Received: by 2002:a05:6a10:7420:0:0:0:0 with SMTP id hk32csp1534292pxb; Fri, 18 Feb 2022 09:41:38 -0800 (PST) X-Google-Smtp-Source: ABdhPJy6vvC4yEPRrwu1qt4Z7yQouAILFoF8KveTMvMxZHTXJB3UPYz1kAm70bqeG1t4sK/UDeHF X-Received: by 2002:a50:d088:0:b0:410:d12b:84e1 with SMTP id v8-20020a50d088000000b00410d12b84e1mr9526015edd.106.1645206097947; Fri, 18 Feb 2022 09:41:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645206097; cv=none; d=google.com; s=arc-20160816; b=euimJpHFV79LGB4/TZUwNJZ8F1rT2JqOYTQvwZZGp67NT16JGCpxEIjW6PGk2/0U6e EvMNSzgNuJmZFDI8j0ZZrq8I6gBGxt7VpkTkTiqdwj8sGa4FZxLcphQV3yY0SKlGzbzC b4k8olO9S/Prn47QWcGA8ELVNAfd7PaiCO0LYzB0dB6x7grL/hWPEuFVrFixiHW86qU7 8WRXE8u1NHN2rWInOIzKAkgBs+chpifs8Z7WAs6DyhdXYXu1yyuGJbuQqRN1RfR3Q5IM KlIZSpn8ozaPOxmWtbo9GHuduOon5fZ3I/HDlwl+2fr6ScXTumiQhBd+oq9WihfNimeg bY3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=/gwC4bHRIUcSmFZT9uFBPhpMuizFhmgAEkJI/24KZZA=; b=cX4W6ROEx5m+VkhONM2BysSfdKJRwIUC84GC4hVBbK3eFai7vFRWVQp2LmQDLEPr5k QRj7EVtlTr3uc+qarDNkfD1DRyvLxEKJAJJg2+Ruqz7rdSIPlygXm8ONaDT3k3XkVOSy I0jO72pMAdzyIfhvNjngY1lV09YLBSvewkhMshOrohmskzF5YEy/ZVpxRPKa1MKp82Ay FldWZyk+8hAawdoPlxYa0ivinunyf3hrJIN5zRGaPFr4EaG+UUZRG01lZmEDTwgWfXC4 AqOzbwaKGOtCsfoS9UyK7JBfN3nY/skCeQfEPSpf+IBaQtwOkY2XLYIb971heGouKzrC +70Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=SpNNtNFH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s12si3962134ejq.620.2022.02.18.09.41.15; Fri, 18 Feb 2022 09:41:37 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20210112.gappssmtp.com header.s=20210112 header.b=SpNNtNFH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234735AbiBRQOA (ORCPT + 99 others); Fri, 18 Feb 2022 11:14:00 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:58144 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231910AbiBRQN5 (ORCPT ); Fri, 18 Feb 2022 11:13:57 -0500 Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [IPv6:2a00:1450:4864:20::62b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2AFAC13AA1D for ; Fri, 18 Feb 2022 08:13:40 -0800 (PST) Received: by mail-ej1-x62b.google.com with SMTP id p14so16092075ejf.11 for ; Fri, 18 Feb 2022 08:13:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=/gwC4bHRIUcSmFZT9uFBPhpMuizFhmgAEkJI/24KZZA=; b=SpNNtNFHQA2/1GYEtVOybDgFDXU1mx66Kr19Or0dQymEGAZ0wnqq5mjyUFd8w7EUPl /gYWk/B6lqXCJqEG80bZYsW82GEccd3Ktr91AmA2V3eJhfqVerMf2Hmx/vLOlNg9sQxh sR8yqNV9fp++DcQlT8pIebpwYENUpToWZUjrLM2H2meQqLFdwt7cF6aW43n+n9flXoWn NBHNSIpaY/cHB+kjs5ExznkuFDcXuwbQtOuPd3WuxCCeHcg6cs38Jp3FPLeycSHNI8xI gUNOGibfvVSA7xvyTLG0388qHZcrGVTg9sZJ1/9MTyChKE4Tyz6swWaa3/GKiti41cIV uiHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=/gwC4bHRIUcSmFZT9uFBPhpMuizFhmgAEkJI/24KZZA=; b=mff124y02HYB3/qW0mCLHb43zISCwMLmKs6dBC5LhkANO0GWnZO/v+CgWEVs4XGvll Fy2KlI+szl/WhVAPa/bqwdORO7Gl34pdxwpezEuMY75xAcS0OCYmkND585p+Mr2ApRv9 HsIOP+KQgjfZdCp1mRy+G33iwYg7kOAwGxwCTH5DcaqzKS+5ENwM03qe0o9ysaaygQqK EgGBT6N8RuJ4uGCKmUhYJCCxrNUv9cm8fbdv/D7QHLmEe1H/f8f7oniI4dMVMO0stS7K 42o4PqQrilRLyy/vYe2qZKjLUtIQMCKmKxIa+s9OgMPVVZ7w+ZDZXYqhpEXTxXSZu4hm LxRw== X-Gm-Message-State: AOAM530zmUR+/KnH5GqAH3CZJZB0Wke6suMm2UBtpHNIk7YEfxzrztaX UCMqhDPKirnDHv7S3KHdXcXoBqq5Xi6xBLyrL0wP X-Received: by 2002:a17:906:3901:b0:6b2:9fc6:9b2 with SMTP id f1-20020a170906390100b006b29fc609b2mr6836636eje.327.1645200818564; Fri, 18 Feb 2022 08:13:38 -0800 (PST) MIME-Version: 1.0 References: <20220217142133.72205-1-cgzones@googlemail.com> <20220217142133.72205-3-cgzones@googlemail.com> In-Reply-To: <20220217142133.72205-3-cgzones@googlemail.com> From: Paul Moore Date: Fri, 18 Feb 2022 11:13:26 -0500 Message-ID: Subject: Re: [PATCH 4/5] selinux: declare data arrays const To: =?UTF-8?Q?Christian_G=C3=B6ttsche?