From: "Christian Göttsche" <cgzones@googlemail.com>
To: selinux@vger.kernel.org
Subject: [PATCH 23/23] libsepol: declare read-only arrays const
Date: Tue, 8 Jun 2021 17:59:12 +0200 [thread overview]
Message-ID: <20210608155912.32047-24-cgzones@googlemail.com> (raw)
In-Reply-To: <20210608155912.32047-1-cgzones@googlemail.com>
Make it more apparent that those data does not change and enforce it.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
libsepol/src/avrule_block.c | 2 +-
libsepol/src/avtab.c | 2 +-
libsepol/src/link.c | 2 +-
libsepol/src/polcaps.c | 2 +-
libsepol/src/policydb.c | 22 +++++++++++-----------
libsepol/src/policydb_internal.h | 2 +-
libsepol/src/private.h | 6 +++---
libsepol/src/write.c | 8 ++++----
8 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/libsepol/src/avrule_block.c b/libsepol/src/avrule_block.c
index a9832d0d..dcfce8b8 100644
--- a/libsepol/src/avrule_block.c
+++ b/libsepol/src/avrule_block.c
@@ -30,7 +30,7 @@
/* It is anticipated that there be less declarations within an avrule
* block than the global policy. Thus the symbol table sizes are
* smaller than those listed in policydb.c */
-static unsigned int symtab_sizes[SYM_NUM] = {
+static const unsigned int symtab_sizes[SYM_NUM] = {
2,
4,
8,
diff --git a/libsepol/src/avtab.c b/libsepol/src/avtab.c
index c2ccb005..7b80377c 100644
--- a/libsepol/src/avtab.c
+++ b/libsepol/src/avtab.c
@@ -424,7 +424,7 @@ void avtab_hash_eval(avtab_t * h, char *tag)
}
/* Ordering of datums in the original avtab format in the policy file. */
-static uint16_t spec_order[] = {
+static const uint16_t spec_order[] = {
AVTAB_ALLOWED,
AVTAB_AUDITDENY,
AVTAB_AUDITALLOW,
diff --git a/libsepol/src/link.c b/libsepol/src/link.c
index bdc1fcbf..461d2feb 100644
--- a/libsepol/src/link.c
+++ b/libsepol/src/link.c
@@ -78,7 +78,7 @@ typedef struct missing_requirement {
uint32_t perm_value;
} missing_requirement_t;
-static const char *symtab_names[SYM_NUM] = {
+static const char * const symtab_names[SYM_NUM] = {
"common", "class", "role", "type/attribute", "user",
"bool", "level", "category"
};
diff --git a/libsepol/src/polcaps.c b/libsepol/src/polcaps.c
index 67ed5786..6a74ec7d 100644
--- a/libsepol/src/polcaps.c
+++ b/libsepol/src/polcaps.c
@@ -5,7 +5,7 @@
#include <string.h>
#include <sepol/policydb/polcaps.h>
-static const char *polcap_names[] = {
+static const char * const polcap_names[] = {
"network_peer_controls", /* POLICYDB_CAPABILITY_NETPEER */
"open_perms", /* POLICYDB_CAPABILITY_OPENPERM */
"extended_socket_class", /* POLICYDB_CAPABILITY_EXTSOCKCLASS */
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
index 7739b0fb..0bc0ead8 100644
--- a/libsepol/src/policydb.c
+++ b/libsepol/src/policydb.c
@@ -57,10 +57,10 @@
#include "policydb_validate.h"
#define POLICYDB_TARGET_SZ ARRAY_SIZE(policydb_target_strings)
-const char *policydb_target_strings[] = { POLICYDB_STRING, POLICYDB_XEN_STRING };
+const char * const policydb_target_strings[] = { POLICYDB_STRING, POLICYDB_XEN_STRING };
/* These need to be updated if SYM_NUM or OCON_NUM changes */
-static struct policydb_compat_info policydb_compat[] = {
+static const struct policydb_compat_info policydb_compat[] = {
{
.type = POLICY_KERN,
.version = POLICYDB_VERSION_BOUNDARY,
@@ -460,7 +460,7 @@ static char *symtab_name[SYM_NUM] = {
};
#endif
-static unsigned int symtab_sizes[SYM_NUM] = {
+static const unsigned int symtab_sizes[SYM_NUM] = {
