| Message ID | 20220217141858.71281-1-cgzones@googlemail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | security: declare member holding string literal const | expand |
On Thu, Feb 17, 2022 at 9:19 AM Christian Göttsche <cgzones@googlemail.com> wrote: > > The struct security_hook_list member lsm is assigned in > security_add_hooks() with string literals passed from the individual > security modules. Declare the function parameter and the struct member > const to signal their immutability. > > Reported by Clang [-Wwrite-strings]: > > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux); > ^~~~~~~~~ > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here > char *lsm); > ^ > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > --- > include/linux/lsm_hooks.h | 4 ++-- > security/security.c | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) Thanks Christian. Reviewed-by: Paul Moore <paul@paul-moore.com>
On 2/17/2022 6:18 AM, Christian Göttsche wrote: > The struct security_hook_list member lsm is assigned in > security_add_hooks() with string literals passed from the individual > security modules. Declare the function parameter and the struct member > const to signal their immutability. > > Reported by Clang [-Wwrite-strings]: > > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux); > ^~~~~~~~~ > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here > char *lsm); > ^ > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> > --- > include/linux/lsm_hooks.h | 4 ++-- > security/security.c | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index 419b5febc3ca..47cdf3fbecef 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -1595,7 +1595,7 @@ struct security_hook_list { > struct hlist_node list; > struct hlist_head *head; > union security_list_options hook; > - char *lsm; > + const char *lsm; > } __randomize_layout; > > /* > @@ -1630,7 +1630,7 @@ extern struct security_hook_heads security_hook_heads; > extern char *lsm_names; > > extern void security_add_hooks(struct security_hook_list *hooks, int count, > - char *lsm); > + const char *lsm); > > #define LSM_FLAG_LEGACY_MAJOR BIT(0) > #define LSM_FLAG_EXCLUSIVE BIT(1) > diff --git a/security/security.c b/security/security.c > index 9663ffcca4b0..a48eb3badfdd 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -478,7 +478,7 @@ static int lsm_append(const char *new, char **result) > * Each LSM has to register its hooks with the infrastructure. > */ > void __init security_add_hooks(struct security_hook_list *hooks, int count, > - char *lsm) > + const char *lsm) > { > int i; >
On Thu, 17 Feb 2022 at 23:50, Casey Schaufler <casey@schaufler-ca.com> wrote: > > On 2/17/2022 6:18 AM, Christian Göttsche wrote: > > The struct security_hook_list member lsm is assigned in > > security_add_hooks() with string literals passed from the individual > > security modules. Declare the function parameter and the struct member > > const to signal their immutability. > > > > Reported by Clang [-Wwrite-strings]: > > > > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] > > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux); > > ^~~~~~~~~ > > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here > > char *lsm); > > ^ > > > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > > Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> > Kindly ping; any progress on this one? > > --- > > include/linux/lsm_hooks.h | 4 ++-- > > security/security.c | 2 +- > > 2 files changed, 3 insertions(+), 3 deletions(-) > > > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > > index 419b5febc3ca..47cdf3fbecef 100644 > > --- a/include/linux/lsm_hooks.h > > +++ b/include/linux/lsm_hooks.h > > @@ -1595,7 +1595,7 @@ struct security_hook_list { > > struct hlist_node list; > > struct hlist_head *head; > > union security_list_options hook; > > - char *lsm; > > + const char *lsm; > > } __randomize_layout; > > > > /* > > @@ -1630,7 +1630,7 @@ extern struct security_hook_heads security_hook_heads; > > extern char *lsm_names; > > > > extern void security_add_hooks(struct security_hook_list *hooks, int count, > > - char *lsm); > > + const char *lsm); > > > > #define LSM_FLAG_LEGACY_MAJOR BIT(0) > > #define LSM_FLAG_EXCLUSIVE BIT(1) > > diff --git a/security/security.c b/security/security.c > > index 9663ffcca4b0..a48eb3badfdd 100644 > > --- a/security/security.c > > +++ b/security/security.c > > @@ -478,7 +478,7 @@ static int lsm_append(const char *new, char **result) > > * Each LSM has to register its hooks with the infrastructure. > > */ > > void __init security_add_hooks(struct security_hook_list *hooks, int count, > > - char *lsm) > > + const char *lsm) > > { > > int i; > >
On Mon, May 2, 2022 at 9:38 AM Christian Göttsche <cgzones@googlemail.com> wrote: > On Thu, 17 Feb 2022 at 23:50, Casey Schaufler <casey@schaufler-ca.com> wrote: > > On 2/17/2022 6:18 AM, Christian Göttsche wrote: > > > The struct security_hook_list member lsm is assigned in > > > security_add_hooks() with string literals passed from the individual > > > security modules. Declare the function parameter and the struct member > > > const to signal their immutability. > > > > > > Reported by Clang [-Wwrite-strings]: > > > > > > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] > > > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux); > > > ^~~~~~~~~ > > > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here > > > char *lsm); > > > ^ > > > > > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > > > > Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> > > > > Kindly ping; > any progress on this one? I've already added my Reviewed-by tag, as has Casey, so I think it's pretty "safe" at this point. The next step is for James to pull this into the LSM tree. If it is still collecting dust at the end of this week, ping us again and I can just go ahead and pull it into the SELinux tree, it's small enough that it shouldn't cause any problems.
