Re: [PATCH 26/33] apparmor: use match_string() helper

2018-05-21 Thread Yisheng Xie 
Hi John,

On 2018/5/21 23:33, John Johansen wrote:
> On 05/21/2018 04:58 AM, Yisheng Xie wrote:
>> match_string() returns the index of an array for a matching string,
>> which can be used intead of open coded variant.
>>
> 
> Andy Shevchenko patch to do the same thing is already in apparmor-next

Sorry, I will drop this one.

Thanks
Yisheng
> 
>> Cc: John Johansen 
>> Cc: James Morris 
>> Cc: "Serge E. Hallyn" 
>> Cc: linux-security-mod...@vger.kernel.org
>> Signed-off-by: Yisheng Xie 
>> ---
>>  security/apparmor/lsm.c | 25 +++--
>>  1 file changed, 11 insertions(+), 14 deletions(-)
>>
>> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
>> index ce2b89e..9b5904f 100644
>> --- a/security/apparmor/lsm.c
>> +++ b/security/apparmor/lsm.c
>> @@ -1378,14 +1378,12 @@ static int param_set_audit(const char *val, const 
>> struct kernel_param *kp)
>>  if (apparmor_initialized && !policy_admin_capable(NULL))
>>  return -EPERM;
>>  
>> -for (i = 0; i < AUDIT_MAX_INDEX; i++) {
>> -if (strcmp(val, audit_mode_names[i]) == 0) {
>> -aa_g_audit = i;
>> -return 0;
>> -}
>> -}
>> +i = match_string(audit_mode_names, AUDIT_MAX_INDEX, val);
>> +if (i < 0)
>> +return -EINVAL;
>>  
>> -return -EINVAL;
>> +aa_g_audit = i;
>> +return 0;
>>  }
>>  
>>  static int param_get_mode(char *buffer, const struct kernel_param *kp)
>> @@ -1409,14 +1407,13 @@ static int param_set_mode(const char *val, const 
>> struct kernel_param *kp)
>>  if (apparmor_initialized && !policy_admin_capable(NULL))
>>  return -EPERM;
>>  
>> -for (i = 0; i < APPARMOR_MODE_NAMES_MAX_INDEX; i++) {
>> -if (strcmp(val, aa_profile_mode_names[i]) == 0) {
>> -aa_g_profile_mode = i;
>> -return 0;
>> -}
>> -}
>> +i = match_string(aa_profile_mode_names,
>> + APPARMOR_MODE_NAMES_MAX_INDEX, val);
>> +if (i)
>> +return -EINVAL;
>>  
>> -return -EINVAL;
>> +aa_g_profile_mode = i;
>> +return 0;
>>  }
>>  
>>  /*
>>
> 
> 
>

Re: [PATCH 26/33] apparmor: use match_string() helper

2018-05-21 Thread Yisheng Xie 
Hi John,

On 2018/5/21 23:33, John Johansen wrote:
> On 05/21/2018 04:58 AM, Yisheng Xie wrote:
>> match_string() returns the index of an array for a matching string,
>> which can be used intead of open coded variant.
>>
> 
> Andy Shevchenko patch to do the same thing is already in apparmor-next

Sorry, I will drop this one.

Thanks
Yisheng
> 
>> Cc: John Johansen 
>> Cc: James Morris 
>> Cc: "Serge E. Hallyn" 
>> Cc: linux-security-mod...@vger.kernel.org
>> Signed-off-by: Yisheng Xie 
>> ---
>>  security/apparmor/lsm.c | 25 +++--
>>  1 file changed, 11 insertions(+), 14 deletions(-)
>>
>> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
>> index ce2b89e..9b5904f 100644
>> --- a/security/apparmor/lsm.c
>> +++ b/security/apparmor/lsm.c
>> @@ -1378,14 +1378,12 @@ static int param_set_audit(const char *val, const 
>> struct kernel_param *kp)
>>  if (apparmor_initialized && !policy_admin_capable(NULL))
>>  return -EPERM;
>>  
>> -for (i = 0; i < AUDIT_MAX_INDEX; i++) {
>> -if (strcmp(val, audit_mode_names[i]) == 0) {
>> -aa_g_audit = i;
>> -return 0;
>> -}
>> -}
>> +i = match_string(audit_mode_names, AUDIT_MAX_INDEX, val);
>> +if (i < 0)
>> +return -EINVAL;
>>  
>> -return -EINVAL;
>> +aa_g_audit = i;
>> +return 0;
>>  }
>>  
>>  static int param_get_mode(char *buffer, const struct kernel_param *kp)
>> @@ -1409,14 +1407,13 @@ static int param_set_mode(const char *val, const 
>> struct kernel_param *kp)
>>  if (apparmor_initialized && !policy_admin_capable(NULL))
>>  return -EPERM;
>>  
>> -for (i = 0; i < APPARMOR_MODE_NAMES_MAX_INDEX; i++) {
>> -if (strcmp(val, aa_profile_mode_names[i]) == 0) {
>> -aa_g_profile_mode = i;
>> -return 0;
>> -}
>> -}
>> +i = match_string(aa_profile_mode_names,
>> + APPARMOR_MODE_NAMES_MAX_INDEX, val);
>> +if (i)
>> +return -EINVAL;
>>  
>> -return -EINVAL;
>> +aa_g_profile_mode = i;
>> +return 0;
>>  }
>>  
>>  /*
>>
> 
> 
>

