summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorChristian Göttsche <cgzones@googlemail.com>2023-08-07 19:11:37 +0200
committerPaul Moore <paul@paul-moore.com>2023-08-09 19:07:48 -0400
commit002903e1d10fd8c9e215d88e0c71f609a4af5755 (patch)
treece5307cb032160401126ed52c2b937f9b253ec29 /security
parentdf9d4749250dd8ed56a91336c3c54ea7a52fd1c7 (diff)
selinux: update type for number of class permissions in services code
Security classes have only up to 32 permissions, hence using an u16 is sufficient (while improving padding in struct selinux_mapping). Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/ss/services.c2
-rw-r--r--security/selinux/ss/services.h2
2 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 3ec0bb39c234..dacec2ebdcd7 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -97,7 +97,6 @@ static int selinux_set_mapping(struct policydb *pol,
struct selinux_map *out_map)
{
u16 i, j;
- unsigned k;
bool print_unknown_handle = false;
/* Find number of classes in the input mapping */
@@ -117,6 +116,7 @@ static int selinux_set_mapping(struct policydb *pol,
while (map[j].name) {
const struct security_class_mapping *p_in = map + (j++);
struct selinux_mapping *p_out = out_map->mapping + j;
+ u16 k;
/* An empty class string skips ahead */
if (!strcmp(p_in->name, "")) {
diff --git a/security/selinux/ss/services.h b/security/selinux/ss/services.h
index ed2ee6600467..d24b0a3d198e 100644
--- a/security/selinux/ss/services.h
+++ b/security/selinux/ss/services.h
@@ -12,7 +12,7 @@
/* Mapping for a single class */
struct selinux_mapping {
u16 value; /* policy value for class */
- unsigned int num_perms; /* number of permissions in class */
+ u16 num_perms; /* number of permissions in class */
u32 perms[sizeof(u32) * 8]; /* policy values for permissions */
};