= Cc: selinux@vger.kernel.org, Stephen Smalley , Eric Paris , Nathan Chancellor , Nick Desaulniers , Ondrej Mosnacek , Jeremy Kerr , "David S. Miller" , Lakshmi Ramasubramanian , Yang Li , Austin Kim , linux-kernel@vger.kernel.org, llvm@lists.linux.dev Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 17, 2022 at 9:21 AM Christian G=C3=B6ttsche wrote: > > The arrays for the policy capability names, the initial sid identifiers > and the class and permission names are not changed at runtime. Declare > them const to avoid accidental modification. > > The build time script genheaders needs to be exempted, since it converts > the entries to uppercase. > > Signed-off-by: Christian G=C3=B6ttsche > --- > scripts/selinux/genheaders/genheaders.c | 2 ++ > scripts/selinux/mdp/mdp.c | 4 ++-- > security/selinux/avc.c | 2 +- > security/selinux/include/avc_ss.h | 2 +- > security/selinux/include/classmap.h | 8 +++++++- > security/selinux/include/initial_sid_to_string.h | 9 ++++++++- > security/selinux/include/policycap.h | 2 +- > security/selinux/include/policycap_names.h | 2 +- > security/selinux/ss/services.c | 4 ++-- > 9 files changed, 25 insertions(+), 10 deletions(-) ... > diff --git a/scripts/selinux/genheaders/genheaders.c b/scripts/selinux/ge= nheaders/genheaders.c > index f355b3e0e968..5f7c0b7d9260 100644 > --- a/scripts/selinux/genheaders/genheaders.c > +++ b/scripts/selinux/genheaders/genheaders.c > @@ -15,6 +15,8 @@ struct security_class_mapping { > const char *perms[sizeof(unsigned) * 8 + 1]; > }; > > +/* Allow to convert entries in mappings to uppercase */ > +#define __SELINUX_GENHEADERS__ > #include "classmap.h" > #include "initial_sid_to_string.h" ... > diff --git a/security/selinux/include/classmap.h b/security/selinux/inclu= de/classmap.h > index 35aac62a662e..07ade4af85ff 100644 > --- a/security/selinux/include/classmap.h > +++ b/security/selinux/include/classmap.h > @@ -2,6 +2,12 @@ > #include > #include > > +#ifdef __SELINUX_GENHEADERS__ > +# define const_qual > +#else > +# define const_qual const > +#endif > + > #define COMMON_FILE_SOCK_PERMS "ioctl", "read", "write", "create", \ > "getattr", "setattr", "lock", "relabelfrom", "relabelto", "append", = "map" > > @@ -38,7 +44,7 @@ > * Note: The name for any socket class should be suffixed by "socket", > * and doesn't contain more than one substr of "socket". > */ > -struct security_class_mapping secclass_map[] =3D { > +const_qual struct security_class_mapping secclass_map[] =3D { > { "security", > { "compute_av", "compute_create", "compute_member", > "check_context", "load_policy", "compute_relabel", ... > diff --git a/security/selinux/include/initial_sid_to_string.h b/security/= selinux/include/initial_sid_to_string.h > index 5d332aeb8b6c..915283cd89bd 100644 > --- a/security/selinux/include/initial_sid_to_string.h > +++ b/security/selinux/include/initial_sid_to_string.h > @@ -1,5 +1,12 @@ > /* SPDX-License-Identifier: GPL-2.0 */ > -static const char *initial_sid_to_string[] =3D > + > +#ifdef __SELINUX_GENHEADERS__ > +# define const_qual > +#else > +# define const_qual const > +#endif > + > +static const char *const_qual initial_sid_to_string[] =3D > { > NULL, > "kernel", Thanks for this Christian. I generally like when we can const'ify things like this, but I'm not excited about the const_qual hack on core SELinux kernel code to satisfy genheaders.c. I understand why it is needed, but I would rather clutter the genheaders.c code than the core SELinux kernel code. If we can't cast away the const'ification in genheaders.c could we simply allocate duplicate arrays in genheaders.c and store the transformed strings into the new arrays? --=20 paul-moore.com