Commit 47a1a156 authored by Christian Göttsche's avatar Christian Göttsche Committed by Paul Moore
Browse files

selinux: constify network address pointer 



The network address, either an IPv4 or IPv6 one, is not modified.

Signed-off-by: default avatarChristian Göttsche <cgzones@googlemail.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 0af2f6be

security/selinux/include/netnode.h

+1 −1
Original line number Diff line number Diff line
@@ -21,6 +21,6 @@ 


void sel_netnode_flush(void);



int sel_netnode_sid(void *addr, u16 family, u32 *sid);

int sel_netnode_sid(const void *addr, u16 family, u32 *sid);



#endif

security/selinux/include/security.h

+1 −1
Original line number Diff line number Diff line
@@ -309,7 +309,7 @@ int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid); 


int security_netif_sid(const char *name, u32 *if_sid);



int security_node_sid(u16 domain, void *addr, u32 addrlen, u32 *out_sid);

int security_node_sid(u16 domain, const void *addr, u32 addrlen, u32 *out_sid);



int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,

				 u16 tclass);

security/selinux/netnode.c

+4 −4
Original line number Diff line number Diff line
@@ -187,7 +187,7 @@ static void sel_netnode_insert(struct sel_netnode *node) 
 * failure.

 *

 */

static int sel_netnode_sid_slow(void *addr, u16 family, u32 *sid)

static int sel_netnode_sid_slow(const void *addr, u16 family, u32 *sid)

{

	int ret;

	struct sel_netnode *node;
@@ -207,13 +207,13 @@ static int sel_netnode_sid_slow(void *addr, u16 family, u32 *sid) 
		ret = security_node_sid(PF_INET,

					addr, sizeof(struct in_addr), sid);

		if (new)

			new->nsec.addr.ipv4 = *(__be32 *)addr;

			new->nsec.addr.ipv4 = *(const __be32 *)addr;

		break;

	case PF_INET6:

		ret = security_node_sid(PF_INET6,

					addr, sizeof(struct in6_addr), sid);

		if (new)

			new->nsec.addr.ipv6 = *(struct in6_addr *)addr;

			new->nsec.addr.ipv6 = *(const struct in6_addr *)addr;

		break;

	default:

		BUG();
@@ -247,7 +247,7 @@ static int sel_netnode_sid_slow(void *addr, u16 family, u32 *sid) 
 * on failure.

 *

 */

int sel_netnode_sid(void *addr, u16 family, u32 *sid)

int sel_netnode_sid(const void *addr, u16 family, u32 *sid)

{

	struct sel_netnode *node;

security/selinux/ss/services.c

+2 −2
Original line number Diff line number Diff line
@@ -2643,7 +2643,7 @@ static bool match_ipv6_addrmask(const u32 input[4], const u32 addr[4], const u32 
 * @out_sid: security identifier

 */

int security_node_sid(u16 domain,

		      void *addrp,

		      const void *addrp,

		      u32 addrlen,

		      u32 *out_sid)

{
@@ -2672,7 +2672,7 @@ int security_node_sid(u16 domain, 
		if (addrlen != sizeof(u32))

			goto out;



		addr = *((u32 *)addrp);

		addr = *((const u32 *)addrp);



		c = policydb->ocontexts[OCON_NODE];

		while (c) {