All of lore.kernel.org
 help / color / mirror / Atom feed
From: Paul Moore <pmoore@redhat.com>
To: linux-audit@redhat.com
Cc: linux-security-module@vger.kernel.org
Subject: [PATCH] audit: constify parts of common_audit_data and lsm_network_audit
Date: Mon, 05 Oct 2015 09:17:04 -0400	[thread overview]
Message-ID: <20151005131704.927.44314.stgit@localhost> (raw)

For the most part audit should never munge with any of the data in
these LSM common structs so constify as much as we can; this patch
handles some easy fields that don't require any real code changes.

Signed-off-by: Paul Moore <pmoore@redhat.com>
---
 include/linux/lsm_audit.h |    8 ++++----
 security/lsm_audit.c      |    4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h
index 1cc89e9..6c4c7ac 100644
--- a/include/linux/lsm_audit.h
+++ b/include/linux/lsm_audit.h
@@ -24,7 +24,7 @@
 
 struct lsm_network_audit {
 	int netif;
-	struct sock *sk;
+	const struct sock *sk;
 	u16 family;
 	__be16 dport;
 	__be16 sport;
@@ -55,7 +55,7 @@ struct common_audit_data {
 #define LSM_AUDIT_DATA_DENTRY	10
 	union 	{
 		struct path path;
-		struct dentry *dentry;
+		const struct dentry *dentry;
 		struct inode *inode;
 		struct lsm_network_audit *net;
 		int cap;
@@ -64,10 +64,10 @@ struct common_audit_data {
 #ifdef CONFIG_KEYS
 		struct {
 			key_serial_t key;
-			char *key_desc;
+			const char *key_desc;
 		} key_struct;
 #endif
-		char *kmod_name;
+		const char *kmod_name;
 	} u;
 	/* this union contains LSM specific data */
 	union {
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 07fc997..bd61075 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -185,7 +185,7 @@ int ipv6_skb_to_auditdata(struct sk_buff *skb,
 
 
 static inline void print_ipv6_addr(struct audit_buffer *ab,
-				   struct in6_addr *addr, __be16 port,
+				   const struct in6_addr *addr, __be16 port,
 				   char *name1, char *name2)
 {
 	if (!ipv6_addr_any(addr))
@@ -288,7 +288,7 @@ static void dump_common_audit_data(struct audit_buffer *ab,
 		break;
 	case LSM_AUDIT_DATA_NET:
 		if (a->u.net->sk) {
-			struct sock *sk = a->u.net->sk;
+			const struct sock *sk = a->u.net->sk;
 			struct unix_sock *u;
 			int len = 0;
 			char *p = NULL;

                 reply	other threads:[~2015-10-05 13:17 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151005131704.927.44314.stgit@localhost \
    --to=pmoore@redhat.com \
    --cc=linux-audit@redhat.com \
    --cc=linux-security-module@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.