From 244b2c5ca8b14627e4a17755e5922221e121c771 Mon Sep 17 00:00:00 2001
From: hc <hc@nodka.com>
Date: Wed, 09 Oct 2024 06:15:07 +0000
Subject: [PATCH] change system file

---
 kernel/scripts/selinux/genheaders/genheaders.c |   38 ++++++++++++++++----------------------
 1 files changed, 16 insertions(+), 22 deletions(-)

diff --git a/kernel/scripts/selinux/genheaders/genheaders.c b/kernel/scripts/selinux/genheaders/genheaders.c
index 3cc4893..f355b3e 100644
--- a/kernel/scripts/selinux/genheaders/genheaders.c
+++ b/kernel/scripts/selinux/genheaders/genheaders.c
@@ -18,8 +18,6 @@
 #include "classmap.h"
 #include "initial_sid_to_string.h"
 
-#define max(x, y) (((int)(x) > (int)(y)) ? x : y)
-
 const char *progname;
 
 static void usage(void)
@@ -45,11 +43,9 @@
 
 int main(int argc, char *argv[])
 {
-	int i, j, k;
+	int i, j;
 	int isids_len;
 	FILE *fout;
-	const char *needle = "SOCKET";
-	char *substr;
 
 	progname = argv[0];
 
@@ -71,28 +67,27 @@
 	}
 
 	isids_len = sizeof(initial_sid_to_string) / sizeof (char *);
-	for (i = 1; i < isids_len; i++)
-		initial_sid_to_string[i] = stoupperx(initial_sid_to_string[i]);
+	for (i = 1; i < isids_len; i++) {
+		const char *s = initial_sid_to_string[i];
+
+		if (s)
+			initial_sid_to_string[i] = stoupperx(s);
+	}
 
 	fprintf(fout, "/* This file is automatically generated.  Do not edit. */\n");
 	fprintf(fout, "#ifndef _SELINUX_FLASK_H_\n#define _SELINUX_FLASK_H_\n\n");
 
 	for (i = 0; secclass_map[i].name; i++) {
 		struct security_class_mapping *map = &secclass_map[i];
-		fprintf(fout, "#define SECCLASS_%s", map->name);
-		for (j = 0; j < max(1, 40 - strlen(map->name)); j++)
-			fprintf(fout, " ");
-		fprintf(fout, "%2d\n", i+1);
+		fprintf(fout, "#define SECCLASS_%-39s %2d\n", map->name, i+1);
 	}
 
 	fprintf(fout, "\n");
 
 	for (i = 1; i < isids_len; i++) {
 		const char *s = initial_sid_to_string[i];
-		fprintf(fout, "#define SECINITSID_%s", s);
-		for (j = 0; j < max(1, 40 - strlen(s)); j++)
-			fprintf(fout, " ");
-		fprintf(fout, "%2d\n", i);
+		if (s)
+			fprintf(fout, "#define SECINITSID_%-39s %2d\n", s, i);
 	}
 	fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1);
 	fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n");
@@ -100,9 +95,10 @@
 	fprintf(fout, "\tbool sock = false;\n\n");
 	fprintf(fout, "\tswitch (kern_tclass) {\n");
 	for (i = 0; secclass_map[i].name; i++) {
+		static char s[] = "SOCKET";
 		struct security_class_mapping *map = &secclass_map[i];
-		substr = strstr(map->name, needle);
-		if (substr && strcmp(substr, needle) == 0)
+		int len = strlen(map->name), l = sizeof(s) - 1;
+		if (len >= l && memcmp(map->name + len - l, s, l) == 0)
 			fprintf(fout, "\tcase SECCLASS_%s:\n", map->name);
 	}
 	fprintf(fout, "\t\tsock = true;\n");
@@ -128,17 +124,15 @@
 
 	for (i = 0; secclass_map[i].name; i++) {
 		struct security_class_mapping *map = &secclass_map[i];
+		int len = strlen(map->name);
 		for (j = 0; map->perms[j]; j++) {
 			if (j >= 32) {
 				fprintf(stderr, "Too many permissions to fit into an access vector at (%s, %s).\n",
 					map->name, map->perms[j]);
 				exit(5);
 			}
-			fprintf(fout, "#define %s__%s", map->name,
-				map->perms[j]);
-			for (k = 0; k < max(1, 40 - strlen(map->name) - strlen(map->perms[j])); k++)
-				fprintf(fout, " ");
-			fprintf(fout, "0x%08xU\n", (1<<j));
+			fprintf(fout, "#define %s__%-*s 0x%08xU\n", map->name,
+				39-len, map->perms[j], 1U<<j);
 		}
 	}
 

--
Gitblit v1.6.2