CRED: Constify the kernel_cap_t arguments to the capset LSM hooks

Constify the kernel_cap_t arguments to the capset LSM hooks. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: James Morris <jmorris@namei.org>
author: David Howells <dhowells@redhat.com> 2008-11-13 18:39:15 -0500
committer: James Morris <jmorris@namei.org> 2008-11-13 18:39:15 -0500
commit: 15a2460ed0af7538ca8e6c610fe607a2cd9da142 (patch)
tree: 3611bc03e9c30fe0d11454f6966e6b0ca7f1dbd0 /include
parent: 1cdcbec1a3372c0c49c59d292e708fd07b509f18 (diff)
1 files changed, 24 insertions, 20 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index d1ce8beddbd7..9f305d4a31a7 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -53,8 +53,12 @@ extern int cap_settime(struct timespec *ts, struct timezone *tz);
 extern int cap_ptrace_may_access(struct task_struct *child, unsigned int mode);
 extern int cap_ptrace_traceme(struct task_struct *parent);
 extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
-extern int cap_capset_check(kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
+extern int cap_capset_check(const kernel_cap_t *effective,
-extern void cap_capset_set(kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
+                            const kernel_cap_t *inheritable,
+                            const kernel_cap_t *permitted);
+extern void cap_capset_set(const kernel_cap_t *effective,
+                           const kernel_cap_t *inheritable,
+                           const kernel_cap_t *permitted);
 extern int cap_bprm_set_security(struct linux_binprm *bprm);
 extern void cap_bprm_apply_creds(struct linux_binprm *bprm, int unsafe);
 extern int cap_bprm_secureexec(struct linux_binprm *bprm);
@@ -1293,12 +1297,12 @@ struct security_operations {
        int (*capget) (struct task_struct *target,
                       kernel_cap_t *effective,
                       kernel_cap_t *inheritable, kernel_cap_t *permitted);
-        int (*capset_check) (kernel_cap_t *effective,
+        int (*capset_check) (const kernel_cap_t *effective,
-                             kernel_cap_t *inheritable,
+                             const kernel_cap_t *inheritable,
-                             kernel_cap_t *permitted);
+                             const kernel_cap_t *permitted);
-        void (*capset_set) (kernel_cap_t *effective,
+        void (*capset_set) (const kernel_cap_t *effective,
-                            kernel_cap_t *inheritable,
+                            const kernel_cap_t *inheritable,
-                            kernel_cap_t *permitted);
+                            const kernel_cap_t *permitted);
        int (*capable) (struct task_struct *tsk, int cap, int audit);
        int (*acct) (struct file *file);
        int (*sysctl) (struct ctl_table *table, int op);
@@ -1560,12 +1564,12 @@ int security_capget(struct task_struct *target,
                    kernel_cap_t *effective,
                    kernel_cap_t *inheritable,
                    kernel_cap_t *permitted);
-int security_capset_check(kernel_cap_t *effective,
+int security_capset_check(const kernel_cap_t *effective,
-                          kernel_cap_t *inheritable,
+                          const kernel_cap_t *inheritable,
-                          kernel_cap_t *permitted);
+                          const kernel_cap_t *permitted);
-void security_capset_set(kernel_cap_t *effective,
+void security_capset_set(const kernel_cap_t *effective,
-                         kernel_cap_t *inheritable,
+                         const kernel_cap_t *inheritable,
-                         kernel_cap_t *permitted);
+                         const kernel_cap_t *permitted);
 int security_capable(struct task_struct *tsk, int cap);
 int security_capable_noaudit(struct task_struct *tsk, int cap);
 int security_acct(struct file *file);
@@ -1755,16 +1759,16 @@ static inline int security_capget(struct task_struct *target,
        return cap_capget(target, effective, inheritable, permitted);
 }
-static inline int security_capset_check(kernel_cap_t *effective,
+static inline int security_capset_check(const kernel_cap_t *effective,
-                                        kernel_cap_t *inheritable,
+                                        const kernel_cap_t *inheritable,
-                                        kernel_cap_t *permitted)
+                                        const kernel_cap_t *permitted)
 {
        return cap_capset_check(effective, inheritable, permitted);
 }
-static inline void security_capset_set(kernel_cap_t *effective,
+static inline void security_capset_set(const kernel_cap_t *effective,
-                                       kernel_cap_t *inheritable,
+                                       const kernel_cap_t *inheritable,
-                                       kernel_cap_t *permitted)
+                                       const kernel_cap_t *permitted)
 {
        cap_capset_set(effective, inheritable, permitted);
 }
author	David Howells <dhowells@redhat.com>	2008-11-13 18:39:15 -0500
committer	James Morris <jmorris@namei.org>	2008-11-13 18:39:15 -0500
commit	15a2460ed0af7538ca8e6c610fe607a2cd9da142 (patch)
tree	3611bc03e9c30fe0d11454f6966e6b0ca7f1dbd0 /include
parent	1cdcbec1a3372c0c49c59d292e708fd07b509f18 (diff)