[PATCH net-next 1/4] security: Constify sk in the sk_getsecid hook.

Paul Moore paul at paul-moore.com
Mon Jul 17 16:05:44 UTC 2023


On Tue, Jul 11, 2023 at 9:06 AM Guillaume Nault <gnault at redhat.com> wrote:
>
> The sk_getsecid hook shouldn't need to modify its socket argument.
> Make it const so that callers of security_sk_classify_flow() can use a
> const struct sock *.
>
> Signed-off-by: Guillaume Nault <gnault at redhat.com>
> ---
>  include/linux/lsm_hook_defs.h | 2 +-
>  include/linux/security.h      | 5 +++--
>  security/security.c           | 2 +-
>  security/selinux/hooks.c      | 4 ++--
>  4 files changed, 7 insertions(+), 6 deletions(-)

Thanks Guillaume, this looks good to me.  I had limited network access
last week and was only monitoring my email for urgent issues, but from
what I can tell it looks like this was picked up in the netdev tree so
I'll leave it alone, but if anything changes let me know and I'll
merge it via the LSM tree.

-- 
paul-moore.com



More information about the Linux-security-module-archive mailing list