| Message ID | 20220125141422.32655-3-cgzones@googlemail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | [1/9] selinux: check return value of sel_make_avc_files | expand |
On Tue, Jan 25, 2022 at 6:14 AM Christian Göttsche <cgzones@googlemail.com> wrote: > > Enclose the macro arguments in parenthesis to avoid potential evaluation > order issues. > > Note the xperm and ebitmap macros are still not side-effect safe due to > double evaluation. > > Reported by clang-tidy [bugprone-macro-parentheses] Good idea to run clang-tidy :) Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > --- > security/selinux/include/security.h | 4 ++-- > security/selinux/ss/ebitmap.h | 6 +++--- > security/selinux/ss/sidtab.c | 4 ++-- > 3 files changed, 7 insertions(+), 7 deletions(-) > > diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h > index 6482e0efb368..d91a5672de99 100644 > --- a/security/selinux/include/security.h > +++ b/security/selinux/include/security.h > @@ -254,8 +254,8 @@ struct av_decision { > #define XPERMS_AUDITALLOW 2 > #define XPERMS_DONTAUDIT 4 > > -#define security_xperm_set(perms, x) (perms[x >> 5] |= 1 << (x & 0x1f)) > -#define security_xperm_test(perms, x) (1 & (perms[x >> 5] >> (x & 0x1f))) > +#define security_xperm_set(perms, x) ((perms)[(x) >> 5] |= 1 << ((x) & 0x1f)) > +#define security_xperm_test(perms, x) (1 & ((perms)[(x) >> 5] >> ((x) & 0x1f))) > struct extended_perms_data { > u32 p[8]; > }; > diff --git a/security/selinux/ss/ebitmap.h b/security/selinux/ss/ebitmap.h > index 9eb2d0af2805..58eb822f11ee 100644 > --- a/security/selinux/ss/ebitmap.h > +++ b/security/selinux/ss/ebitmap.h > @@ -118,9 +118,9 @@ static inline void ebitmap_node_clr_bit(struct ebitmap_node *n, > } > > #define ebitmap_for_each_positive_bit(e, n, bit) \ > - for (bit = ebitmap_start_positive(e, &n); \ > - bit < ebitmap_length(e); \ > - bit = ebitmap_next_positive(e, &n, bit)) \ > + for ((bit) = ebitmap_start_positive(e, &(n)); \ > + (bit) < ebitmap_length(e); \ > + (bit) = ebitmap_next_positive(e, &(n), bit)) \ > > int ebitmap_cmp(struct ebitmap *e1, struct ebitmap *e2); > int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src); > diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c > index 293ec048af08..a54b8652bfb5 100644 > --- a/security/selinux/ss/sidtab.c > +++ b/security/selinux/ss/sidtab.c > @@ -27,8 +27,8 @@ struct sidtab_str_cache { > char str[]; > }; > > -#define index_to_sid(index) (index + SECINITSID_NUM + 1) > -#define sid_to_index(sid) (sid - (SECINITSID_NUM + 1)) > +#define index_to_sid(index) ((index) + SECINITSID_NUM + 1) > +#define sid_to_index(sid) ((sid) - (SECINITSID_NUM + 1)) > > int sidtab_init(struct sidtab *s) > { > -- > 2.34.1 >
On Tue, Jan 25, 2022 at 9:14 AM Christian Göttsche <cgzones@googlemail.com> wrote: > > Enclose the macro arguments in parenthesis to avoid potential evaluation > order issues. > > Note the xperm and ebitmap macros are still not side-effect safe due to > double evaluation. > > Reported by clang-tidy [bugprone-macro-parentheses] > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > --- > security/selinux/include/security.h | 4 ++-- > security/selinux/ss/ebitmap.h | 6 +++--- > security/selinux/ss/sidtab.c | 4 ++-- > 3 files changed, 7 insertions(+), 7 deletions(-) Merged, thanks.
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 6482e0efb368..d91a5672de99 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -254,8 +254,8 @@ struct av_decision { #define XPERMS_AUDITALLOW 2 #define XPERMS_DONTAUDIT 4 -#define security_xperm_set(perms, x) (perms[x >> 5] |= 1 << (x & 0x1f)) -#define security_xperm_test(perms, x) (1 & (perms[x >> 5] >> (x & 0x1f))) +#define security_xperm_set(perms, x) ((perms)[(x) >> 5] |= 1 << ((x) & 0x1f)) +#define security_xperm_test(perms, x) (1 & ((perms)[(x) >> 5] >> ((x) & 0x1f))) struct extended_perms_data { u32 p[8]; }; diff --git a/security/selinux/ss/ebitmap.h b/security/selinux/ss/ebitmap.h index 9eb2d0af2805..58eb822f11ee 100644 --- a/security/selinux/ss/ebitmap.h +++ b/security/selinux/ss/ebitmap.h @@ -118,9 +118,9 @@ static inline void ebitmap_node_clr_bit(struct ebitmap_node *n, } #define ebitmap_for_each_positive_bit(e, n, bit) \ - for (bit = ebitmap_start_positive(e, &n); \ - bit < ebitmap_length(e); \ - bit = ebitmap_next_positive(e, &n, bit)) \ + for ((bit) = ebitmap_start_positive(e, &(n)); \ + (bit) < ebitmap_length(e); \ + (bit) = ebitmap_next_positive(e, &(n), bit)) \ int ebitmap_cmp(struct ebitmap *e1, struct ebitmap *e2); int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src); diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c index 293ec048af08..a54b8652bfb5 100644 --- a/security/selinux/ss/sidtab.c +++ b/security/selinux/ss/sidtab.c @@ -27,8 +27,8 @@ struct sidtab_str_cache { char str[]; }; -#define index_to_sid(index) (index + SECINITSID_NUM + 1) -#define sid_to_index(sid) (sid - (SECINITSID_NUM + 1)) +#define index_to_sid(index) ((index) + SECINITSID_NUM + 1) +#define sid_to_index(sid) ((sid) - (SECINITSID_NUM + 1)) int sidtab_init(struct sidtab *s) {
Enclose the macro arguments in parenthesis to avoid potential evaluation order issues. Note the xperm and ebitmap macros are still not side-effect safe due to double evaluation. Reported by clang-tidy [bugprone-macro-parentheses] Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- security/selinux/include/security.h | 4 ++-- security/selinux/ss/ebitmap.h | 6 +++--- security/selinux/ss/sidtab.c | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-)