     if (smack_enabled == false)
>
> Same here.

Thanks for feedback.
Let me resend the patch.

BR,
Austin Kim

>
> >               return 0;
> >
> >       err = smk_init_sysfs();



More information about the Linux-security-module-archive mailing list