SELinux: keep the code clean formating and syntax

+11 -7

security/selinux/hooks.c

··· 53 53 #include <net/tcp.h> /* struct or_callable used in sock_rcv_skb */ 54 54 #include <net/net_namespace.h> 55 55 #include <net/netlabel.h> 56 - #include <asm/uaccess.h> 56 + #include <linux/uaccess.h> 57 57 #include <asm/ioctls.h> 58 58 #include <asm/atomic.h> 59 59 #include <linux/bitops.h> ··· 104 104 105 105 static int __init enforcing_setup(char *str) 106 106 { 107 - selinux_enforcing = simple_strtol(str, NULL, 0); 107 + unsigned long enforcing; 108 + if (!strict_strtoul(str, 0, &enforcing)) 109 + selinux_enforcing = enforcing ? 1 : 0; 108 110 return 1; 109 111 } 110 112 __setup("enforcing=", enforcing_setup); ··· 117 115 118 116 static int __init selinux_enabled_setup(char *str) 119 117 { 120 - selinux_enabled = simple_strtol(str, NULL, 0); 118 + unsigned long enabled; 119 + if (!strict_strtoul(str, 0, &enabled)) 120 + selinux_enabled = enabled ? 1 : 0; 121 121 return 1; 122 122 } 123 123 __setup("selinux=", selinux_enabled_setup); ··· 598 594 */ 599 595 if (sbsec->initialized && (sb->s_type->fs_flags & FS_BINARY_MOUNTDATA) 600 596 && (num_opts == 0)) 601 - goto out; 597 + goto out; 602 598 603 599 /* 604 600 * parse the mount options, check if they are valid sids. ··· 2699 2695 } 2700 2696 2701 2697 static void selinux_inode_post_setxattr(struct dentry *dentry, const char *name, 2702 - const void *value, size_t size, 2698 + const void *value, size_t size, 2703 2699 int flags) 2704 2700 { 2705 2701 struct inode *inode = dentry->d_inode; ··· 5394 5390 .inode_listsecurity = selinux_inode_listsecurity, 5395 5391 .inode_need_killpriv = selinux_inode_need_killpriv, 5396 5392 .inode_killpriv = selinux_inode_killpriv, 5397 - .inode_getsecid = selinux_inode_getsecid, 5393 + .inode_getsecid = selinux_inode_getsecid, 5398 5394 5399 5395 .file_permission = selinux_file_permission, 5400 5396 .file_alloc_security = selinux_file_alloc_security, ··· 5435 5431 .task_to_inode = selinux_task_to_inode, 5436 5432 5437 5433 .ipc_permission = selinux_ipc_permission, 5438 - .ipc_getsecid = selinux_ipc_getsecid, 5434 + .ipc_getsecid = selinux_ipc_getsecid, 5439 5435 5440 5436 .msg_msg_alloc_security = selinux_msg_msg_alloc_security, 5441 5437 .msg_msg_free_security = selinux_msg_msg_free_security,

+2 -2

security/selinux/include/audit.h

··· 1 1 /* 2 2 * SELinux support for the Audit LSM hooks 3 3 * 4 - * Most of below header was moved from include/linux/selinux.h which 4 + * Most of below header was moved from include/linux/selinux.h which 5 5 * is released under below copyrights: 6 6 * 7 7 * Author: James Morris <jmorris@redhat.com> ··· 52 52 * -errno on failure. 53 53 */ 54 54 int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule, 55 - struct audit_context *actx); 55 + struct audit_context *actx); 56 56 57 57 /** 58 58 * selinux_audit_rule_known - check to see if rule contains selinux fields.

+7 -8

security/selinux/include/avc.h

··· 75 75 76 76 /* Initialize an AVC audit data structure. */ 77 77 #define AVC_AUDIT_DATA_INIT(_d,_t) \ 78 - { memset((_d), 0, sizeof(struct avc_audit_data)); (_d)->type = AVC_AUDIT_DATA_##_t; } 78 + { memset((_d), 0, sizeof(struct avc_audit_data)); (_d)->type = AVC_AUDIT_DATA_##_t; } 79 79 80 80 /* 81 81 * AVC statistics 82 82 */ 83 - struct avc_cache_stats 84 - { 83 + struct avc_cache_stats { 85 84 unsigned int lookups; 86 85 unsigned int hits; 87 86 unsigned int misses; ··· 96 97 void __init avc_init(void); 97 98 98 99 void avc_audit(u32 ssid, u32 tsid, 99 - u16 tclass, u32 requested, 100 - struct av_decision *avd, int result, struct avc_audit_data *auditdata); 100 + u16 tclass, u32 requested, 101 + struct av_decision *avd, int result, struct avc_audit_data *auditdata); 101 102 102 103 #define AVC_STRICT 1 /* Ignore permissive mode. */ 103 104 int avc_has_perm_noaudit(u32 ssid, u32 tsid, ··· 106 107 struct av_decision *avd); 107 108 108 109 int avc_has_perm(u32 ssid, u32 tsid, 109 - u16 tclass, u32 requested, 110 - struct avc_audit_data *auditdata); 110 + u16 tclass, u32 requested, 111 + struct avc_audit_data *auditdata); 111 112 112 113 u32 avc_policy_seqno(void); 113 114 ··· 121 122 #define AVC_CALLBACK_AUDITDENY_DISABLE 128 122 123 123 124 int avc_add_callback(int (*callback)(u32 event, u32 ssid, u32 tsid, 124 - u16 tclass, u32 perms, 125 + u16 tclass, u32 perms, 125 126 u32 *out_retained), 126 127 u32 events, u32 ssid, u32 tsid, 127 128 u16 tclass, u32 perms);

