selinux: rename the {is,set}_enforcing() functions (e5a5ca96) · Commits · e / devices / android_kernel_fairphone_FP4

security/selinux/avc.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -985,7 +985,7 @@ static noinline int avc_denied(u32 ssid, u32 tsid,
		if (flags & AVC_STRICT)
		return -EACCES;

		if (is_enforcing(&selinux_state) &&
		if (enforcing_enabled(&selinux_state) &&
		!(avd->flags & AVD_FLAGS_PERMISSIVE))
		return -EACCES;

+2 −2

Original line number	Diff line number	Diff line
		@@ -5407,7 +5407,7 @@ static int selinux_nlmsg_perm(struct sock sk, struct sk_buff skb)
		sk->sk_protocol, nlh->nlmsg_type,
		secclass_map[sksec->sclass - 1].name,
		task_pid_nr(current), current->comm);
		if (!is_enforcing(&selinux_state) \|\|
		if (!enforcing_enabled(&selinux_state) \|\|
		security_get_allow_unknown(&selinux_state))
		err = 0;
		}
		@@ -6937,7 +6937,7 @@ static __init int selinux_init(void)
		printk(KERN_INFO "SELinux: Initializing.\n");

		memset(&selinux_state, 0, sizeof(selinux_state));
		set_enforcing(&selinux_state, selinux_enforcing_boot);
		enforcing_set(&selinux_state, selinux_enforcing_boot);
		selinux_state.checkreqprot = selinux_checkreqprot_boot;
		selinux_ss_init(&selinux_state.ss);

+4 −4

Original line number	Diff line number	Diff line
		@@ -111,22 +111,22 @@ void selinux_ss_init(struct selinux_ss **ss);
		extern struct selinux_state selinux_state;

		#ifdef CONFIG_SECURITY_SELINUX_DEVELOP
		static inline bool is_enforcing(struct selinux_state *state)
		static inline bool enforcing_enabled(struct selinux_state *state)
		{
		return state->enforcing;
		}

		static inline void set_enforcing(struct selinux_state *state, bool value)
		static inline void enforcing_set(struct selinux_state *state, bool value)
		{
		state->enforcing = value;
		}
		#else
		static inline bool is_enforcing(struct selinux_state *state)
		static inline bool enforcing_enabled(struct selinux_state *state)
		{
		return true;
		}

		static inline void set_enforcing(struct selinux_state *state, bool value)
		static inline void enforcing_set(struct selinux_state *state, bool value)
		{
		}
		#endif

+3 −3

Original line number	Diff line number	Diff line
		@@ -98,7 +98,7 @@ static ssize_t sel_read_enforce(struct file filp, char __user buf,
		ssize_t length;

		length = scnprintf(tmpbuf, TMPBUFLEN, "%d",
		is_enforcing(&selinux_state));
		enforcing_enabled(&selinux_state));
		return simple_read_from_buffer(buf, count, ppos, tmpbuf, length);
		}

		@@ -128,7 +128,7 @@ static ssize_t sel_write_enforce(struct file file, const char __user buf,

		new_value = !!new_value;

		old_value = is_enforcing(&selinux_state);
		old_value = enforcing_enabled(&selinux_state);

		if (new_value != old_value) {
		length = avc_has_perm(current_sid(), SECINITSID_SECURITY,
		@@ -141,7 +141,7 @@ static ssize_t sel_write_enforce(struct file file, const char __user buf,
		new_value, old_value,
		from_kuid(&init_user_ns, audit_get_loginuid(current)),
		audit_get_sessionid(current));
		set_enforcing(&selinux_state, new_value);
		enforcing_set(&selinux_state, new_value);
		if (new_value)
		avc_ss_reset(0);
		selnl_notify_setenforce(new_value);

+3 −3

Original line number	Diff line number	Diff line
		@@ -752,7 +752,7 @@ static int security_validtrans_handle_fail(struct selinux_state *state,
		kfree(n);
		kfree(t);

		if (!is_enforcing(state))
		if (!enforcing_enabled(state))
		return 0;
		return -EPERM;
		}
		@@ -1596,7 +1596,7 @@ static int compute_sid_handle_invalid_context(
		kfree(s);
		kfree(t);
		kfree(n);
		if (!is_enforcing(state))
		if (!enforcing_enabled(state))
		return 0;
		return -EACCES;
		}
		@@ -1907,7 +1907,7 @@ static inline int convert_context_handle_invalid_context(
		char *s;
		u32 len;

		if (is_enforcing(state))
		if (enforcing_enabled(state))
		return -EINVAL;

		if (!context_struct_to_string(policydb, context, &s, &len)) {