diff options
author | David Howells <dhowells@redhat.com> | 2008-11-14 00:39:15 +0100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-14 00:39:15 +0100 |
commit | 15a2460ed0af7538ca8e6c610fe607a2cd9da142 (patch) | |
tree | 3611bc03e9c30fe0d11454f6966e6b0ca7f1dbd0 /security | |
parent | CRED: Neuter sys_capset() (diff) | |
download | linux-15a2460ed0af7538ca8e6c610fe607a2cd9da142.tar.xz linux-15a2460ed0af7538ca8e6c610fe607a2cd9da142.zip |
CRED: Constify the kernel_cap_t arguments to the capset LSM hooks
Constify the kernel_cap_t arguments to the capset LSM hooks.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/commoncap.c | 10 | ||||
-rw-r--r-- | security/security.c | 12 | ||||
-rw-r--r-- | security/selinux/hooks.c | 10 |
3 files changed, 18 insertions, 14 deletions
diff --git a/security/commoncap.c b/security/commoncap.c index e3f36ef629fa..fb4e240720d8 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -118,8 +118,9 @@ static inline int cap_limit_ptraced_target(void) #endif /* def CONFIG_SECURITY_FILE_CAPABILITIES */ -int cap_capset_check (kernel_cap_t *effective, - kernel_cap_t *inheritable, kernel_cap_t *permitted) +int cap_capset_check(const kernel_cap_t *effective, + const kernel_cap_t *inheritable, + const kernel_cap_t *permitted) { if (cap_inh_is_capped() && !cap_issubset(*inheritable, @@ -150,8 +151,9 @@ int cap_capset_check (kernel_cap_t *effective, return 0; } -void cap_capset_set (kernel_cap_t *effective, - kernel_cap_t *inheritable, kernel_cap_t *permitted) +void cap_capset_set(const kernel_cap_t *effective, + const kernel_cap_t *inheritable, + const kernel_cap_t *permitted) { current->cap_effective = *effective; current->cap_inheritable = *inheritable; diff --git a/security/security.c b/security/security.c index dca37381e2a7..81c956a12300 100644 --- a/security/security.c +++ b/security/security.c @@ -145,16 +145,16 @@ int security_capget(struct task_struct *target, return security_ops->capget(target, effective, inheritable, permitted); } -int security_capset_check(kernel_cap_t *effective, - kernel_cap_t *inheritable, - kernel_cap_t *permitted) +int security_capset_check(const kernel_cap_t *effective, + const kernel_cap_t *inheritable, + const kernel_cap_t *permitted) { return security_ops->capset_check(effective, inheritable, permitted); } -void security_capset_set(kernel_cap_t *effective, - kernel_cap_t *inheritable, - kernel_cap_t *permitted) +void security_capset_set(const kernel_cap_t *effective, + const kernel_cap_t *inheritable, + const kernel_cap_t *permitted) { security_ops->capset_set(effective, inheritable, permitted); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index df9986940e9c..9f6da154cc82 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1790,8 +1790,9 @@ static int selinux_capget(struct task_struct *target, kernel_cap_t *effective, return secondary_ops->capget(target, effective, inheritable, permitted); } -static int selinux_capset_check(kernel_cap_t *effective, - kernel_cap_t *inheritable, kernel_cap_t *permitted) +static int selinux_capset_check(const kernel_cap_t *effective, + const kernel_cap_t *inheritable, + const kernel_cap_t *permitted) { int error; @@ -1802,8 +1803,9 @@ static int selinux_capset_check(kernel_cap_t *effective, return task_has_perm(current, current, PROCESS__SETCAP); } -static void selinux_capset_set(kernel_cap_t *effective, - kernel_cap_t *inheritable, kernel_cap_t *permitted) +static void selinux_capset_set(const kernel_cap_t *effective, + const kernel_cap_t *inheritable, + const kernel_cap_t *permitted) { secondary_ops->capset_set(effective, inheritable, permitted); } |