Skip to content

Commit 39e6bc5

Browse files
author
Al Viro
committed
apparmor/af_unix: constify struct path * arguments
unix_sk(sock)->path should never be modified, least of all by LSM... Reviewed-by: Jan Kara <[email protected]> Reviewed-by: Christian Brauner <[email protected]> Signed-off-by: Al Viro <[email protected]>
1 parent 5f587dd commit 39e6bc5

File tree

1 file changed

+7
-7
lines changed

1 file changed

+7
-7
lines changed

security/apparmor/af_unix.c

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ static inline struct sock *aa_unix_sk(struct unix_sock *u)
3131
}
3232

3333
static int unix_fs_perm(const char *op, u32 mask, const struct cred *subj_cred,
34-
struct aa_label *label, struct path *path)
34+
struct aa_label *label, const struct path *path)
3535
{
3636
AA_BUG(!label);
3737
AA_BUG(!path);
@@ -224,7 +224,7 @@ static int profile_create_perm(struct aa_profile *profile, int family,
224224

225225
static int profile_sk_perm(struct aa_profile *profile,
226226
struct apparmor_audit_data *ad,
227-
u32 request, struct sock *sk, struct path *path)
227+
u32 request, struct sock *sk, const struct path *path)
228228
{
229229
struct aa_ruleset *rules = profile->label.rules[0];
230230
struct aa_perms *p = NULL;
@@ -386,9 +386,9 @@ static int profile_opt_perm(struct aa_profile *profile, u32 request,
386386

387387
/* null peer_label is allowed, in which case the peer_sk label is used */
388388
static int profile_peer_perm(struct aa_profile *profile, u32 request,
389-
struct sock *sk, struct path *path,
389+
struct sock *sk, const struct path *path,
390390
struct sockaddr_un *peer_addr,
391-
int peer_addrlen, struct path *peer_path,
391+
int peer_addrlen, const struct path *peer_path,
392392
struct aa_label *peer_label,
393393
struct apparmor_audit_data *ad)
394394
{
@@ -445,7 +445,7 @@ int aa_unix_create_perm(struct aa_label *label, int family, int type,
445445
static int aa_unix_label_sk_perm(const struct cred *subj_cred,
446446
struct aa_label *label,
447447
const char *op, u32 request, struct sock *sk,
448-
struct path *path)
448+
const struct path *path)
449449
{
450450
if (!unconfined(label)) {
451451
struct aa_profile *profile;
@@ -599,9 +599,9 @@ int aa_unix_opt_perm(const char *op, u32 request, struct socket *sock,
599599

600600
static int unix_peer_perm(const struct cred *subj_cred,
601601
struct aa_label *label, const char *op, u32 request,
602-
struct sock *sk, struct path *path,
602+
struct sock *sk, const struct path *path,
603603
struct sockaddr_un *peer_addr, int peer_addrlen,
604-
struct path *peer_path, struct aa_label *peer_label)
604+
const struct path *peer_path, struct aa_label *peer_label)
605605
{
606606
struct aa_profile *profile;
607607
DEFINE_AUDIT_SK(ad, op, subj_cred, sk);

0 commit comments

Comments
 (0)