aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/hooks.c14
-rw-r--r--security/selinux/include/security.h2
-rw-r--r--security/selinux/ss/services.c4
3 files changed, 11 insertions, 9 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 04acb5af8317..047365ac9faa 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2619,7 +2619,7 @@ static int selinux_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
2619 return dentry_has_perm(current, mnt, dentry, FILE__GETATTR); 2619 return dentry_has_perm(current, mnt, dentry, FILE__GETATTR);
2620} 2620}
2621 2621
2622static int selinux_inode_setotherxattr(struct dentry *dentry, char *name) 2622static int selinux_inode_setotherxattr(struct dentry *dentry, const char *name)
2623{ 2623{
2624 if (!strncmp(name, XATTR_SECURITY_PREFIX, 2624 if (!strncmp(name, XATTR_SECURITY_PREFIX,
2625 sizeof XATTR_SECURITY_PREFIX - 1)) { 2625 sizeof XATTR_SECURITY_PREFIX - 1)) {
@@ -2638,7 +2638,8 @@ static int selinux_inode_setotherxattr(struct dentry *dentry, char *name)
2638 return dentry_has_perm(current, NULL, dentry, FILE__SETATTR); 2638 return dentry_has_perm(current, NULL, dentry, FILE__SETATTR);
2639} 2639}
2640 2640
2641static int selinux_inode_setxattr(struct dentry *dentry, char *name, void *value, size_t size, int flags) 2641static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
2642 const void *value, size_t size, int flags)
2642{ 2643{
2643 struct task_security_struct *tsec = current->security; 2644 struct task_security_struct *tsec = current->security;
2644 struct inode *inode = dentry->d_inode; 2645 struct inode *inode = dentry->d_inode;
@@ -2687,8 +2688,9 @@ static int selinux_inode_setxattr(struct dentry *dentry, char *name, void *value
2687 &ad); 2688 &ad);
2688} 2689}
2689 2690
2690static void selinux_inode_post_setxattr(struct dentry *dentry, char *name, 2691static void selinux_inode_post_setxattr(struct dentry *dentry, const char *name,
2691 void *value, size_t size, int flags) 2692 const void *value, size_t size,
2693 int flags)
2692{ 2694{
2693 struct inode *inode = dentry->d_inode; 2695 struct inode *inode = dentry->d_inode;
2694 struct inode_security_struct *isec = inode->i_security; 2696 struct inode_security_struct *isec = inode->i_security;
@@ -2711,7 +2713,7 @@ static void selinux_inode_post_setxattr(struct dentry *dentry, char *name,
2711 return; 2713 return;
2712} 2714}
2713 2715
2714static int selinux_inode_getxattr(struct dentry *dentry, char *name) 2716static int selinux_inode_getxattr(struct dentry *dentry, const char *name)
2715{ 2717{
2716 return dentry_has_perm(current, NULL, dentry, FILE__GETATTR); 2718 return dentry_has_perm(current, NULL, dentry, FILE__GETATTR);
2717} 2719}
@@ -2721,7 +2723,7 @@ static int selinux_inode_listxattr(struct dentry *dentry)
2721 return dentry_has_perm(current, NULL, dentry, FILE__GETATTR); 2723 return dentry_has_perm(current, NULL, dentry, FILE__GETATTR);
2722} 2724}
2723 2725
2724static int selinux_inode_removexattr(struct dentry *dentry, char *name) 2726static int selinux_inode_removexattr(struct dentry *dentry, const char *name)
2725{ 2727{
2726 if (strcmp(name, XATTR_NAME_SELINUX)) 2728 if (strcmp(name, XATTR_NAME_SELINUX))
2727 return selinux_inode_setotherxattr(dentry, name); 2729 return selinux_inode_setotherxattr(dentry, name);
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index 6445b6440648..cdb14add27d2 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -93,7 +93,7 @@ int security_change_sid(u32 ssid, u32 tsid,
93int security_sid_to_context(u32 sid, char **scontext, 93int security_sid_to_context(u32 sid, char **scontext,
94 u32 *scontext_len); 94 u32 *scontext_len);
95 95
96int security_context_to_sid(char *scontext, u32 scontext_len, 96int security_context_to_sid(const char *scontext, u32 scontext_len,
97 u32 *out_sid); 97 u32 *out_sid);
98 98
99int security_context_to_sid_default(char *scontext, u32 scontext_len, 99int security_context_to_sid_default(char *scontext, u32 scontext_len,
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 2daaddbb301d..25cac5a2aa8e 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -708,7 +708,7 @@ out:
708 708
709} 709}
710 710
711static int security_context_to_sid_core(char *scontext, u32 scontext_len, 711static int security_context_to_sid_core(const char *scontext, u32 scontext_len,
712 u32 *sid, u32 def_sid, gfp_t gfp_flags) 712 u32 *sid, u32 def_sid, gfp_t gfp_flags)
713{ 713{
714 char *scontext2; 714 char *scontext2;
@@ -835,7 +835,7 @@ out:
835 * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient 835 * Returns -%EINVAL if the context is invalid, -%ENOMEM if insufficient
836 * memory is available, or 0 on success. 836 * memory is available, or 0 on success.
837 */ 837 */
838int security_context_to_sid(char *scontext, u32 scontext_len, u32 *sid) 838int security_context_to_sid(const char *scontext, u32 scontext_len, u32 *sid)
839{ 839{
840 return security_context_to_sid_core(scontext, scontext_len, 840 return security_context_to_sid_core(scontext, scontext_len,
841 sid, SECSID_NULL, GFP_KERNEL); 841 sid, SECSID_NULL, GFP_KERNEL);