[PATCH] lsm: constify 'mnt_opts' parameter in security_free_mnt_opts()
Khadija Kamran
kamrankhadijadj at gmail.com
Wed Aug 23 08:44:45 UTC 2023
The "sb_free_mnt_opts" hook has implementations registered in SELinux
and Smack. Looking at the function implementations we observe that the
"mnt_opts" parameter is not changing.
Mark the "mnt_opts" parameter of LSM hook security_free_mnt_opts() as
"const" since it will not be changing in the LSM hook.
Signed-off-by: Khadija Kamran <kamrankhadijadj at gmail.com>
---
include/linux/lsm_hook_defs.h | 2 +-
include/linux/security.h | 2 +-
security/security.c | 2 +-
security/selinux/hooks.c | 2 +-
security/smack/smack_lsm.c | 2 +-
5 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
index 6bb55e61e8e8..7b193349db89 100644
--- a/include/linux/lsm_hook_defs.h
+++ b/include/linux/lsm_hook_defs.h
@@ -61,7 +61,7 @@ LSM_HOOK(int, -ENOPARAM, fs_context_parse_param, struct fs_context *fc,
LSM_HOOK(int, 0, sb_alloc_security, struct super_block *sb)
LSM_HOOK(void, LSM_RET_VOID, sb_delete, struct super_block *sb)
LSM_HOOK(void, LSM_RET_VOID, sb_free_security, struct super_block *sb)
-LSM_HOOK(void, LSM_RET_VOID, sb_free_mnt_opts, void *mnt_opts)
+LSM_HOOK(void, LSM_RET_VOID, sb_free_mnt_opts, const void *mnt_opts)
LSM_HOOK(int, 0, sb_eat_lsm_opts, char *orig, void **mnt_opts)
LSM_HOOK(int, 0, sb_mnt_opts_compat, struct super_block *sb, void *mnt_opts)
LSM_HOOK(int, 0, sb_remount, struct super_block *sb, void *mnt_opts)
diff --git a/include/linux/security.h b/include/linux/security.h
index e2734e9e44d5..acdd1eccf2d3 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -298,7 +298,7 @@ int security_fs_context_parse_param(struct fs_context *fc, struct fs_parameter *
int security_sb_alloc(struct super_block *sb);
void security_sb_delete(struct super_block *sb);
void security_sb_free(struct super_block *sb);
-void security_free_mnt_opts(void **mnt_opts);
+void security_free_mnt_opts(const void **mnt_opts);
int security_sb_eat_lsm_opts(char *options, void **mnt_opts);
int security_sb_mnt_opts_compat(struct super_block *sb, void *mnt_opts);
int security_sb_remount(struct super_block *sb, void *mnt_opts);
diff --git a/security/security.c b/security/security.c
index d5ff7ff45b77..8386d764d9fc 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1238,7 +1238,7 @@ void security_sb_free(struct super_block *sb)
*
* Free memory associated with @mnt_ops.
*/
-void security_free_mnt_opts(void **mnt_opts)
+void security_free_mnt_opts(const void **mnt_opts)
{
if (!*mnt_opts)
return;
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 79b4890e9936..225b76839c95 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -342,7 +342,7 @@ struct selinux_mnt_opts {
u32 defcontext_sid;
};
-static void selinux_free_mnt_opts(void *mnt_opts)
+static void selinux_free_mnt_opts(const void *mnt_opts)
{
kfree(mnt_opts);
}
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 7a3e9ab137d8..290593dcd852 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -557,7 +557,7 @@ struct smack_mnt_opts {
const char *fstransmute;
};
-static void smack_free_mnt_opts(void *mnt_opts)
+static void smack_free_mnt_opts(const void *mnt_opts)
{
kfree(mnt_opts);
}
--
2.34.1
More information about the Linux-security-module-archive
mailing list