On Tue, Aug 13, 2024 at 4:03 PM Andrii Nakryiko <andrii@xxxxxxxxxx> wrote: > > There is no reason why struct path pointer shouldn't be const-qualified > when being passed into bpf_token_create() LSM hook. Add that const. > > Suggested-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> > Signed-off-by: Andrii Nakryiko <andrii@xxxxxxxxxx> > --- > include/linux/lsm_hook_defs.h | 2 +- > include/linux/security.h | 4 ++-- > security/security.c | 2 +- > security/selinux/hooks.c | 2 +- > 4 files changed, 5 insertions(+), 5 deletions(-) > Paul, I just realized that I originally forgot to cc you and linux-security-modules@ on this entire patch set and I apologize for that. You can find the entire series at [0], if you'd like to see a bit wider context. But if you can, please check this patch specifically and give your ack, if it's fine with you. Ideally we land this patch together with the rest of Al's and mine refactorings, as it allows us to avoid that ugly path_get/path_put workaround that was added by Al initially (see [1]). LSM-specific changes are pretty trivial and hopefully are not controversial. Thanks! [0] https://lore.kernel.org/bpf/20240813230300.915127-1-andrii@xxxxxxxxxx/ [1] https://lore.kernel.org/bpf/20240730051625.14349-35-viro@xxxxxxxxxx/ > diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h > index 855db460e08b..462b55378241 100644 > --- a/include/linux/lsm_hook_defs.h > +++ b/include/linux/lsm_hook_defs.h > @@ -431,7 +431,7 @@ LSM_HOOK(int, 0, bpf_prog_load, struct bpf_prog *prog, union bpf_attr *attr, > struct bpf_token *token) > LSM_HOOK(void, LSM_RET_VOID, bpf_prog_free, struct bpf_prog *prog) > LSM_HOOK(int, 0, bpf_token_create, struct bpf_token *token, union bpf_attr *attr, > - struct path *path) > + const struct path *path) > LSM_HOOK(void, LSM_RET_VOID, bpf_token_free, struct bpf_token *token) > LSM_HOOK(int, 0, bpf_token_cmd, const struct bpf_token *token, enum bpf_cmd cmd) > LSM_HOOK(int, 0, bpf_token_capable, const struct bpf_token *token, int cap) > diff --git a/include/linux/security.h b/include/linux/security.h > index 1390f1efb4f0..31523a2c71c4 100644 > --- a/include/linux/security.h > +++ b/include/linux/security.h > @@ -2137,7 +2137,7 @@ extern int security_bpf_prog_load(struct bpf_prog *prog, union bpf_attr *attr, > struct bpf_token *token); > extern void security_bpf_prog_free(struct bpf_prog *prog); > extern int security_bpf_token_create(struct bpf_token *token, union bpf_attr *attr, > - struct path *path); > + const struct path *path); > extern void security_bpf_token_free(struct bpf_token *token); > extern int security_bpf_token_cmd(const struct bpf_token *token, enum bpf_cmd cmd); > extern int security_bpf_token_capable(const struct bpf_token *token, int cap); > @@ -2177,7 +2177,7 @@ static inline void security_bpf_prog_free(struct bpf_prog *prog) > { } > > static inline int security_bpf_token_create(struct bpf_token *token, union bpf_attr *attr, > - struct path *path) > + const struct path *path) > { > return 0; > } > diff --git a/security/security.c b/security/security.c > index 8cee5b6c6e6d..d8d0b67ced25 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -5510,7 +5510,7 @@ int security_bpf_prog_load(struct bpf_prog *prog, union bpf_attr *attr, > * Return: Returns 0 on success, error on failure. > */ > int security_bpf_token_create(struct bpf_token *token, union bpf_attr *attr, > - struct path *path) > + const struct path *path) > { > return call_int_hook(bpf_token_create, token, attr, path); > } > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > index 55c78c318ccd..0eec141a8f37 100644 > --- a/security/selinux/hooks.c > +++ b/security/selinux/hooks.c > @@ -6965,7 +6965,7 @@ static void selinux_bpf_prog_free(struct bpf_prog *prog) > } > > static int selinux_bpf_token_create(struct bpf_token *token, union bpf_attr *attr, > - struct path *path) > + const struct path *path) > { > struct bpf_security_struct *bpfsec; > > -- > 2.43.5 >
