summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-14 00:39:15 +0100
committerJames Morris <jmorris@namei.org>2008-11-14 00:39:15 +0100
commit15a2460ed0af7538ca8e6c610fe607a2cd9da142 (patch)
tree3611bc03e9c30fe0d11454f6966e6b0ca7f1dbd0 /security
parentCRED: Neuter sys_capset() (diff)
downloadlinux-15a2460ed0af7538ca8e6c610fe607a2cd9da142.tar.xz
linux-15a2460ed0af7538ca8e6c610fe607a2cd9da142.zip
CRED: Constify the kernel_cap_t arguments to the capset LSM hooks
Constify the kernel_cap_t arguments to the capset LSM hooks. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r--security/commoncap.c10
-rw-r--r--security/security.c12
-rw-r--r--security/selinux/hooks.c10
3 files changed, 18 insertions, 14 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index e3f36ef629fa..fb4e240720d8 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -118,8 +118,9 @@ static inline int cap_limit_ptraced_target(void)
#endif /* def CONFIG_SECURITY_FILE_CAPABILITIES */
-int cap_capset_check (kernel_cap_t *effective,
- kernel_cap_t *inheritable, kernel_cap_t *permitted)
+int cap_capset_check(const kernel_cap_t *effective,
+ const kernel_cap_t *inheritable,
+ const kernel_cap_t *permitted)
{
if (cap_inh_is_capped()
&& !cap_issubset(*inheritable,
@@ -150,8 +151,9 @@ int cap_capset_check (kernel_cap_t *effective,
return 0;
}
-void cap_capset_set (kernel_cap_t *effective,
- kernel_cap_t *inheritable, kernel_cap_t *permitted)
+void cap_capset_set(const kernel_cap_t *effective,
+ const kernel_cap_t *inheritable,
+ const kernel_cap_t *permitted)
{
current->cap_effective = *effective;
current->cap_inheritable = *inheritable;
diff --git a/security/security.c b/security/security.c
index dca37381e2a7..81c956a12300 100644
--- a/security/security.c
+++ b/security/security.c
@@ -145,16 +145,16 @@ int security_capget(struct task_struct *target,
return security_ops->capget(target, effective, inheritable, permitted);
}
-int security_capset_check(kernel_cap_t *effective,
- kernel_cap_t *inheritable,
- kernel_cap_t *permitted)
+int security_capset_check(const kernel_cap_t *effective,
+ const kernel_cap_t *inheritable,
+ const kernel_cap_t *permitted)
{
return security_ops->capset_check(effective, inheritable, permitted);
}
-void security_capset_set(kernel_cap_t *effective,
- kernel_cap_t *inheritable,
- kernel_cap_t *permitted)
+void security_capset_set(const kernel_cap_t *effective,
+ const kernel_cap_t *inheritable,
+ const kernel_cap_t *permitted)
{
security_ops->capset_set(effective, inheritable, permitted);
}
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index df9986940e9c..9f6da154cc82 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1790,8 +1790,9 @@ static int selinux_capget(struct task_struct *target, kernel_cap_t *effective,
return secondary_ops->capget(target, effective, inheritable, permitted);
}
-static int selinux_capset_check(kernel_cap_t *effective,
- kernel_cap_t *inheritable, kernel_cap_t *permitted)
+static int selinux_capset_check(const kernel_cap_t *effective,
+ const kernel_cap_t *inheritable,
+ const kernel_cap_t *permitted)
{
int error;
@@ -1802,8 +1803,9 @@ static int selinux_capset_check(kernel_cap_t *effective,
return task_has_perm(current, current, PROCESS__SETCAP);
}
-static void selinux_capset_set(kernel_cap_t *effective,
- kernel_cap_t *inheritable, kernel_cap_t *permitted)
+static void selinux_capset_set(const kernel_cap_t *effective,
+ const kernel_cap_t *inheritable,
+ const kernel_cap_t *permitted)
{
secondary_ops->capset_set(effective, inheritable, permitted);
}