From nobody Sun Feb 8 12:18:56 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1518713740023362.4246670291726; Thu, 15 Feb 2018 08:55:40 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9CAAD40D9E; Thu, 15 Feb 2018 16:55:38 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 498CD19CBD; Thu, 15 Feb 2018 16:55:38 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id A1CB31843726; Thu, 15 Feb 2018 16:55:36 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w1FGi6hX025833 for ; Thu, 15 Feb 2018 11:44:06 -0500 Received: by smtp.corp.redhat.com (Postfix) id 4E2082024CAB; Thu, 15 Feb 2018 16:44:06 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.42.22.189]) by smtp.corp.redhat.com (Postfix) with ESMTP id E57142024CA8; Thu, 15 Feb 2018 16:44:05 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 15 Feb 2018 16:43:30 +0000 Message-Id: <20180215164347.11538-26-berrange@redhat.com> In-Reply-To: <20180215164347.11538-1-berrange@redhat.com> References: <20180215164347.11538-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Subject: [libvirt] [PATCH v2 25/42] security: add default: case to all switch statements X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Thu, 15 Feb 2018 16:55:39 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Even if the compiler has validated that all enum constants have case statements in a switch, it is not safe to omit a default: case statement. When assigning a value to a variable / struct field that is defined with an enum type, nothing prevents an invalid value being assigned. So defensive code must assume existance of invalid values and thus all switches should have a default: case. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/security/security_apparmor.c | 12 +++++-- src/security/security_dac.c | 59 ++++++++++++++++++++++++++++------ src/security/security_selinux.c | 69 ++++++++++++++++++++++++++++++++----= ---- 3 files changed, 115 insertions(+), 25 deletions(-) diff --git a/src/security/security_apparmor.c b/src/security/security_appar= mor.c index a9899923ac..7943743494 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -919,7 +919,10 @@ AppArmorSetSecurityHostdevLabel(virSecurityManagerPtr = mgr, } =20 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: - ret =3D 0; + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected hostdev subsystem type %d"), + dev->source.subsys.type); break; } =20 @@ -990,9 +993,14 @@ AppArmorSetChardevLabel(virSecurityManagerPtr mgr, case VIR_DOMAIN_CHR_TYPE_TCP: case VIR_DOMAIN_CHR_TYPE_SPICEVMC: case VIR_DOMAIN_CHR_TYPE_NMDM: - case VIR_DOMAIN_CHR_TYPE_LAST: ret =3D 0; break; + case VIR_DOMAIN_CHR_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected chardev type %d"), + dev_source->type); + break; } =20 done: diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 74446d6644..7142b802f9 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1009,7 +1009,10 @@ virSecurityDACSetHostdevLabel(virSecurityManagerPtr = mgr, } =20 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: - ret =3D 0; + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected hostdev subsys type %d"), + dev->source.subsys.type); break; } =20 @@ -1177,7 +1180,10 @@ virSecurityDACRestoreHostdevLabel(virSecurityManager= Ptr mgr, } =20 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: - ret =3D 0; + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected hostdev subsys type %d"), + dev->source.subsys.type); break; } =20 @@ -1265,9 +1271,13 @@ virSecurityDACSetChardevLabel(virSecurityManagerPtr = mgr, case VIR_DOMAIN_CHR_TYPE_TCP: case VIR_DOMAIN_CHR_TYPE_SPICEVMC: case VIR_DOMAIN_CHR_TYPE_NMDM: - case VIR_DOMAIN_CHR_TYPE_LAST: ret =3D 0; break; + case VIR_DOMAIN_CHR_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected chardev type %d"), dev_source->type); + break; } =20 done: @@ -1328,9 +1338,13 @@ virSecurityDACRestoreChardevLabel(virSecurityManager= Ptr mgr, case VIR_DOMAIN_CHR_TYPE_SPICEVMC: case VIR_DOMAIN_CHR_TYPE_SPICEPORT: case VIR_DOMAIN_CHR_TYPE_NMDM: - case VIR_DOMAIN_CHR_TYPE_LAST: ret =3D 0; break; + case VIR_DOMAIN_CHR_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected chardev type %d"), dev_source->type); + break; } =20 done: @@ -1372,6 +1386,10 @@ virSecurityDACSetTPMFileLabel(virSecurityManagerPtr = mgr, false); break; case VIR_DOMAIN_TPM_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected TPM type %d"), tpm->type); + ret =3D -1; break; } =20 @@ -1393,6 +1411,10 @@ virSecurityDACRestoreTPMFileLabel(virSecurityManager= Ptr mgr, false); break; case VIR_DOMAIN_TPM_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected TPM type %d"), tpm->type); + ret =3D -1; break; } =20 @@ -1475,9 +1497,13 @@ virSecurityDACSetInputLabel(virSecurityManagerPtr mg= r, case VIR_DOMAIN_INPUT_TYPE_MOUSE: case VIR_DOMAIN_INPUT_TYPE_TABLET: case VIR_DOMAIN_INPUT_TYPE_KBD: - case VIR_DOMAIN_INPUT_TYPE_LAST: ret =3D 0; break; + case VIR_DOMAIN_INPUT_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected input type %d"), input->type); + break; } =20 return ret; @@ -1499,9 +1525,13 @@ virSecurityDACRestoreInputLabel(virSecurityManagerPt= r mgr, case VIR_DOMAIN_INPUT_TYPE_MOUSE: case VIR_DOMAIN_INPUT_TYPE_TABLET: case VIR_DOMAIN_INPUT_TYPE_KBD: - case VIR_DOMAIN_INPUT_TYPE_LAST: ret =3D 0; break; + case VIR_DOMAIN_INPUT_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected input type %d"), input->type); + break; } =20 return ret; @@ -1522,10 +1552,14 @@ virSecurityDACRestoreMemoryLabel(virSecurityManager= Ptr mgr, break; =20 case VIR_DOMAIN_MEMORY_MODEL_DIMM: - case VIR_DOMAIN_MEMORY_MODEL_LAST: case VIR_DOMAIN_MEMORY_MODEL_NONE: ret =3D 0; break; + case VIR_DOMAIN_MEMORY_MODEL_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected memory model %d"), mem->model); + break; } =20 return ret; @@ -1647,10 +1681,14 @@ virSecurityDACSetMemoryLabel(virSecurityManagerPtr = mgr, break; =20 case VIR_DOMAIN_MEMORY_MODEL_DIMM: - case VIR_DOMAIN_MEMORY_MODEL_LAST: case VIR_DOMAIN_MEMORY_MODEL_NONE: ret =3D 0; break; + case VIR_DOMAIN_MEMORY_MODEL_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected memory model %d"), mem->model); + break; } =20 return ret; @@ -1903,9 +1941,10 @@ virSecurityDACGenLabel(virSecurityManagerPtr mgr, return 0; case VIR_DOMAIN_SECLABEL_DEFAULT: case VIR_DOMAIN_SECLABEL_LAST: + default: virReportError(VIR_ERR_INTERNAL_ERROR, - _("unexpected security label type '%s'"), - virDomainSeclabelTypeToString(seclabel->type)); + _("unexpected security label type %d"), + seclabel->type); return rc; } =20 diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index c26cdacd9f..a33d07b6ab 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -763,7 +763,7 @@ virSecuritySELinuxGenLabel(virSecurityManagerPtr mgr, =20 VIR_DEBUG("type=3D%d", seclabel->type); =20 - switch (seclabel->type) { + switch ((virDomainSeclabelType)seclabel->type) { case VIR_DOMAIN_SECLABEL_STATIC: if (!(ctx =3D context_new(seclabel->label))) { virReportSystemError(errno, @@ -832,10 +832,12 @@ virSecuritySELinuxGenLabel(virSecurityManagerPtr mgr, =20 break; =20 + case VIR_DOMAIN_SECLABEL_DEFAULT: + case VIR_DOMAIN_SECLABEL_LAST: default: virReportError(VIR_ERR_INTERNAL_ERROR, - _("unexpected security label type '%s'"), - virDomainSeclabelTypeToString(seclabel->type)); + _("unexpected security label type '%d'"), + seclabel->type); goto cleanup; } =20 @@ -1346,8 +1348,12 @@ virSecuritySELinuxSetInputLabel(virSecurityManagerPt= r mgr, case VIR_DOMAIN_INPUT_TYPE_MOUSE: case VIR_DOMAIN_INPUT_TYPE_TABLET: case VIR_DOMAIN_INPUT_TYPE_KBD: - case VIR_DOMAIN_INPUT_TYPE_LAST: break; + case VIR_DOMAIN_INPUT_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected input type %d"), input->type); + return -1; } =20 return 0; @@ -1374,8 +1380,12 @@ virSecuritySELinuxRestoreInputLabel(virSecurityManag= erPtr mgr, case VIR_DOMAIN_INPUT_TYPE_MOUSE: case VIR_DOMAIN_INPUT_TYPE_TABLET: case VIR_DOMAIN_INPUT_TYPE_KBD: - case VIR_DOMAIN_INPUT_TYPE_LAST: break; + case VIR_DOMAIN_INPUT_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected input type %d"), input->type); + return -1; } =20 return rc; @@ -1402,8 +1412,12 @@ virSecuritySELinuxSetMemoryLabel(virSecurityManagerP= tr mgr, =20 case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_DIMM: - case VIR_DOMAIN_MEMORY_MODEL_LAST: break; + case VIR_DOMAIN_MEMORY_MODEL_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected memory model %d"), mem->model); + return -1; } =20 return 0; @@ -1429,9 +1443,13 @@ virSecuritySELinuxRestoreMemoryLabel(virSecurityMana= gerPtr mgr, =20 case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_NONE: - case VIR_DOMAIN_MEMORY_MODEL_LAST: ret =3D 0; break; + case VIR_DOMAIN_MEMORY_MODEL_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected memory model %d"), mem->model); + return -1; } =20 return ret; @@ -1473,6 +1491,9 @@ virSecuritySELinuxSetTPMFileLabel(virSecurityManagerP= tr mgr, } break; case VIR_DOMAIN_TPM_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected TPM type %d"), tpm->type); break; } =20 @@ -1506,6 +1527,9 @@ virSecuritySELinuxRestoreTPMFileLabelInt(virSecurityM= anagerPtr mgr, } break; case VIR_DOMAIN_TPM_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected TPM type %d"), tpm->type); break; } =20 @@ -1860,7 +1884,10 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityM= anagerPtr mgr, } =20 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: - ret =3D 0; + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected hostdev subsystem type %d"), + dev->source.subsys.type); break; } =20 @@ -1883,7 +1910,7 @@ virSecuritySELinuxSetHostdevCapsLabel(virSecurityMana= gerPtr mgr, if (secdef =3D=3D NULL) return 0; =20 - switch (dev->source.caps.type) { + switch ((virDomainHostdevCapsType)dev->source.caps.type) { case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: { if (vroot) { if (virAsprintf(&path, "%s/%s", vroot, @@ -1912,9 +1939,15 @@ virSecuritySELinuxSetHostdevCapsLabel(virSecurityMan= agerPtr mgr, break; } =20 - default: + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET: ret =3D 0; break; + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected hostdev caps type %d"), + dev->source.caps.type); + break; } =20 return ret; @@ -2101,7 +2134,10 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecur= ityManagerPtr mgr, } =20 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST: - ret =3D 0; + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected hostdev subsystem type %d"), + dev->source.subsys.type); break; } =20 @@ -2118,7 +2154,7 @@ virSecuritySELinuxRestoreHostdevCapsLabel(virSecurity= ManagerPtr mgr, int ret =3D -1; char *path; =20 - switch (dev->source.caps.type) { + switch ((virDomainHostdevCapsType)dev->source.caps.type) { case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: { if (vroot) { if (virAsprintf(&path, "%s/%s", vroot, @@ -2147,9 +2183,16 @@ virSecuritySELinuxRestoreHostdevCapsLabel(virSecurit= yManagerPtr mgr, break; } =20 - default: + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET: ret =3D 0; break; + + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_LAST: + default: + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected hostdev subsystem type %d"), + dev->source.subsys.type); + break; } =20 return ret; --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list