Re: [PATCH 26/33] apparmor: use match_string() helper

2018-05-21 Thread Andy Shevchenko 
On Mon, May 21, 2018 at 2:58 PM, Yisheng Xie  wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.

http://kernsec.org/pipermail/linux-security-module-archi

> Cc: John Johansen 
> Cc: James Morris 
> Cc: "Serge E. Hallyn" 
> Cc: linux-security-mod...@vger.kernel.org

-- 
With Best Regards,
Andy Shevchenko

Re: [PATCH 26/33] apparmor: use match_string() helper

2018-05-21 Thread Andy Shevchenko 
On Mon, May 21, 2018 at 2:58 PM, Yisheng Xie  wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.

http://kernsec.org/pipermail/linux-security-module-archi

> Cc: John Johansen 
> Cc: James Morris 
> Cc: "Serge E. Hallyn" 
> Cc: linux-security-mod...@vger.kernel.org

-- 
With Best Regards,
Andy Shevchenko

Re: [PATCH 26/33] apparmor: use match_string() helper

2018-05-21 Thread John Johansen 
On 05/21/2018 04:58 AM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
> 

Andy Shevchenko patch to do the same thing is already in apparmor-next

> Cc: John Johansen 
> Cc: James Morris 
> Cc: "Serge E. Hallyn" 
> Cc: linux-security-mod...@vger.kernel.org
> Signed-off-by: Yisheng Xie 
> ---
>  security/apparmor/lsm.c | 25 +++--
>  1 file changed, 11 insertions(+), 14 deletions(-)
> 
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index ce2b89e..9b5904f 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -1378,14 +1378,12 @@ static int param_set_audit(const char *val, const 
> struct kernel_param *kp)
>   if (apparmor_initialized && !policy_admin_capable(NULL))
>   return -EPERM;
>  
> - for (i = 0; i < AUDIT_MAX_INDEX; i++) {
> - if (strcmp(val, audit_mode_names[i]) == 0) {
> - aa_g_audit = i;
> - return 0;
> - }
> - }
> + i = match_string(audit_mode_names, AUDIT_MAX_INDEX, val);
> + if (i < 0)
> + return -EINVAL;
>  
> - return -EINVAL;
> + aa_g_audit = i;
> + return 0;
>  }
>  
>  static int param_get_mode(char *buffer, const struct kernel_param *kp)
> @@ -1409,14 +1407,13 @@ static int param_set_mode(const char *val, const 
> struct kernel_param *kp)
>   if (apparmor_initialized && !policy_admin_capable(NULL))
>   return -EPERM;
>  
> - for (i = 0; i < APPARMOR_MODE_NAMES_MAX_INDEX; i++) {
> - if (strcmp(val, aa_profile_mode_names[i]) == 0) {
> - aa_g_profile_mode = i;
> - return 0;
> - }
> - }
> + i = match_string(aa_profile_mode_names,
> +  APPARMOR_MODE_NAMES_MAX_INDEX, val);
> + if (i)
> + return -EINVAL;
>  
> - return -EINVAL;
> + aa_g_profile_mode = i;
> + return 0;
>  }
>  
>  /*
>

Re: [PATCH 26/33] apparmor: use match_string() helper

2018-05-21 Thread John Johansen 
On 05/21/2018 04:58 AM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
> 

Andy Shevchenko patch to do the same thing is already in apparmor-next

> Cc: John Johansen 
> Cc: James Morris 
> Cc: "Serge E. Hallyn" 
> Cc: linux-security-mod...@vger.kernel.org
> Signed-off-by: Yisheng Xie 
> ---
>  security/apparmor/lsm.c | 25 +++--
>  1 file changed, 11 insertions(+), 14 deletions(-)
> 
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index ce2b89e..9b5904f 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -1378,14 +1378,12 @@ static int param_set_audit(const char *val, const 
> struct kernel_param *kp)
>   if (apparmor_initialized && !policy_admin_capable(NULL))
>   return -EPERM;
>  
> - for (i = 0; i < AUDIT_MAX_INDEX; i++) {
> - if (strcmp(val, audit_mode_names[i]) == 0) {
> - aa_g_audit = i;
> - return 0;
> - }
> - }
> + i = match_string(audit_mode_names, AUDIT_MAX_INDEX, val);
> + if (i < 0)
> + return -EINVAL;
>  
> - return -EINVAL;
> + aa_g_audit = i;
> + return 0;
>  }
>  
>  static int param_get_mode(char *buffer, const struct kernel_param *kp)
> @@ -1409,14 +1407,13 @@ static int param_set_mode(const char *val, const 
> struct kernel_param *kp)
>   if (apparmor_initialized && !policy_admin_capable(NULL))
>   return -EPERM;
>  
> - for (i = 0; i < APPARMOR_MODE_NAMES_MAX_INDEX; i++) {
> - if (strcmp(val, aa_profile_mode_names[i]) == 0) {
> - aa_g_profile_mode = i;
> - return 0;
> - }
> - }
> + i = match_string(aa_profile_mode_names,
> +  APPARMOR_MODE_NAMES_MAX_INDEX, val);
> + if (i)
> + return -EINVAL;
>  
> - return -EINVAL;
> + aa_g_profile_mode = i;
> + return 0;
>  }
>  
>  /*
>

