Merge tag 'selinux-pr-20240312' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux

Pull selinux updates from Paul Moore:
 "Really only a few notable changes:

   - Continue the coding style/formatting fixup work

     This is the bulk of the diffstat in this pull request, with the
     focus this time around being the security/selinux/ss directory.

     We've only got a couple of files left to cleanup and once we're
     done with that we can start enabling some automatic style
     verfication and introduce tooling to help new folks format their
     code correctly.

   - Don't restrict xattr copy-up when SELinux policy is not loaded

     This helps systems that use overlayfs, or similar filesystems,
     preserve their SELinux labels during early boot when the SELinux
     policy has yet to be loaded.

   - Reduce the work we do during inode initialization time

     This isn't likely to show up in any benchmark results, but we
     removed an unnecessary SELinux object class lookup/calculation
     during inode initialization.

   - Correct the return values in selinux_socket_getpeersec_dgram()

     We had some inconsistencies with respect to our return values
     across selinux_socket_getpeersec_dgram() and
     selinux_socket_getpeersec_stream().

     This provides a more uniform set of error codes across the two
     functions and should help make it easier for users to identify
     the source of a failure"

* tag 'selinux-pr-20240312' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: (24 commits)
  selinux: fix style issues in security/selinux/ss/symtab.c
  selinux: fix style issues in security/selinux/ss/symtab.h
  selinux: fix style issues in security/selinux/ss/sidtab.c
  selinux: fix style issues in security/selinux/ss/sidtab.h
  selinux: fix style issues in security/selinux/ss/services.h
  selinux: fix style issues in security/selinux/ss/policydb.c
  selinux: fix style issues in security/selinux/ss/policydb.h
  selinux: fix style issues in security/selinux/ss/mls_types.h
  selinux: fix style issues in security/selinux/ss/mls.c
  selinux: fix style issues in security/selinux/ss/mls.h
  selinux: fix style issues in security/selinux/ss/hashtab.c
  selinux: fix style issues in security/selinux/ss/hashtab.h
  selinux: fix style issues in security/selinux/ss/ebitmap.c
  selinux: fix style issues in security/selinux/ss/ebitmap.h
  selinux: fix style issues in security/selinux/ss/context.h
  selinux: fix style issues in security/selinux/ss/context.h
  selinux: fix style issues in security/selinux/ss/constraint.h
  selinux: fix style issues in security/selinux/ss/conditional.c
  selinux: fix style issues in security/selinux/ss/conditional.h
  selinux: fix style issues in security/selinux/ss/avtab.c
  ...

1 files changed, 28 insertions, 28 deletions

diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c
index 77875ad355f7..67c1a73cd5ee 100644
--- a/security/selinux/ss/ebitmap.c
+++ b/security/selinux/ss/ebitmap.c
@@ -1,4 +1,4 @@
-// SPDX-License-Identifier: GPL-2.0
+/* SPDX-License-Identifier: GPL-2.0 */
 /*
  * Implementation of the extensible bitmap type.
  *
@@ -6,14 +6,11 @@
  */
 /*
  * Updated: Hewlett-Packard <paul@paul-moore.com>
+ *          Added support to import/export the NetLabel category bitmap
+ *          (c) Copyright Hewlett-Packard Development Company, L.P., 2006
  *
- *      Added support to import/export the NetLabel category bitmap
- *
- * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
- */
-/*
  * Updated: KaiGai Kohei <kaigai@ak.jp.nec.com>
- *      Applied standard bit operations to improve bitmap scanning.
+ *          Applied standard bit operations to improve bitmap scanning.
  */
 
 #include <linux/kernel.h>
@@ -24,7 +21,7 @@
 #include "ebitmap.h"
 #include "policydb.h"
 
-#define BITS_PER_U64	(sizeof(u64) * 8)
+#define BITS_PER_U64 (sizeof(u64) * 8)
 
 static struct kmem_cache *ebitmap_node_cachep __ro_after_init;
 
@@ -37,8 +34,7 @@ int ebitmap_cmp(const struct ebitmap *e1, const struct ebitmap *e2)
 
 	n1 = e1->node;
 	n2 = e2->node;
-	while (n1 && n2 &&
-	       (n1->startbit == n2->startbit) &&
+	while (n1 && n2 && (n1->startbit == n2->startbit) &&
 	       !memcmp(n1->maps, n2->maps, EBITMAP_SIZE / 8)) {
 		n1 = n1->next;
 		n2 = n2->next;
@@ -79,14 +75,16 @@ int ebitmap_cpy(struct ebitmap *dst, const struct ebitmap *src)
 	return 0;
 }
 
-int ebitmap_and(struct ebitmap *dst, const struct ebitmap *e1, const struct ebitmap *e2)
+int ebitmap_and(struct ebitmap *dst, const struct ebitmap *e1,
+		const struct ebitmap *e2)
 {
 	struct ebitmap_node *n;
 	int bit, rc;
 
 	ebitmap_init(dst);
 
