From: Guillaume Nault <gnault@redhat.com>
To: David Miller <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Eric Dumazet <edumazet@google.com>
Cc: netdev@vger.kernel.org, Paul Moore <paul@paul-moore.com>,
Eric Paris <eparis@parisplace.org>,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org,
David Ahern <dsahern@kernel.org>, Dmitry Kozlov <xeb@mail.ru>
Subject: [PATCH net-next 0/4] net: Mark the sk parameter of routing functions as 'const'.
Date: Tue, 11 Jul 2023 15:06:00 +0200 [thread overview]
Message-ID: <cover.1689077819.git.gnault@redhat.com> (raw)
The sk_getsecid security hook prevents the use of a const sk pointer in
several routing functions. Since this hook should only read sk data,
make its sk argument const (patch 1), then constify the sk parameter of
various routing functions (patches 2-4).
Build-tested with make allmodconfig.
Guillaume Nault (4):
security: Constify sk in the sk_getsecid hook.
ipv4: Constify the sk parameter of ip_route_output_*().
ipv6: Constify the sk parameter of several helper functions.
pptp: Constify the po parameter of pptp_route_output().
drivers/net/ppp/pptp.c | 4 ++--
include/linux/icmpv6.h | 10 ++++------
include/linux/lsm_hook_defs.h | 2 +-
include/linux/security.h | 5 +++--
include/net/route.h | 6 +++---
net/ipv6/datagram.c | 7 ++++---
net/ipv6/icmp.c | 6 ++----
net/ipv6/mcast.c | 8 +++-----
security/security.c | 2 +-
security/selinux/hooks.c | 4 ++--
10 files changed, 25 insertions(+), 29 deletions(-)
--
2.39.2
next reply other threads:[~2023-07-11 13:06 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-11 13:06 Guillaume Nault [this message]
2023-07-11 13:06 ` [PATCH net-next 1/4] security: Constify sk in the sk_getsecid hook Guillaume Nault
2023-07-13 9:32 ` Simon Horman
2023-07-17 16:05 ` Paul Moore
2023-07-18 12:31 ` Guillaume Nault
2023-07-14 7:40 ` [PATCH net-next 0/4] net: Mark the sk parameter of routing functions as 'const' patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1689077819.git.gnault@redhat.com \
--to=gnault@redhat.com \
--cc=davem@davemloft.net \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=eparis@parisplace.org \
--cc=kuba@kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=paul@paul-moore.com \
--cc=selinux@vger.kernel.org \
--cc=xeb@mail.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).