[PATCH 26/33] apparmor: use match_string() helper

2018-05-21 Thread Yisheng Xie 
match_string() returns the index of an array for a matching string,
which can be used intead of open coded variant.

Cc: John Johansen 
Cc: James Morris 
Cc: "Serge E. Hallyn" 
Cc: linux-security-mod...@vger.kernel.org
Signed-off-by: Yisheng Xie 
---
 security/apparmor/lsm.c | 25 +++--
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index ce2b89e..9b5904f 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -1378,14 +1378,12 @@ static int param_set_audit(const char *val, const 
struct kernel_param *kp)
if (apparmor_initialized && !policy_admin_capable(NULL))
return -EPERM;
 
-   for (i = 0; i < AUDIT_MAX_INDEX; i++) {
-   if (strcmp(val, audit_mode_names[i]) == 0) {
-   aa_g_audit = i;
-   return 0;
-   }
-   }
+   i = match_string(audit_mode_names, AUDIT_MAX_INDEX, val);
+   if (i < 0)
+   return -EINVAL;
 
-   return -EINVAL;
+   aa_g_audit = i;
+   return 0;
 }
 
 static int param_get_mode(char *buffer, const struct kernel_param *kp)
@@ -1409,14 +1407,13 @@ static int param_set_mode(const char *val, const struct 
kernel_param *kp)
if (apparmor_initialized && !policy_admin_capable(NULL))
return -EPERM;
 
-   for (i = 0; i < APPARMOR_MODE_NAMES_MAX_INDEX; i++) {
-   if (strcmp(val, aa_profile_mode_names[i]) == 0) {
-   aa_g_profile_mode = i;
-   return 0;
-   }
-   }
+   i = match_string(aa_profile_mode_names,
+APPARMOR_MODE_NAMES_MAX_INDEX, val);
+   if (i)
+   return -EINVAL;
 
-   return -EINVAL;
+   aa_g_profile_mode = i;
+   return 0;
 }
 
 /*
-- 
1.7.12.4

[PATCH 26/33] apparmor: use match_string() helper

2018-05-21 Thread Yisheng Xie 
match_string() returns the index of an array for a matching string,
which can be used intead of open coded variant.

Cc: John Johansen 
Cc: James Morris 
Cc: "Serge E. Hallyn" 
Cc: linux-security-mod...@vger.kernel.org
Signed-off-by: Yisheng Xie 
---
 security/apparmor/lsm.c | 25 +++--
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index ce2b89e..9b5904f 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -1378,14 +1378,12 @@ static int param_set_audit(const char *val, const 
struct kernel_param *kp)
if (apparmor_initialized && !policy_admin_capable(NULL))
return -EPERM;
 
-   for (i = 0; i < AUDIT_MAX_INDEX; i++) {
-   if (strcmp(val, audit_mode_names[i]) == 0) {
-   aa_g_audit = i;
-   return 0;
-   }
-   }
+   i = match_string(audit_mode_names, AUDIT_MAX_INDEX, val);
+   if (i < 0)
+   return -EINVAL;
 
-   return -EINVAL;
+   aa_g_audit = i;
+   return 0;
 }
 
 static int param_get_mode(char *buffer, const struct kernel_param *kp)
@@ -1409,14 +1407,13 @@ static int param_set_mode(const char *val, const struct 
kernel_param *kp)
if (apparmor_initialized && !policy_admin_capable(NULL))
return -EPERM;
 
-   for (i = 0; i < APPARMOR_MODE_NAMES_MAX_INDEX; i++) {
-   if (strcmp(val, aa_profile_mode_names[i]) == 0) {
-   aa_g_profile_mode = i;
-   return 0;
-   }
-   }
+   i = match_string(aa_profile_mode_names,
+APPARMOR_MODE_NAMES_MAX_INDEX, val);
+   if (i)
+   return -EINVAL;
 
-   return -EINVAL;
+   aa_g_profile_mode = i;
+   return 0;
 }
 
 /*
-- 
1.7.12.4