selinux: avoid implicit conversions regarding enforcing status

Use the type bool as parameter type in
selinux_status_update_setenforce().  The related function
enforcing_enabled() returns the type bool, while the struct
selinux_kernel_status member enforcing uses an u32.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
[PM: subject line tweaks]
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Christian Göttsche 2023-07-06 15:23:34 +02:00 committed by Paul Moore
parent 0e83c9c6fb
commit c867248cf4
3 changed files with 7 additions and 6 deletions

View File

@ -375,7 +375,7 @@ struct selinux_kernel_status {
*/ */
} __packed; } __packed;
extern void selinux_status_update_setenforce(int enforcing); extern void selinux_status_update_setenforce(bool enforcing);
extern void selinux_status_update_policyload(u32 seqno); extern void selinux_status_update_policyload(u32 seqno);
extern void selinux_complete_init(void); extern void selinux_complete_init(void);
extern struct path selinux_null; extern struct path selinux_null;

View File

@ -138,7 +138,8 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
{ {
char *page = NULL; char *page = NULL;
ssize_t length; ssize_t length;
int old_value, new_value; int scan_value;
bool old_value, new_value;
if (count >= PAGE_SIZE) if (count >= PAGE_SIZE)
return -ENOMEM; return -ENOMEM;
@ -152,10 +153,10 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf,
return PTR_ERR(page); return PTR_ERR(page);
length = -EINVAL; length = -EINVAL;
if (sscanf(page, "%d", &new_value) != 1) if (sscanf(page, "%d", &scan_value) != 1)
goto out; goto out;
new_value = !!new_value; new_value = !!scan_value;
old_value = enforcing_enabled(); old_value = enforcing_enabled();
if (new_value != old_value) { if (new_value != old_value) {

View File

@ -76,7 +76,7 @@ struct page *selinux_kernel_status_page(void)
* *
* It updates status of the current enforcing/permissive mode. * It updates status of the current enforcing/permissive mode.
*/ */
void selinux_status_update_setenforce(int enforcing) void selinux_status_update_setenforce(bool enforcing)
{ {
struct selinux_kernel_status *status; struct selinux_kernel_status *status;
@ -87,7 +87,7 @@ void selinux_status_update_setenforce(int enforcing)
status->sequence++; status->sequence++;
smp_wmb(); smp_wmb();
status->enforcing = enforcing; status->enforcing = enforcing ? 1 : 0;
smp_wmb(); smp_wmb();
status->sequence++; status->sequence++;