diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2020-08-04 14:18:01 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2020-08-04 14:18:01 -0700 |
commit | 49e917deeb81e263bcdb4b20e61ca18111995ffe (patch) | |
tree | 31017b610aef624e151be0a74535f01bbca7cb09 /scripts | |
parent | 9ecc6ea491f0c0531ad81ef9466284df260b2227 (diff) | |
parent | 54b27f9287a7b3dfc85549f01fc9d292c92c68b9 (diff) | |
download | lwn-49e917deeb81e263bcdb4b20e61ca18111995ffe.tar.gz lwn-49e917deeb81e263bcdb4b20e61ca18111995ffe.zip |
Merge tag 'selinux-pr-20200803' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull selinux updates from Paul Moore:
"Beyond the usual smattering of bug fixes, we've got three small
improvements worth highlighting:
- improved SELinux policy symbol table performance due to a reworking
of the insert and search functions
- allow reading of SELinux labels before the policy is loaded,
allowing for some more "exotic" initramfs approaches
- improved checking an error reporting about process
class/permissions during SELinux policy load"
* tag 'selinux-pr-20200803' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
selinux: complete the inlining of hashtab functions
selinux: prepare for inlining of hashtab functions
selinux: specialize symtab insert and search functions
selinux: Fix spelling mistakes in the comments
selinux: fixed a checkpatch warning with the sizeof macro
selinux: log error messages on required process class / permissions
scripts/selinux/mdp: fix initial SID handling
selinux: allow reading labels before policy is loaded
Diffstat (limited to 'scripts')
-rw-r--r-- | scripts/selinux/mdp/mdp.c | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/scripts/selinux/mdp/mdp.c b/scripts/selinux/mdp/mdp.c index 576d11a60417..6ceb88eb9b59 100644 --- a/scripts/selinux/mdp/mdp.c +++ b/scripts/selinux/mdp/mdp.c @@ -67,8 +67,14 @@ int main(int argc, char *argv[]) initial_sid_to_string_len = sizeof(initial_sid_to_string) / sizeof (char *); /* print out the sids */ - for (i = 1; i < initial_sid_to_string_len; i++) - fprintf(fout, "sid %s\n", initial_sid_to_string[i]); + for (i = 1; i < initial_sid_to_string_len; i++) { + const char *name = initial_sid_to_string[i]; + + if (name) + fprintf(fout, "sid %s\n", name); + else + fprintf(fout, "sid unused%d\n", i); + } fprintf(fout, "\n"); /* print out the class permissions */ @@ -126,9 +132,16 @@ int main(int argc, char *argv[]) #define OBJUSERROLETYPE "user_u:object_r:base_t" /* default sids */ - for (i = 1; i < initial_sid_to_string_len; i++) - fprintf(fout, "sid %s " SUBJUSERROLETYPE "%s\n", - initial_sid_to_string[i], mls ? ":" SYSTEMLOW : ""); + for (i = 1; i < initial_sid_to_string_len; i++) { + const char *name = initial_sid_to_string[i]; + + if (name) + fprintf(fout, "sid %s ", name); + else + fprintf(fout, "sid unused%d\n", i); + fprintf(fout, SUBJUSERROLETYPE "%s\n", + mls ? ":" SYSTEMLOW : ""); + } fprintf(fout, "\n"); #define FS_USE(behavior, fstype) \ |