-	ebitmap_for_each_positive_bit(e1, n, bit) {
+	ebitmap_for_each_positive_bit(e1, n, bit)
+	{
 		if (ebitmap_get_bit(e2, bit)) {
 			rc = ebitmap_set_bit(dst, bit, 1);
 			if (rc < 0)
@@ -96,7 +94,6 @@ int ebitmap_and(struct ebitmap *dst, const struct ebitmap *e1, const struct ebit
 	return 0;
 }
 
-
 #ifdef CONFIG_NETLABEL
 /**
  * ebitmap_netlbl_export - Export an ebitmap into a NetLabel category bitmap
@@ -131,10 +128,8 @@ int ebitmap_netlbl_export(struct ebitmap *ebmap,
 		for (iter = 0; iter < EBITMAP_UNIT_NUMS; iter++) {
 			e_map = e_iter->maps[iter];
 			if (e_map != 0) {
-				rc = netlbl_catmap_setlong(catmap,
-							   offset,
-							   e_map,
-							   GFP_ATOMIC);
+				rc = netlbl_catmap_setlong(catmap, offset,
+							   e_map, GFP_ATOMIC);
 				if (rc != 0)
 					goto netlbl_export_failure;
 			}
@@ -185,7 +180,8 @@ int ebitmap_netlbl_import(struct ebitmap *ebmap,
 		if (e_iter == NULL ||
 		    offset >= e_iter->startbit + EBITMAP_SIZE) {
 			e_prev = e_iter;
-			e_iter = kmem_cache_zalloc(ebitmap_node_cachep, GFP_ATOMIC);
+			e_iter = kmem_cache_zalloc(ebitmap_node_cachep,
+						   GFP_ATOMIC);
 			if (e_iter == NULL)
 				goto netlbl_import_failure;
 			e_iter->startbit = offset - (offset % EBITMAP_SIZE);
@@ -218,7 +214,8 @@ netlbl_import_failure:
  * if last_e2bit is non-zero, the highest set bit in e2 cannot exceed
  * last_e2bit.
  */
-int ebitmap_contains(const struct ebitmap *e1, const struct ebitmap *e2, u32 last_e2bit)
+int ebitmap_contains(const struct ebitmap *e1, const struct ebitmap *e2,
+		     u32 last_e2bit)
 {
 	const struct ebitmap_node *n1, *n2;
 	int i;
@@ -234,8 +231,8 @@ int ebitmap_contains(const struct ebitmap *e1, const struct ebitmap *e2, u32 las
 			n1 = n1->next;
 			continue;
 		}
-		for (i = EBITMAP_UNIT_NUMS - 1; (i >= 0) && !n2->maps[i]; )
-			i--;	/* Skip trailing NULL map entries */
+		for (i = EBITMAP_UNIT_NUMS - 1; (i >= 0) && !n2->maps[i];)
+			i--; /* Skip trailing NULL map entries */
 		if (last_e2bit && (i >= 0)) {
 			u32 lastsetbit = n2->startbit + i * EBITMAP_UNIT_SIZE +
 					 __fls(n2->maps[i]);
@@ -302,8 +299,8 @@ int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value)
 					 * within the bitmap
 					 */
 					if (prev)
-						e->highbit = prev->startbit
-							     + EBITMAP_SIZE;
+						e->highbit = prev->startbit +
+							     EBITMAP_SIZE;
 					else
 						e->highbit = 0;
 				}
@@ -424,7 +421,8 @@ int ebitmap_read(struct ebitmap *e, void *fp)
 
 		if (!n || startbit >= n->startbit + EBITMAP_SIZE) {
 			struct ebitmap_node *tmp;
-			tmp = kmem_cache_zalloc(ebitmap_node_cachep, GFP_KERNEL);
+			tmp = kmem_cache_zalloc(ebitmap_node_cachep,
+						GFP_KERNEL);
 			if (!tmp) {
 				pr_err("SELinux: ebitmap: out of memory\n");
 				rc = -ENOMEM;
@@ -481,7 +479,8 @@ int ebitmap_write(const struct ebitmap *e, void *fp)
 	count = 0;
 	last_bit = 0;
 	last_startbit = -1;
-	ebitmap_for_each_positive_bit(e, n, bit) {
+	ebitmap_for_each_positive_bit(e, n, bit)
+	{
 		if (rounddown(bit, (int)BITS_PER_U64) > last_startbit) {
 			count++;
 			last_startbit = rounddown(bit, BITS_PER_U64);
@@ -497,7 +496,8 @@ int ebitmap_write(const struct ebitmap *e, void *fp)
 
 	map = 0;
 	last_startbit = INT_MIN;
-	ebitmap_for_each_positive_bit(e, n, bit) {
+	ebitmap_for_each_positive_bit(e, n, bit)
+	{
 		if (rounddown(bit, (int)BITS_PER_U64) > last_startbit) {
 			__le64 buf64[1];
 
@@ -559,6 +559,6 @@ u32 ebitmap_hash(const struct ebitmap *e, u32 hash)
 void __init ebitmap_cache_init(void)
 {
 	ebitmap_node_cachep = kmem_cache_create("ebitmap_node",
-							sizeof(struct ebitmap_node),
-							0, SLAB_PANIC, NULL);
+						sizeof(struct ebitmap_node), 0,
+						SLAB_PANIC, NULL);
 }