The struct security_hook_list member lsm is assigned in
security_add_hooks() with string literals passed from the individual
security modules. Declare the function parameter and the struct member
const to signal their immutability.
Reported by Clang [-Wwrite-strings]:
security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux);
^~~~~~~~~
./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here
char *lsm);
^
Signed-off-by: Christian Göttsche <[email protected]>
---
include/linux/lsm_hooks.h | 4 ++--
security/security.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 419b5febc3ca..47cdf3fbecef 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1595,7 +1595,7 @@ struct security_hook_list {
struct hlist_node list;
struct hlist_head *head;
union security_list_options hook;
- char *lsm;
+ const char *lsm;
} __randomize_layout;
/*
@@ -1630,7 +1630,7 @@ extern struct security_hook_heads security_hook_heads;
extern char *lsm_names;
extern void security_add_hooks(struct security_hook_list *hooks, int count,
- char *lsm);
+ const char *lsm);
#define LSM_FLAG_LEGACY_MAJOR BIT(0)
#define LSM_FLAG_EXCLUSIVE BIT(1)
diff --git a/security/security.c b/security/security.c
index 9663ffcca4b0..a48eb3badfdd 100644
--- a/security/security.c
+++ b/security/security.c
@@ -478,7 +478,7 @@ static int lsm_append(const char *new, char **result)
* Each LSM has to register its hooks with the infrastructure.
*/
void __init security_add_hooks(struct security_hook_list *hooks, int count,
- char *lsm)
+ const char *lsm)
{
int i;
--
2.35.1
On 2/17/2022 6:18 AM, Christian Göttsche wrote:
> The struct security_hook_list member lsm is assigned in
> security_add_hooks() with string literals passed from the individual
> security modules. Declare the function parameter and the struct member
> const to signal their immutability.
>
> Reported by Clang [-Wwrite-strings]:
>
> security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
> security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux);
> ^~~~~~~~~
> ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here
> char *lsm);
> ^
>
> Signed-off-by: Christian Göttsche <[email protected]>
Reviewed-by: Casey Schaufler <[email protected]>
> ---
> include/linux/lsm_hooks.h | 4 ++--
> security/security.c | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> index 419b5febc3ca..47cdf3fbecef 100644
> --- a/include/linux/lsm_hooks.h
> +++ b/include/linux/lsm_hooks.h
> @@ -1595,7 +1595,7 @@ struct security_hook_list {
> struct hlist_node list;
> struct hlist_head *head;
> union security_list_options hook;
> - char *lsm;
> + const char *lsm;
> } __randomize_layout;
>
> /*
> @@ -1630,7 +1630,7 @@ extern struct security_hook_heads security_hook_heads;
> extern char *lsm_names;
>
> extern void security_add_hooks(struct security_hook_list *hooks, int count,
> - char *lsm);
> + const char *lsm);
>
> #define LSM_FLAG_LEGACY_MAJOR BIT(0)
> #define LSM_FLAG_EXCLUSIVE BIT(1)
> diff --git a/security/security.c b/security/security.c
> index 9663ffcca4b0..a48eb3badfdd 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -478,7 +478,7 @@ static int lsm_append(const char *new, char **result)
> * Each LSM has to register its hooks with the infrastructure.
> */
> void __init security_add_hooks(struct security_hook_list *hooks, int count,
> - char *lsm)
> + const char *lsm)
> {
> int i;
>
On Thu, 17 Feb 2022 at 23:50, Casey Schaufler <[email protected]> wrote:
>
> On 2/17/2022 6:18 AM, Christian Göttsche wrote:
> > The struct security_hook_list member lsm is assigned in
> > security_add_hooks() with string literals passed from the individual
> > security modules. Declare the function parameter and the struct member
> > const to signal their immutability.
> >
> > Reported by Clang [-Wwrite-strings]:
> >
> > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
> > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux);
> > ^~~~~~~~~
> > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here
> > char *lsm);
> > ^
> >
> > Signed-off-by: Christian Göttsche <[email protected]>
>
> Reviewed-by: Casey Schaufler <[email protected]>
>
Kindly ping;
any progress on this one?
> > ---
> > include/linux/lsm_hooks.h | 4 ++--
> > security/security.c | 2 +-
> > 2 files changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> > index 419b5febc3ca..47cdf3fbecef 100644
> > --- a/include/linux/lsm_hooks.h
> > +++ b/include/linux/lsm_hooks.h
> > @@ -1595,7 +1595,7 @@ struct security_hook_list {
> > struct hlist_node list;
> > struct hlist_head *head;
> > union security_list_options hook;
> > - char *lsm;
> > + const char *lsm;
> > } __randomize_layout;
> >
> > /*
> > @@ -1630,7 +1630,7 @@ extern struct security_hook_heads security_hook_heads;
> > extern char *lsm_names;
> >
> > extern void security_add_hooks(struct security_hook_list *hooks, int count,
> > - char *lsm);
> > + const char *lsm);
> >
> > #define LSM_FLAG_LEGACY_MAJOR BIT(0)
> > #define LSM_FLAG_EXCLUSIVE BIT(1)
> > diff --git a/security/security.c b/security/security.c
> > index 9663ffcca4b0..a48eb3badfdd 100644
> > --- a/security/security.c
> > +++ b/security/security.c
> > @@ -478,7 +478,7 @@ static int lsm_append(const char *new, char **result)
> > * Each LSM has to register its hooks with the infrastructure.
