Re: [PATCH] smack: clean up smack_enabled to be more readable
From: Austin Kim
Date: Wed Nov 03 2021 - 18:25:11 EST
2021년 11월 4일 (목) 오전 1:01, Casey Schaufler <casey@xxxxxxxxxxxxxxxx>님이 작성:
>
> On 11/3/2021 12:31 AM, Austin Kim wrote:
> > The smack_enabled is only set to 0, 1. So changing type of smack_enabled
> > as bool may make relevant routine be more readable.
> >
> > Signed-off-by: Austin Kim <austindh.kim@xxxxxxxxx>
>
> A couple of changes below.
>
> > ---
> > security/smack/smack.h | 2 +-
> > security/smack/smack_lsm.c | 4 ++--
> > security/smack/smack_netfilter.c | 2 +-
> > security/smack/smackfs.c | 2 +-
> > 4 files changed, 5 insertions(+), 5 deletions(-)
> >
> > diff --git a/security/smack/smack.h b/security/smack/smack.h
> > index 99c3422596ab..dc1726f5953f 100644
> > --- a/security/smack/smack.h
> > +++ b/security/smack/smack.h
> > @@ -302,7 +302,7 @@ int smack_populate_secattr(struct smack_known *skp);
> > /*
> > * Shared data.
> > */
> > -extern int smack_enabled __initdata;
> > +extern bool smack_enabled __initdata;
> > extern int smack_cipso_direct;
> > extern int smack_cipso_mapped;
> > extern struct smack_known *smack_net_ambient;
> > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> > index efd35b07c7f8..ba3b46bd2ceb 100644
> > --- a/security/smack/smack_lsm.c
> > +++ b/security/smack/smack_lsm.c
> > @@ -56,7 +56,7 @@ static DEFINE_MUTEX(smack_ipv6_lock);
> > static LIST_HEAD(smk_ipv6_port_list);
> > #endif
> > struct kmem_cache *smack_rule_cache;
> > -int smack_enabled __initdata;
> > +bool smack_enabled __initdata;
> >
> > #define A(s) {"smack"#s, sizeof("smack"#s) - 1, Opt_##s}
> > static struct {
> > @@ -4953,7 +4953,7 @@ static __init int smack_init(void)
> > * Register with LSM
> > */
> > security_add_hooks(smack_hooks, ARRAY_SIZE(smack_hooks), "smack");
> > - smack_enabled = 1;
> > + smack_enabled = true;
> >
> > pr_info("Smack: Initializing.\n");
> > #ifdef CONFIG_SECURITY_SMACK_NETFILTER
> > diff --git a/security/smack/smack_netfilter.c b/security/smack/smack_netfilter.c
> > index b945c1d3a743..82092d9387a3 100644
> > --- a/security/smack/smack_netfilter.c
> > +++ b/security/smack/smack_netfilter.c
> > @@ -70,7 +70,7 @@ static struct pernet_operations smack_net_ops = {
> >
> > static int __init smack_nf_ip_init(void)
> > {
> > - if (smack_enabled == 0)
> > + if (smack_enabled == false)
>
> If you want to use a bool you should use it fully.
> + if (!smack_enabled)
>
> > return 0;
> >
> > printk(KERN_DEBUG "Smack: Registering netfilter hooks\n");
> > diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
> > index 658eab05599e..7649ad8cc335 100644
> > --- a/security/smack/smackfs.c
> > +++ b/security/smack/smackfs.c
> > @@ -2993,7 +2993,7 @@ static int __init init_smk_fs(void)
> > int err;
> > int rc;
> >
> > - if (smack_enabled == 0)
> > + if (smack_enabled == false)
>
> Same here.
Thanks for feedback.
Let me resend the patch.
BR,
Austin Kim
>
> > return 0;
> >
> > err = smk_init_sysfs();