diff options
| author | Khadija Kamran <kamrankhadijadj@gmail.com> | 2023-08-23 12:01:28 +0300 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2023-09-14 22:35:36 +0300 |
| commit | 20a2aa47097aae7016209c4dbe392b3b25e0d883 (patch) | |
| tree | 4561b3f4cccc30cc03aa1ff16217b3f03b7f6f84 | |
| parent | a721f7b8c3548e943e514a957f2a37f4763b9888 (diff) | |
| download | linux-20a2aa47097aae7016209c4dbe392b3b25e0d883.tar.xz | |
lsm: constify 'sb' parameter in security_sb_kern_mount()
The "sb_kern_mount" hook has implementation registered in SELinux.
Looking at the function implementation we observe that the "sb"
parameter is not changing.
Mark the "sb" parameter of LSM hook security_sb_kern_mount() as "const"
since it will not be changing in the LSM hook.
Signed-off-by: Khadija Kamran <kamrankhadijadj@gmail.com>
[PM: minor merge fuzzing due to other constification patches]
Signed-off-by: Paul Moore <paul@paul-moore.com>
| -rw-r--r-- | include/linux/lsm_hook_defs.h | 2 | ||||
| -rw-r--r-- | include/linux/security.h | 2 | ||||
| -rw-r--r-- | security/security.c | 2 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 2 |
4 files changed, 4 insertions, 4 deletions
diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index 3b0f5cfca464..99b8176c3738 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -66,7 +66,7 @@ LSM_HOOK(void, LSM_RET_VOID, sb_free_mnt_opts, void *mnt_opts) LSM_HOOK(int, 0, sb_eat_lsm_opts, char *orig, void **mnt_opts) LSM_HOOK(int, 0, sb_mnt_opts_compat, struct super_block *sb, void *mnt_opts) LSM_HOOK(int, 0, sb_remount, struct super_block *sb, void *mnt_opts) -LSM_HOOK(int, 0, sb_kern_mount, struct super_block *sb) +LSM_HOOK(int, 0, sb_kern_mount, const struct super_block *sb) LSM_HOOK(int, 0, sb_show_options, struct seq_file *m, struct super_block *sb) LSM_HOOK(int, 0, sb_statfs, struct dentry *dentry) LSM_HOOK(int, 0, sb_mount, const char *dev_name, const struct path *path, diff --git a/include/linux/security.h b/include/linux/security.h index 3148103123fb..1d1df326c881 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -304,7 +304,7 @@ void security_free_mnt_opts(void **mnt_opts); int security_sb_eat_lsm_opts(char *options, void **mnt_opts); int security_sb_mnt_opts_compat(struct super_block *sb, void *mnt_opts); int security_sb_remount(struct super_block *sb, void *mnt_opts); -int security_sb_kern_mount(struct super_block *sb); +int security_sb_kern_mount(const struct super_block *sb); int security_sb_show_options(struct seq_file *m, struct super_block *sb); int security_sb_statfs(struct dentry *dentry); int security_sb_mount(const char *dev_name, const struct path *path, diff --git a/security/security.c b/security/security.c index e4aec0f65f75..7b0052e96806 100644 --- a/security/security.c +++ b/security/security.c @@ -1319,7 +1319,7 @@ EXPORT_SYMBOL(security_sb_remount); * * Return: Returns 0 if permission is granted. */ -int security_sb_kern_mount(struct super_block *sb) +int security_sb_kern_mount(const struct super_block *sb) { return call_int_hook(sb_kern_mount, 0, sb); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index e9ee008a9537..195db92ac99c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2721,7 +2721,7 @@ out_bad_option: return -EINVAL; } -static int selinux_sb_kern_mount(struct super_block *sb) +static int selinux_sb_kern_mount(const struct super_block *sb) { const struct cred *cred = current_cred(); struct common_audit_data ad; |