> > */
> > void __init security_add_hooks(struct security_hook_list *hooks, int count,
> > - char *lsm)
> > + const char *lsm)
> > {
> > int i;
> >
On Mon, May 2, 2022 at 9:38 AM Christian Göttsche
<[email protected]> wrote:
> On Thu, 17 Feb 2022 at 23:50, Casey Schaufler <[email protected]> wrote:
> > On 2/17/2022 6:18 AM, Christian Göttsche wrote:
> > > The struct security_hook_list member lsm is assigned in
> > > security_add_hooks() with string literals passed from the individual
> > > security modules. Declare the function parameter and the struct member
> > > const to signal their immutability.
> > >
> > > Reported by Clang [-Wwrite-strings]:
> > >
> > > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
> > > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux);
> > > ^~~~~~~~~
> > > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here
> > > char *lsm);
> > > ^
> > >
> > > Signed-off-by: Christian Göttsche <[email protected]>
> >
> > Reviewed-by: Casey Schaufler <[email protected]>
> >
>
> Kindly ping;
> any progress on this one?
I've already added my Reviewed-by tag, as has Casey, so I think it's
pretty "safe" at this point. The next step is for James to pull this
into the LSM tree. If it is still collecting dust at the end of this
week, ping us again and I can just go ahead and pull it into the
SELinux tree, it's small enough that it shouldn't cause any problems.
--
paul-moore.com
On Tue, 3 May 2022 at 22:02, Paul Moore <[email protected]> wrote:
>
> On Mon, May 2, 2022 at 9:38 AM Christian Göttsche
> <[email protected]> wrote:
> > On Thu, 17 Feb 2022 at 23:50, Casey Schaufler <[email protected]> wrote:
> > > On 2/17/2022 6:18 AM, Christian Göttsche wrote:
> > > > The struct security_hook_list member lsm is assigned in
> > > > security_add_hooks() with string literals passed from the individual
> > > > security modules. Declare the function parameter and the struct member
> > > > const to signal their immutability.
> > > >
> > > > Reported by Clang [-Wwrite-strings]:
> > > >
> > > > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
> > > > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux);
> > > > ^~~~~~~~~
> > > > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here
> > > > char *lsm);
> > > > ^
> > > >
> > > > Signed-off-by: Christian Göttsche <[email protected]>
> > >
> > > Reviewed-by: Casey Schaufler <[email protected]>
> > >
> >
> > Kindly ping;
> > any progress on this one?
>
> I've already added my Reviewed-by tag, as has Casey, so I think it's
> pretty "safe" at this point. The next step is for James to pull this
> into the LSM tree. If it is still collecting dust at the end of this
> week, ping us again and I can just go ahead and pull it into the
> SELinux tree, it's small enough that it shouldn't cause any problems.
end-of-the-week-ping
>
> --
> paul-moore.com
On Fri, May 13, 2022 at 1:16 PM Christian Göttsche
<[email protected]> wrote:
> On Tue, 3 May 2022 at 22:02, Paul Moore <[email protected]> wrote:
> > On Mon, May 2, 2022 at 9:38 AM Christian Göttsche
> > <[email protected]> wrote:
> > > On Thu, 17 Feb 2022 at 23:50, Casey Schaufler <[email protected]> wrote:
> > > > On 2/17/2022 6:18 AM, Christian Göttsche wrote:
> > > > > The struct security_hook_list member lsm is assigned in
> > > > > security_add_hooks() with string literals passed from the individual
> > > > > security modules. Declare the function parameter and the struct member
> > > > > const to signal their immutability.
> > > > >
> > > > > Reported by Clang [-Wwrite-strings]:
> > > > >
> > > > > security/selinux/hooks.c:7388:63: error: passing 'const char [8]' to parameter of type 'char *' discards qualifiers [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
> > > > > security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks), selinux);
> > > > > ^~~~~~~~~
> > > > > ./include/linux/lsm_hooks.h:1629:11: note: passing argument to parameter 'lsm' here
> > > > > char *lsm);
> > > > > ^
> > > > >
> > > > > Signed-off-by: Christian Göttsche <[email protected]>
> > > >
> > > > Reviewed-by: Casey Schaufler <[email protected]>
> > > >
> > >
> > > Kindly ping;
> > > any progress on this one?
> >
> > I've already added my Reviewed-by tag, as has Casey, so I think it's
> > pretty "safe" at this point. The next step is for James to pull this
> > into the LSM tree. If it is still collecting dust at the end of this
> > week, ping us again and I can just go ahead and pull it into the
> > SELinux tree, it's small enough that it shouldn't cause any problems.
>
> end-of-the-week-ping
Thanks for the reminder. I haven't seen any other action on this so
I've gone ahead and merged this into selinux/next; thanks for your
patience and persistence on this Christian!
--
paul-moore.com