RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libselinux: sidtab updates 

Add sidtab_context_lookup() to just lookup a context, not inserting
non-existent ones.

Tweak sidtab_destroy() to accept a zero'ed struct sidtab.

Remove redundant lookup in sidtab_context_to_sid() after insertion by
returning the newly created node directly from sidtab_insert().

Drop declaration of only internal used sidtab_insert().

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
This commit is contained in:
Christian Göttsche 2024-11-05 19:33:15 +01:00 committed by James Carter
parent e5fd7b078f
commit 90b1c237a5
2 changed files with 42 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
libselinux/src/avc_sidtab.c
View File

@ -44,28 +44,23 @@ int sidtab_init(struct sidtab *s)
return rc;
}
int sidtab_insert(struct sidtab *s, const char * ctx)
static struct sidtab_node *
sidtab_insert(struct sidtab *s, const char * ctx)
{
unsigned hvalue;
int rc = 0;
struct sidtab_node *newnode;
char * newctx;
if (s->nel >= UINT_MAX - 1) {
rc = -1;
goto out;
}
if (s->nel >= UINT_MAX - 1)
return NULL;
newnode = (struct sidtab_node *)avc_malloc(sizeof(*newnode));
if (!newnode) {
rc = -1;
goto out;
}
if (!newnode)
return NULL;
newctx = strdup(ctx);
if (!newctx) {
rc = -1;
avc_free(newnode);
goto out;
return NULL;
}
hvalue = sidtab_hash(newctx);
@ -73,36 +68,48 @@ int sidtab_insert(struct sidtab *s, const char * ctx)
newnode->sid_s.ctx = newctx;
newnode->sid_s.id = ++s->nel;
s->htable[hvalue] = newnode;
out:
return rc;
return newnode;
}
const struct security_id *
sidtab_context_lookup(const struct sidtab *s, const char *ctx)
{
unsigned hvalue;
const struct sidtab_node *cur;
hvalue = sidtab_hash(ctx);
cur = s->htable[hvalue];
while (cur != NULL && strcmp(cur->sid_s.ctx, ctx))
cur = cur->next;
if (cur == NULL)
return NULL;
return &cur->sid_s;
}
int
sidtab_context_to_sid(struct sidtab *s,
const char * ctx, security_id_t * sid)
{
unsigned hvalue;
int rc = 0;
struct sidtab_node *cur;
struct sidtab_node *new;
const struct security_id *lookup_sid = sidtab_context_lookup(s, ctx);
*sid = NULL;
hvalue = sidtab_hash(ctx);
loop:
cur = s->htable[hvalue];
while (cur != NULL && strcmp(cur->sid_s.ctx, ctx))
cur = cur->next;
if (cur == NULL) { /* need to make a new entry */
rc = sidtab_insert(s, ctx);
if (rc)
goto out;
goto loop; /* find the newly inserted node */
if (lookup_sid) {
/* Dropping const is fine since our sidtab parameter is non-const. */
*sid = (struct security_id *)lookup_sid;
return 0;
}
*sid = &cur->sid_s;
out:
return rc;
new = sidtab_insert(s, ctx);
if (new == NULL) {
*sid = NULL;
return -1;
}
*sid = &new->sid_s;
return 0;
}
void sidtab_sid_stats(const struct sidtab *s, char *buf, size_t buflen)
@ -138,7 +145,7 @@ void sidtab_destroy(struct sidtab *s)
int i;
struct sidtab_node *cur, *temp;
if (!s)
if (!s || !s->htable)
return;
for (i = 0; i < SIDTAB_SIZE; i++) {
@ -149,7 +156,6 @@ void sidtab_destroy(struct sidtab *s)
freecon(temp->sid_s.ctx);
avc_free(temp);
}
s->htable[i] = NULL;
}
avc_free(s->htable);
s->htable = NULL;

2
libselinux/src/avc_sidtab.h
View File

@ -24,8 +24,8 @@ struct sidtab {
};
int sidtab_init(struct sidtab *s) ;
int sidtab_insert(struct sidtab *s, const char * ctx) ;
const struct security_id * sidtab_context_lookup(const struct sidtab *s, const char *ctx);
int sidtab_context_to_sid(struct sidtab *s,
const char * ctx, security_id_t * sid) ;