[RFC PATCH v11 15/19] fsverity: consume builtin signature via LSM hook

Fan Wu wufan at linux.microsoft.com
Thu Oct 5 02:49:13 UTC 2023



On 10/4/2023 7:27 PM, Eric Biggers wrote:
> On Wed, Oct 04, 2023 at 03:09:42PM -0700, Fan Wu wrote:
>> +#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES
>> +static int fsverity_inode_setsecurity(struct inode *inode,
>> +				      struct fsverity_descriptor *desc)
>> +{
>> +	return security_inode_setsecurity(inode, FS_VERITY_INODE_SEC_NAME,
>> +					  desc->signature,
>> +					  le32_to_cpu(desc->sig_size), 0);
>> +}
> 
> Why isn't the type of the second argument 'const struct fsverity_descriptor *'?
> 
> - Eric

Thanks for the suggestion. I agree that adding 'const' here is a better 
approach. I will update this in the next version.

-Fan



More information about the Linux-security-module-archive mailing list