* few more Style nitpicks
* make things static where possible
--- lsm-2.6/security/seclvl.c~seclvl.fix02 2004-02-09 16:09:04.000000000 -0800
+++ lsm-2.6/security/seclvl.c 2004-02-12 18:47:55.000000000 -0800
@@ -80,6 +80,7 @@
#include <linux/config.h>
#include <linux/module.h>
#include <linux/kernel.h>
+#include <linux/init.h>
#include <linux/security.h>
#include <linux/netlink.h>
#include <linux/fs.h>
@@ -189,11 +190,11 @@
struct seclvl_attribute {
struct attribute attr;
- ssize_t(*show) (struct seclvl_obj *, char *);
- ssize_t(*store) (struct seclvl_obj *, const char *, size_t);
+ ssize_t(*show) (struct seclvl_obj *, char *);
+ ssize_t(*store) (struct seclvl_obj *, const char *, size_t);
};
-ssize_t
+static ssize_t
seclvl_attr_store(struct kobject *kobj,
struct attribute *attr, const char *buf, size_t len)
{
@@ -237,7 +238,7 @@
* Verifies that the requested secure level is valid, given the current
* secure level.
*/
-int seclvl_sanity(int reqlvl)
+static int seclvl_sanity(int reqlvl)
{
if ((reqlvl < -1) || (reqlvl > 2)) {
seclvl_printk(1, KERN_WARNING, "Attempt to set seclvl out of "
@@ -254,8 +255,6 @@
return 0;
}
-int do_seclvl_advance(int);
-
/**
* Called whenever the user reads the sysfs handle to this kernel
* object
@@ -268,6 +267,33 @@
}
/**
+ * security level advancement rules:
+ * Valid levels are -1 through 2, inclusive.
+ * From -1, stuck. [ in case compiled into kernel ]
+ * From 0 or above, can only increment.
+ */
+static int do_seclvl_advance(int newlvl)
+{
+ if (newlvl <= seclvl) {
+ seclvl_printk(1, KERN_WARNING, "Cannot advance to seclvl "
+ "[%d]\n", newlvl);
+ return -EINVAL;
+ }
+ if (newlvl > 2) {
+ seclvl_printk(1, KERN_WARNING, "Cannot advance to seclvl "
+ "[%d]\n", newlvl);
+ return -EINVAL;
+ }
+ if (seclvl == -1) {
+ seclvl_printk(1, KERN_WARNING, "Not allowed to advance to "
+ "seclvl [%d]\n", seclvl);
+ return -EPERM;
+ }
+ seclvl = newlvl;
+ return 0;
+}
+
+/**
* Called whenever the user writes to the sysfs handle to this kernel
* object (seclvl/seclvl). It expects a single-digit number.
*/
@@ -299,7 +325,7 @@
.store = seclvl_write_file,
};
-unsigned char hashedPassword[SHA1_DIGEST_SIZE];
+static unsigned char hashedPassword[SHA1_DIGEST_SIZE];
/**
* Called whenever the user reads the sysfs passwd handle.
@@ -329,7 +355,7 @@
* It would be nice if crypto had a wrapper to do this for us linear
* people...
*/
-int plaintextToSha1(unsigned char *hash, const char *plaintext, int len)
+static int plaintextToSha1(unsigned char *hash, const char *plaintext, int len)
{
struct crypto_tfm *tfm;
struct scatterlist sg[1];
@@ -355,7 +381,7 @@
crypto_digest_update(tfm, sg, 1);
crypto_digest_final(tfm, hash);
crypto_free_tfm(tfm);
- exit:
+exit:
return rc;
}
@@ -509,7 +535,7 @@
return 0;
}
-int is_mounted(struct inode *inode)
+static int is_mounted(struct inode *inode)
{
struct super_block *sb;
if (S_ISBLK(inode->i_mode)) {
@@ -607,16 +633,16 @@
}
static struct security_operations seclvl_ops = {
- .ptrace = seclvl_ptrace,
- .capable = seclvl_capable,
- .bprm_set_security = seclvl_bprm_set_security,
- .inode_permission = seclvl_inode_permission,
- .inode_setattr = seclvl_inode_setattr,
- .settime = seclvl_settime,
- .sb_umount = seclvl_umount,
- .task_reparent_to_init = seclvl_task_reparent_to_init,
- .register_security = seclvl_register,
- .unregister_security = seclvl_unregister,
+ .ptrace = seclvl_ptrace,
+ .capable = seclvl_capable,
+ .bprm_set_security = seclvl_bprm_set_security,
+ .inode_permission = seclvl_inode_permission,
+ .inode_setattr = seclvl_inode_setattr,
+ .settime = seclvl_settime,
+ .sb_umount = seclvl_umount,
+ .task_reparent_to_init = seclvl_task_reparent_to_init,
+ .register_security = seclvl_register,
+ .unregister_security = seclvl_unregister,
};
#if defined(CONFIG_SECURITY_SECLVL_MODULE)
@@ -626,36 +652,9 @@
#endif
/**
- * security level advancement rules:
- * Valid levels are -1 through 2, inclusive.
- * From -1, stuck. [ in case compiled into kernel ]
- * From 0 or above, can only increment.
- */
-int do_seclvl_advance(int newlvl)
-{
- if (newlvl <= seclvl) {
- seclvl_printk(1, KERN_WARNING, "Cannot advance to seclvl "
- "[%d]\n", newlvl);
- return -EINVAL;
- }
- if (newlvl > 2) {
- seclvl_printk(1, KERN_WARNING, "Cannot advance to seclvl "
- "[%d]\n", newlvl);
- return -EINVAL;
- }
- if (seclvl == -1) {
- seclvl_printk(1, KERN_WARNING, "Not allowed to advance to "
- "seclvl [%d]\n", seclvl);
- return -EPERM;
- }
- seclvl = newlvl;
- return 0;
-}
-
-/**
* Process the password-related module parameters
*/
-int processPassword(void)
+static int processPassword(void)
{
int rc = 0;
hashedPassword[0] = '\0';
@@ -696,14 +695,14 @@
sha1Password[i + 2] = tmp;
}
}
- exit:
+exit:
return rc;
}
/**
* Sysfs registrations
*/
-int doSysfsRegistrations(void)
+static int doSysfsRegistrations(void)
{
int rc = 0;
if ((rc = subsystem_register(&seclvl_subsys))) {
@@ -716,7 +715,7 @@
sysfs_create_file(&seclvl_subsys.kset.kobj,
&seclvlfs_passwd_attr.attr);
}
- exit:
+exit:
return rc;
}
@@ -764,7 +763,7 @@
}
seclvl_printk(0, KERN_INFO, "seclvl: Successfully initialized.\n");
goto exit;
- exit:
+exit:
if (rc) {
printk(KERN_ERR "seclvl: Error during initialization: rc = "
"[%d]\n", rc);
This archive was generated by hypermail 2b30 : Fri Feb 13 2004 - 15:04:37 PST