On Tue, 3 May 2022 at 22:02, Paul Moore <paul@paul-moore.com> wrote: > > On Mon, May 2, 2022 at 9:38 AM Christian Göttsche > <cgzones@googlemail.com> wrote: > > On Thu, 17 Feb 2022 at 23:50, Casey Schaufler <casey@schaufler-ca.com> wrote: > > > On 2/17/2022 6:18 AM, Christian Göttsche wrote: > > > > The struct security_hook_list member lsm is assigned in > > > > security_add_hooks() with string literals passed from the individual > > > > security modules. Declare the function parameter and the struct member > > > > const to signal their immutability. > > > > > > > > Reported by Clang [-Wwrite-strings]: > > > > > > > > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] > > > > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux); > > > > ^~~~~~~~~ > > > > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here > > > > char *lsm); > > > > ^ > > > > > > > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > > > > > > Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> > > > > > > > Kindly ping; > > any progress on this one? > > I've already added my Reviewed-by tag, as has Casey, so I think it's > pretty "safe" at this point. The next step is for James to pull this > into the LSM tree. If it is still collecting dust at the end of this > week, ping us again and I can just go ahead and pull it into the > SELinux tree, it's small enough that it shouldn't cause any problems. end-of-the-week-ping > > -- > paul-moore.com
On Fri, May 13, 2022 at 1:16 PM Christian Göttsche <cgzones@googlemail.com> wrote: > On Tue, 3 May 2022 at 22:02, Paul Moore <paul@paul-moore.com> wrote: > > On Mon, May 2, 2022 at 9:38 AM Christian Göttsche > > <cgzones@googlemail.com> wrote: > > > On Thu, 17 Feb 2022 at 23:50, Casey Schaufler <casey@schaufler-ca.com> wrote: > > > > On 2/17/2022 6:18 AM, Christian Göttsche wrote: > > > > > The struct security_hook_list member lsm is assigned in > > > > > security_add_hooks() with string literals passed from the individual > > > > > security modules. Declare the function parameter and the struct member > > > > > const to signal their immutability. > > > > > > > > > > Reported by Clang [-Wwrite-strings]: > > > > > > > > > > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] > > > > > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux); > > > > > ^~~~~~~~~ > > > > > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here > > > > > char *lsm); > > > > > ^ > > > > > > > > > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > > > > > > > > Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> > > > > > > > > > > Kindly ping; > > > any progress on this one? > > > > I've already added my Reviewed-by tag, as has Casey, so I think it's > > pretty "safe" at this point. The next step is for James to pull this > > into the LSM tree. If it is still collecting dust at the end of this > > week, ping us again and I can just go ahead and pull it into the > > SELinux tree, it's small enough that it shouldn't cause any problems. > > end-of-the-week-ping Thanks for the reminder. I haven't seen any other action on this so I've gone ahead and merged this into selinux/next; thanks for your patience and persistence on this Christian!
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 419b5febc3ca..47cdf3fbecef 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1595,7 +1595,7 @@ struct security_hook_list { struct hlist_node list; struct hlist_head *head; union security_list_options hook; - char *lsm; + const char *lsm; } __randomize_layout; /* @@ -1630,7 +1630,7 @@ extern struct security_hook_heads security_hook_heads; extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, - char *lsm); + const char *lsm); #define LSM_FLAG_LEGACY_MAJOR BIT(0) #define LSM_FLAG_EXCLUSIVE BIT(1) diff --git a/security/security.c b/security/security.c index 9663ffcca4b0..a48eb3badfdd 100644 --- a/security/security.c +++ b/security/security.c @@ -478,7 +478,7 @@ static int lsm_append(const char *new, char **result) * Each LSM has to register its hooks with the infrastructure. */ void __init security_add_hooks(struct security_hook_list *hooks, int count, - char *lsm) + const char *lsm) { int i;
The struct security_hook_list member lsm is assigned in security_add_hooks() with string literals passed from the individual security modules. Declare the function parameter and the struct member const to signal their immutability. Reported by Clang [-Wwrite-strings]: security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers] security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux); ^~~~~~~~~ ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here char *lsm); ^ Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- include/linux/lsm_hooks.h | 4 ++-- security/security.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-)