selinux: Refactor selinuxfs directory populating functions

Make sel_make_bools and sel_make_classes take the specific elements of selinux_fs_info that they need rather than the entire struct. This will allow a future patch to pass temporary elements that are not in the selinux_fs_info struct to these functions so that the original elements can be preserved until we are ready to perform the switch over. Signed-off-by: Daniel Burgener <dburgener@linux.microsoft.com> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com> Signed-off-by: Paul Moore <paul@paul-moore.com>

selinux: Refactor selinuxfs directory populating functions
Make sel_make_bools and sel_make_classes take the specific elements of selinux_fs_info that they need rather than the entire struct. This will allow a future patch to pass temporary elements that are not in the selinux_fs_info struct to these functions so that the original elements can be preserved until we are ready to perform the switch over. Signed-off-by: Daniel Burgener <dburgener@linux.microsoft.com> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
66ec384a · Daniel Burgener · Paul Moore · aeecf4a3 · 66ec384a
Commit 66ec384a authored Aug 19, 2020 by Daniel Burgener Committed by Paul Moore Aug 21, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 20 deletions

security/selinux/selinuxfs.c security/selinux/selinuxfs.c +25 -20

No files found.
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -346,10 +346,12 @@ static const struct file_operations sel_policyvers_ops = {
 };
 /* declaration for sel_write_load */
-static int sel_make_bools(struct selinux_fs_info *fsi,
+static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir,
-			struct selinux_policy *newpolicy);
+			  unsigned int *bool_num, char ***bool_pending_names,
-static int sel_make_classes(struct selinux_fs_info *fsi,
+			  unsigned int **bool_pending_values);
-			struct selinux_policy *newpolicy);
+static int sel_make_classes(struct selinux_policy *newpolicy,
+			    struct dentry *class_dir,
+			    unsigned long *last_class_ino);
 /* declaration for sel_make_class_dirs */
 static struct dentry *sel_make_dir(struct dentry *dir, const char *name,
@@ -539,13 +541,15 @@ static int sel_make_policy_nodes(struct selinux_fs_info *fsi,
 	sel_remove_old_policy_nodes(fsi);
-	ret = sel_make_bools(fsi, newpolicy);
+	ret = sel_make_bools(newpolicy, fsi->bool_dir, &fsi->bool_num,
+			     &fsi->bool_pending_names, &fsi->bool_pending_values);
 	if (ret) {
 		pr_err("SELinux: failed to load policy booleans\n");
 		return ret;
 	}
-	ret = sel_make_classes(fsi, newpolicy);
+	ret = sel_make_classes(newpolicy, fsi->class_dir,
+			       &fsi->last_class_ino);
 	if (ret) {
 		pr_err("SELinux: failed to load policy classes\n");
 		return ret;
@@ -1359,13 +1363,13 @@ static void sel_remove_entries(struct dentry *de)
 #define BOOL_DIR_NAME "booleans"
-static int sel_make_bools(struct selinux_fs_info *fsi,
+static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir,
-			struct selinux_policy *newpolicy)
+			  unsigned int *bool_num, char ***bool_pending_names,
+			  unsigned int **bool_pending_values)
 {
 	int ret;
 	ssize_t len;
 	struct dentry *dentry = NULL;
-	struct dentry *dir = fsi->bool_dir;
 	struct inode *inode = NULL;
 	struct inode_security_struct *isec;
 	char **names = NULL, *page;
@@ -1384,12 +1388,12 @@ static int sel_make_bools(struct selinux_fs_info *fsi,
 	for (i = 0; i < num; i++) {
 		ret = -ENOMEM;
-		dentry = d_alloc_name(dir, names[i]);
+		dentry = d_alloc_name(bool_dir, names[i]);
 		if (!dentry)
 			goto out;
 		ret = -ENOMEM;
-		inode = sel_make_inode(dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR);
+		inode = sel_make_inode(bool_dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR);
 		if (!inode) {
 			dput(dentry);
 			goto out;
@@ -1418,9 +1422,9 @@ static int sel_make_bools(struct selinux_fs_info *fsi,
 		inode->i_ino = i|SEL_BOOL_INO_OFFSET;
 		d_add(dentry, inode);
 	}
-	fsi->bool_num = num;
+	*bool_num = num;
-	fsi->bool_pending_names = names;
+	*bool_pending_names = names;
-	fsi->bool_pending_values = values;
+	*bool_pending_values = values;
 	free_page((unsigned long)page);
 	return 0;
@@ -1433,7 +1437,7 @@ static int sel_make_bools(struct selinux_fs_info *fsi,
 		kfree(names);
 	}
 	kfree(values);
-	sel_remove_entries(dir);
+	sel_remove_entries(bool_dir);
 	return ret;
 }
@@ -1880,8 +1884,9 @@ static int sel_make_class_dir_entries(struct selinux_policy *newpolicy,
 	return rc;
 }
-static int sel_make_classes(struct selinux_fs_info *fsi,
+static int sel_make_classes(struct selinux_policy *newpolicy,
-			struct selinux_policy *newpolicy)
+			    struct dentry *class_dir,
+			    unsigned long *last_class_ino)
 {
 	int rc, nclasses, i;
@@ -1892,13 +1897,13 @@ static int sel_make_classes(struct selinux_fs_info *fsi,
 		return rc;
 	/* +2 since classes are 1-indexed */
-	fsi->last_class_ino = sel_class_to_ino(nclasses + 2);
+	*last_class_ino = sel_class_to_ino(nclasses + 2);
 	for (i = 0; i < nclasses; i++) {
 		struct dentry *class_name_dir;
-		class_name_dir = sel_make_dir(fsi->class_dir, classes[i],
+		class_name_dir = sel_make_dir(class_dir, classes[i],
-					      &fsi->last_class_ino);
+					      last_class_ino);
 		if (IS_ERR(class_name_dir)) {
 			rc = PTR_ERR(class_name_dir);
 			goto out;