[PATCH net-next 1/3] security: add const qualifier to struct sock in various places
Jakub Kicinski
kuba at kernel.org
Thu Dec 3 22:24:09 UTC 2020
On Fri, 4 Dec 2020 04:07:16 +1100 (AEDT) James Morris wrote:
> On Wed, 2 Dec 2020, Jakub Kicinski wrote:
> > On Mon, 30 Nov 2020 16:36:29 +0100 Florian Westphal wrote:
> > > A followup change to tcp_request_sock_op would have to drop the 'const'
> > > qualifier from the 'route_req' function as the
> > > 'security_inet_conn_request' call is moved there - and that function
> > > expects a 'struct sock *'.
> > >
> > > However, it turns out its also possible to add a const qualifier to
> > > security_inet_conn_request instead.
> > >
> > > Signed-off-by: Florian Westphal <fw at strlen.de>
> > > ---
> > > The code churn is unfortunate. Alternative would be to change
> > > the function signature of ->route_req:
> > > struct dst_entry *(*route_req)(struct sock *sk, ...
> > > [ i.e., drop 'const' ]. Thoughts?
> >
> > Security folks - is this okay to merge into net-next?
> >
> > We can put it on a branch and pull into both trees if the risk
> > of conflicts is high.
>
> Acked-by: James Morris <jamorris at linux.microsoft.com>
Thank you!
Into net-next it goes..
More information about the Linux-security-module-archive
mailing list