-1

security/selinux/netnode.c

··· 38 38 #include <linux/ipv6.h> 39 39 #include <net/ip.h> 40 40 #include <net/ipv6.h> 41 - #include <asm/bug.h> 42 41 43 42 #include "netnode.h" 44 43 #include "objsec.h"

+1 -2

security/selinux/netport.c

··· 37 37 #include <linux/ipv6.h> 38 38 #include <net/ip.h> 39 39 #include <net/ipv6.h> 40 - #include <asm/bug.h> 41 40 42 41 #include "netport.h" 43 42 #include "objsec.h" ··· 271 272 } 272 273 273 274 ret = avc_add_callback(sel_netport_avc_callback, AVC_CALLBACK_RESET, 274 - SECSID_NULL, SECSID_NULL, SECCLASS_NULL, 0); 275 + SECSID_NULL, SECSID_NULL, SECCLASS_NULL, 0); 275 276 if (ret != 0) 276 277 panic("avc_add_callback() failed, error %d\n", ret); 277 278

+7 -3

security/selinux/selinuxfs.c

··· 27 27 #include <linux/seq_file.h> 28 28 #include <linux/percpu.h> 29 29 #include <linux/audit.h> 30 - #include <asm/uaccess.h> 30 + #include <linux/uaccess.h> 31 31 32 32 /* selinuxfs pseudo filesystem for exporting the security policy API. 33 33 Based on the proc code and the fs/nfsd/nfsctl.c code. */ ··· 57 57 58 58 static int __init checkreqprot_setup(char *str) 59 59 { 60 - selinux_checkreqprot = simple_strtoul(str, NULL, 0) ? 1 : 0; 60 + unsigned long checkreqprot; 61 + if (!strict_strtoul(str, 0, &checkreqprot)) 62 + selinux_checkreqprot = checkreqprot ? 1 : 0; 61 63 return 1; 62 64 } 63 65 __setup("checkreqprot=", checkreqprot_setup); 64 66 65 67 static int __init selinux_compat_net_setup(char *str) 66 68 { 67 - selinux_compat_net = simple_strtoul(str, NULL, 0) ? 1 : 0; 69 + unsigned long compat_net; 70 + if (!strict_strtoul(str, 0, &compat_net)) 71 + selinux_compat_net = compat_net ? 1 : 0; 68 72 return 1; 69 73 } 70 74 __setup("selinux_compat_net=", selinux_compat_net_setup);

+1 -1

security/selinux/ss/avtab.c

··· 311 311 } 312 312 313 313 printk(KERN_DEBUG "SELinux: %s: %d entries and %d/%d buckets used, " 314 - "longest chain length %d sum of chain length^2 %Lu\n", 314 + "longest chain length %d sum of chain length^2 %llu\n", 315 315 tag, h->nel, slots_used, h->nslot, max_chain_len, 316 316 chain2_len_sum); 317 317 }

+4 -4

security/selinux/ss/mls.c

··· 437 437 struct mls_level *usercon_clr = &(usercon->range.level[1]); 438 438 439 439 /* Honor the user's default level if we can */ 440 - if (mls_level_between(user_def, fromcon_sen, fromcon_clr)) { 440 + if (mls_level_between(user_def, fromcon_sen, fromcon_clr)) 441 441 *usercon_sen = *user_def; 442 - } else if (mls_level_between(fromcon_sen, user_def, user_clr)) { 442 + else if (mls_level_between(fromcon_sen, user_def, user_clr)) 443 443 *usercon_sen = *fromcon_sen; 444 - } else if (mls_level_between(fromcon_clr, user_low, user_def)) { 444 + else if (mls_level_between(fromcon_clr, user_low, user_def)) 445 445 *usercon_sen = *user_low; 446 - } else 446 + else 447 447 return -EINVAL; 448 448 449 449 /* Lower the clearance of available contexts

+2 -2

security/selinux/ss/services.c

··· 2531 2531 } 2532 2532 2533 2533 int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule, 2534 - struct audit_context *actx) 2534 + struct audit_context *actx) 2535 2535 { 2536 2536 struct context *ctxt; 2537 2537 struct mls_level *level; ··· 2645 2645 static int (*aurule_callback)(void) = audit_update_lsm_rules; 2646 2646 2647 2647 static int aurule_avc_callback(u32 event, u32 ssid, u32 tsid, 2648 - u16 class, u32 perms, u32 *retained) 2648 + u16 class, u32 perms, u32 *retained) 2649 2649 { 2650 2650 int err = 0; 2651 2651