>From 068e74f571854d47c3778b392055265fd2aa70cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=A1draig=20Brady?= Date: Tue, 1 Jul 2014 02:44:10 +0100 Subject: [PATCH] maint: fix const correctness warnings with security_context_t The security_context_t type was always an artificial separation from a standard char* string, and various libselinux using code assumed both were synonymous. In addition, prior to libselinux 2.3 function declarations were incorrect wrt constness of this type. Here we replace security_context_t with char*, and also provide a wrapper function to cater for the const issue on older libselinux. * src/system.h (se_const): A new function to avoid and identify the const issue on older libselinux. * src/copy.c: s/security_context_t/char */. * src/cp.c: Likewise. * src/id.c: Likewise. * src/install.c: Likewise. * src/ls.c: Likewise. * src/mkdir.c: Likewise. * src/mkfifo.c: Likewise. * src/mknod.c: Likewise. * src/runcon.c: Likewise. * src/selinux.c: Likewise. * tests/cp/no-ctx.sh: Likewise. * src/chcon.c: Likesize. --- src/chcon.c | 16 ++++++++-------- src/copy.c | 2 +- src/cp.c | 4 ++-- src/id.c | 4 ++-- src/install.c | 10 +++++----- src/ls.c | 2 +- src/mkdir.c | 4 ++-- src/mkfifo.c | 4 ++-- src/mknod.c | 4 ++-- src/runcon.c | 6 +++--- src/selinux.c | 12 +++++++----- src/system.h | 6 ++++++ tests/cp/no-ctx.sh | 4 ++-- 13 files changed, 43 insertions(+), 35 deletions(-) diff --git a/src/chcon.c b/src/chcon.c index 6940cf5..e253a46 100644 --- a/src/chcon.c +++ b/src/chcon.c @@ -91,7 +91,7 @@ static struct option const long_options[] = setting any portions selected via the global variables, specified_user, specified_role, etc. */ static int -compute_context_from_mask (security_context_t context, context_t *ret) +compute_context_from_mask (char const *context, context_t *ret) { bool ok = true; context_t new_context = context_new (context); @@ -140,9 +140,9 @@ compute_context_from_mask (security_context_t context, context_t *ret) static int change_file_context (int fd, char const *file) { - security_context_t file_context = NULL; + char *file_context = NULL; context_t context IF_LINT (= NULL); - security_context_t context_string; + char const * context_string; int errors = 0; if (specified_context == NULL) @@ -181,8 +181,8 @@ change_file_context (int fd, char const *file) if (file_context == NULL || ! STREQ (context_string, file_context)) { int fail = (affect_symlink_referent - ? setfileconat (fd, file, context_string) - : lsetfileconat (fd, file, context_string)); + ? setfileconat (fd, file, se_const (context_string)) + : lsetfileconat (fd, file, se_const (context_string))); if (fail) { @@ -409,8 +409,6 @@ one takes effect.\n\ int main (int argc, char **argv) { - security_context_t ref_context = NULL; - /* Bit flags that control how fts works. */ int bit_flags = FTS_PHYSICAL; @@ -542,6 +540,8 @@ main (int argc, char **argv) if (reference_file) { + char *ref_context = NULL; + if (getfilecon (reference_file, &ref_context) < 0) error (EXIT_FAILURE, errno, _("failed to get security context of %s"), quote (reference_file)); @@ -556,7 +556,7 @@ main (int argc, char **argv) else { specified_context = argv[optind++]; - if (security_check_context (specified_context) < 0) + if (security_check_context (se_const (specified_context)) < 0) error (EXIT_FAILURE, errno, _("invalid context: %s"), quotearg_colon (specified_context)); } diff --git a/src/copy.c b/src/copy.c index eee918a..26d5bdd 100644 --- a/src/copy.c +++ b/src/copy.c @@ -779,7 +779,7 @@ set_process_security_ctx (char const *src_name, char const *dst_name, /* Set the default context for the process to match the source. */ bool all_errors = !x->data_copy_required || x->require_preserve_context; bool some_errors = !all_errors && !x->reduce_diagnostics; - security_context_t