security: declare member holding string literal const

cgzones · pcmoore · commit 1af0e4a0233f · 2022-05-13T14:51:06.000-04:00
The struct security_hook_list member lsm is assigned in
security_add_hooks() with string literals passed from the individual
security modules.  Declare the function parameter and the struct member
const to signal their immutability.

Reported by Clang [-Wwrite-strings]:

    security/selinux/hooks.c:7388:63: error: passing 'const char [8]'
      to parameter of type 'char *' discards qualifiers
      [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
            security_add_hooks(selinux_hooks,
                               ARRAY_SIZE(selinux_hooks), selinux);
                                                          ^~~~~~~~~
    ./include/linux/lsm_hooks.h:1629:11: note: passing argument to
      parameter 'lsm' here
                                    char *lsm);
                                          ^

Signed-off-by: Christian Göttsche &lt;cgzones@googlemail.com&gt;
Reviewed-by: Paul Moore &lt;paul@paul-moore.com&gt;
Reviewed-by: Casey Schaufler &lt;casey@schaufler-ca.com&gt;
Signed-off-by: Paul Moore &lt;paul@paul-moore.com&gt;
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
@@ -1595,7 +1595,7 @@ struct security_hook_list {
 	struct hlist_node		list;
 	struct hlist_head		*head;
 	union security_list_options	hook;
-	char				*lsm;
+	const char			*lsm;
 } __randomize_layout;
 
 /*
@@ -1630,7 +1630,7 @@ extern struct security_hook_heads security_hook_heads;
 extern char *lsm_names;
 
 extern void security_add_hooks(struct security_hook_list *hooks, int count,
-				char *lsm);
+				const char *lsm);
 
 #define LSM_FLAG_LEGACY_MAJOR	BIT(0)
 #define LSM_FLAG_EXCLUSIVE	BIT(1)
diff --git a/security/security.c b/security/security.c
@@ -478,7 +478,7 @@ static int lsm_append(const char *new, char **result)
  * Each LSM has to register its hooks with the infrastructure.
  */
 void __init security_add_hooks(struct security_hook_list *hooks, int count,
-				char *lsm)
+				const char *lsm)
 {
 	int i;
 

Original file line number	Diff line number	Diff line change
`@@ -478,7 +478,7 @@ static int lsm_append(const char new, char *result)`
`478`	`478`	`* Each LSM has to register its hooks with the infrastructure.`
`479`	`479`	`*/`
`480`	`480`	`void __init security_add_hooks(struct security_hook_list *hooks, int count,`
`481`		`- char *lsm)`
	`481`	`+ const char *lsm)`
`482`	`482`	`{`
`483`	`483`	`int i;`
`484`	`484`