Skip to content

Commit 47a1a15

Browse files
cgzonespcmoore
cgzones
authored and
pcmoore
committed
selinux: constify network address pointer
The network address, either an IPv4 or IPv6 one, is not modified. Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
1 parent 0af2f6b commit 47a1a15

4 files changed

Lines changed: 8 additions & 8 deletions

File tree

security/selinux/include/netnode.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,6 @@
2121

2222
void sel_netnode_flush(void);
2323

24-
int sel_netnode_sid(void *addr, u16 family, u32 *sid);
24+
int sel_netnode_sid(const void *addr, u16 family, u32 *sid);
2525

2626
#endif

security/selinux/include/security.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -309,7 +309,7 @@ int security_ib_endport_sid(const char *dev_name, u8 port_num, u32 *out_sid);
309309

310310
int security_netif_sid(const char *name, u32 *if_sid);
311311

312-
int security_node_sid(u16 domain, void *addr, u32 addrlen, u32 *out_sid);
312+
int security_node_sid(u16 domain, const void *addr, u32 addrlen, u32 *out_sid);
313313

314314
int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
315315
u16 tclass);

security/selinux/netnode.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -187,7 +187,7 @@ static void sel_netnode_insert(struct sel_netnode *node)
187187
* failure.
188188
*
189189
*/
190-
static int sel_netnode_sid_slow(void *addr, u16 family, u32 *sid)
190+
static int sel_netnode_sid_slow(const void *addr, u16 family, u32 *sid)
191191
{
192192
int ret;
193193
struct sel_netnode *node;
@@ -207,13 +207,13 @@ static int sel_netnode_sid_slow(void *addr, u16 family, u32 *sid)
207207
ret = security_node_sid(PF_INET,
208208
addr, sizeof(struct in_addr), sid);
209209
if (new)
210-
new->nsec.addr.ipv4 = *(__be32 *)addr;
210+
new->nsec.addr.ipv4 = *(const __be32 *)addr;
211211
break;
212212
case PF_INET6:
213213
ret = security_node_sid(PF_INET6,
214214
addr, sizeof(struct in6_addr), sid);
215215
if (new)
216-
new->nsec.addr.ipv6 = *(struct in6_addr *)addr;
216+
new->nsec.addr.ipv6 = *(const struct in6_addr *)addr;
217217
break;
218218
default:
219219
BUG();
@@ -247,7 +247,7 @@ static int sel_netnode_sid_slow(void *addr, u16 family, u32 *sid)
247247
* on failure.
248248
*
249249
*/
250-
int sel_netnode_sid(void *addr, u16 family, u32 *sid)
250+
int sel_netnode_sid(const void *addr, u16 family, u32 *sid)
251251
{
252252
struct sel_netnode *node;
253253

security/selinux/ss/services.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2643,7 +2643,7 @@ static bool match_ipv6_addrmask(const u32 input[4], const u32 addr[4], const u32
26432643
* @out_sid: security identifier
26442644
*/
26452645
int security_node_sid(u16 domain,
2646-
void *addrp,
2646+
const void *addrp,
26472647
u32 addrlen,
26482648
u32 *out_sid)
26492649
{
@@ -2672,7 +2672,7 @@ int security_node_sid(u16 domain,
26722672
if (addrlen != sizeof(u32))
26732673
goto out;
26742674

2675-
addr = *((u32 *)addrp);
2675+
addr = *((const u32 *)addrp);
26762676

26772677
c = policydb->ocontexts[OCON_NODE];
26782678
while (c) {

0 commit comments

Comments
 (0)