con; + char *con; if (0 <= lgetfilecon (src_name, &con)) { diff --git a/src/cp.c b/src/cp.c index a254116..99cafa7 100644 --- a/src/cp.c +++ b/src/cp.c @@ -926,7 +926,7 @@ main (int argc, char **argv) bool copy_contents = false; char *target_directory = NULL; bool no_target_directory = false; - security_context_t scontext = NULL; + char const *scontext = NULL; initialize_main (&argc, &argv); set_program_name (argv[0]); @@ -1196,7 +1196,7 @@ main (int argc, char **argv) if (scontext) restorecon (dst_path, 0, true); */ - if (scontext && setfscreatecon (scontext) < 0) + if (scontext && setfscreatecon (se_const (scontext)) < 0) error (EXIT_FAILURE, errno, _("failed to set default file creation context to %s"), quote (scontext)); diff --git a/src/id.c b/src/id.c index f46bb41..ccd1e87 100644 --- a/src/id.c +++ b/src/id.c @@ -58,7 +58,7 @@ static bool ok = true; /* The SELinux context. Start with a known invalid value so print_full_info knows when 'context' has not been set to a meaningful value. */ -static security_context_t context = NULL; +static char *context = NULL; static struct option const longopts[] = { @@ -220,7 +220,7 @@ main (int argc, char **argv) /* Report failure only if --context (-Z) was explicitly requested. */ if ((selinux_enabled && getcon (&context) && just_context) || (smack_enabled - && smack_new_label_from_self ((char **) &context) < 0 + && smack_new_label_from_self (&context) < 0 && just_context)) error (EXIT_FAILURE, 0, _("can't get process context")); } diff --git a/src/install.c b/src/install.c index e7de260..c342422 100644 --- a/src/install.c +++ b/src/install.c @@ -218,8 +218,8 @@ need_copy (const char *src_name, const char *dest_name, /* compare SELinux context if preserving */ if (selinux_enabled && x->preserve_security_context) { - security_context_t file_scontext = NULL; - security_context_t to_scontext = NULL; + char *file_scontext = NULL; + char *to_scontext = NULL; bool scontext_match; if (getfilecon (src_name, &file_scontext) == -1) @@ -312,7 +312,7 @@ static void setdefaultfilecon (char const *file) { struct stat st; - security_context_t scontext = NULL; + char *scontext = NULL; static bool first_call = true; if (selinux_enabled != 1) @@ -786,7 +786,7 @@ main (int argc, char **argv) int n_files; char **file; bool strip_program_specified = false; - security_context_t scontext = NULL; + char const *scontext = NULL; /* set iff kernel has extra selinux system calls */ selinux_enabled = (0 < is_selinux_enabled ()); @@ -943,7 +943,7 @@ main (int argc, char **argv) error (EXIT_FAILURE, 0, _("cannot set target context and preserve it")); - if (scontext && setfscreatecon (scontext) < 0) + if (scontext && setfscreatecon (se_const (scontext)) < 0) error (EXIT_FAILURE, errno, _("failed to set default file creation context to %s"), quote (scontext)); diff --git a/src/ls.c b/src/ls.c index 54c6705..cd5996e 100644 --- a/src/ls.c +++ b/src/ls.c @@ -208,7 +208,7 @@ struct fileinfo mode_t linkmode; /* security context. */ - security_context_t scontext; + char *scontext; bool stat_ok; diff --git a/src/mkdir.c b/src/mkdir.c index 04367eb..eb9693c 100644 --- a/src/mkdir.c +++ b/src/mkdir.c @@ -200,7 +200,7 @@ main (int argc, char **argv) { const char *specified_mode = NULL; int optc; - security_context_t scontext = NULL; + char const *scontext = NULL; struct mkdir_options options; options.make_ancestor_function = NULL; @@ -272,7 +272,7 @@ main (int argc, char **argv) if (is_smack_enabled ()) ret = smack_set_label_for_self (scontext); else - ret = setfscreatecon (scontext); + ret = setfscreatecon (se_const (scontext)); if (ret < 0) error (EXIT_FAILURE, errno, diff --git a/src/mkfifo.c b/src/mkfifo.c index 5a52d6a..415ae56 100644 --- a/src/mkfifo.c +++ b/src/mkfifo.c @@ -79,7 +79,7 @@ main (int argc, char **argv) char const *specified_mode = NULL; int exit_status = EXIT_SUCCESS; int optc; - security_context_t scontext = NULL; + char const *scontext = NULL; bool set_security_context = false; initialize_main (&argc, &argv); @@ -136,7 +136,7 @@ main (int argc, char **argv) if (is_smack_enabled ()) ret = smack_set_label_for_self (scontext); else - ret = setfscreatecon (scontext); + ret = setfscreatecon (se_const (scontext)); if (ret < 0) error (EXIT_FAILURE, errno, diff --git a/src/mknod.c b/src/mknod.c index 6e67094..8f547e9 100644 --- a/src/mknod.c +++ b/src/mknod.c @@ -96,7 +96,7 @@ main (int argc, char **argv) int optc; int expected_operands; mode_t node_type; - security_context_t scontext = NULL; + char const *scontext = NULL; bool set_security_context = false; initialize_main (&argc, &argv); @@ -192,7 +192,7 @@ main (int argc, char **argv) if (is_smack_enabled ()) ret = smack_set_label_for_self (scontext); else - ret = setfscreatecon (scontext); + ret = setfscreatecon (se_const (scontext)); if (ret < 0) error (EXIT_FAILURE, errno, diff --git a/src/runcon.c b/src/runcon.c index 78ba79b..14ccc3d 100644 --- a/src/runcon.c +++ b/src/runcon.c @@ -115,9 +115,9 @@ main (int argc, char **argv) char *user = NULL; char *type = NULL; char *context = NULL; - security_context_t cur_context = NULL; - security_context_t file_context = NULL; - security_context_t new_context = NULL; + char *cur_context = NULL; + char *file_context = NULL; + char *new_context = NULL; bool compute_trans = false; context_t con; diff --git a/src/selinux.c b/src/selinux.c index 016db16..ae454f8 100644 --- a/src/selinux.c +++ b/src/selinux.c @@ -72,10 +72,10 @@ mode_to_security_class (mode_t m) */ static int -computecon (char const *path, mode_t mode, security_context_t * con) +computecon (char const *path, mode_t mode, char **con) { - security_context_t scon = NULL; - security_context_t tcon = NULL; + char *scon = NULL; + char *tcon = NULL; security_class_t tclass; int rc = -1; @@ -111,7 +111,8 @@ int defaultcon (char const *path, mode_t mode) { int rc = -1; - security_context_t scon = NULL, tcon = NULL; + char *scon = NULL; + char *tcon = NULL; context_t scontext = 0, tcontext = 0; const char *contype; char *constr; @@ -182,7 +183,8 @@ restorecon_private (char const *path, bool local) { int rc = -1; struct stat sb; - security_context_t scon = NULL, tcon = NULL; + char *scon = NULL; + char *tcon = NULL; context_t scontext = 0, tcontext = 0; const char *contype; char *constr; diff --git a/src/system.h b/src/system.h index f295ad1..074aa70 100644 --- a/src/system.h +++ b/src/system.h @@ -657,3 +657,9 @@ stzncpy (char *restrict dest, char const *restrict src, size_t len) #ifndef ARRAY_CARDINALITY # define ARRAY_CARDINALITY(Array) (sizeof (Array) / sizeof *(Array)) #endif + +/* Avoid const warnings by casting const to non const. + This is to cater for the incorrect const function declarations + in selinux.h before libselinux-2.3 (May 2014). + When version >= 2.3 is ubiquitous remove this function. */ +static inline char * se_const (char const * sctx) { return (char *) sctx; } diff --git a/tests/cp/no-ctx.sh b/tests/cp/no-ctx.sh index 059c84f..8b1328a 100755 --- a/tests/cp/no-ctx.sh +++ b/tests/cp/no-ctx.sh @@ -30,7 +30,7 @@ cat > k.c <<'EOF' || framework_failure_ #include #include -int getfilecon (const char *path, security_context_t *con) +int getfilecon (const char *path, char **con) { /* Leave a marker so we can identify if the function was intercepted. */ fclose(fopen("preloaded", "w")); @@ -39,7 +39,7 @@ int getfilecon (const char *path, security_context_t *con) return -1; } -int lgetfilecon (const char *path, security_context_t *con) +int lgetfilecon (const char *path, char **con) { return getfilecon (path, con); } EOF -- 1.7.7.6