2,
32,
16,
@@ -471,12 +471,12 @@ static unsigned int symtab_sizes[SYM_NUM] = {
16,
};
-struct policydb_compat_info *policydb_lookup_compat(unsigned int version,
- unsigned int type,
- unsigned int target_platform)
+const struct policydb_compat_info *policydb_lookup_compat(unsigned int version,
+ unsigned int type,
+ unsigned int target_platform)
{
unsigned int i;
- struct policydb_compat_info *info = NULL;
+ const struct policydb_compat_info *info = NULL;
for (i = 0; i < sizeof(policydb_compat) / sizeof(*info); i++) {
if (policydb_compat[i].version == version &&
@@ -2854,7 +2854,7 @@ static int filename_trans_read(policydb_t *p, struct policy_file *fp)
return 0;
}
-static int ocontext_read_xen(struct policydb_compat_info *info,
+static int ocontext_read_xen(const struct policydb_compat_info *info,
policydb_t *p, struct policy_file *fp)
{
unsigned int i, j;
@@ -2963,7 +2963,7 @@ static int ocontext_read_xen(struct policydb_compat_info *info,
}
return 0;
}
-static int ocontext_read_selinux(struct policydb_compat_info *info,
+static int ocontext_read_selinux(const struct policydb_compat_info *info,
policydb_t * p, struct policy_file *fp)
{
unsigned int i, j;
@@ -3141,7 +3141,7 @@ static int ocontext_read_selinux(struct policydb_compat_info *info,
return 0;
}
-static int ocontext_read(struct policydb_compat_info *info,
+static int ocontext_read(const struct policydb_compat_info *info,
policydb_t *p, struct policy_file *fp)
{
int rc = -1;
@@ -4198,7 +4198,7 @@ int policydb_read(policydb_t * p, struct policy_file *fp, unsigned verbose)
uint32_t buf[5];
size_t len, nprim, nel;
char *policydb_str;
- struct policydb_compat_info *info;
+ const struct policydb_compat_info *info;
unsigned int policy_type, bufindex;
ebitmap_node_t *tnode;
int rc;
diff --git a/libsepol/src/policydb_internal.h b/libsepol/src/policydb_internal.h
index 06ba5c8b..dd8f25d0 100644
--- a/libsepol/src/policydb_internal.h
+++ b/libsepol/src/policydb_internal.h
@@ -3,5 +3,5 @@
#include <sepol/policydb.h>
-extern const char *policydb_target_strings[];
+extern const char * const policydb_target_strings[];
#endif
diff --git a/libsepol/src/private.h b/libsepol/src/private.h
index f5b5277f..72f21262 100644
--- a/libsepol/src/private.h
+++ b/libsepol/src/private.h
@@ -56,9 +56,9 @@ struct policydb_compat_info {
unsigned int target_platform;
};
-extern struct policydb_compat_info *policydb_lookup_compat(unsigned int version,
- unsigned int type,
- unsigned int target_platform);
+extern const struct policydb_compat_info *policydb_lookup_compat(unsigned int version,
+ unsigned int type,
+ unsigned int target_platform);
/* Reading from a policy "file". */
extern int next_entry(void *buf, struct policy_file *fp, size_t bytes);
diff --git a/libsepol/src/write.c b/libsepol/src/write.c
index 84bcaf3f..3bd034d6 100644
--- a/libsepol/src/write.c
+++ b/libsepol/src/write.c
@@ -1345,7 +1345,7 @@ static int (*write_f[SYM_NUM]) (hashtab_key_t key, hashtab_datum_t datum,
common_write, class_write, role_write, type_write, user_write,
cond_write_bool, sens_write, cat_write,};
-static int ocontext_write_xen(struct policydb_compat_info *info, policydb_t *p,
+static int ocontext_write_xen(const struct policydb_compat_info *info, policydb_t *p,
struct policy_file *fp)
{
unsigned int i, j;
@@ -1453,7 +1453,7 @@ static int ocontext_write_xen(struct policydb_compat_info *info, policydb_t *p,
return POLICYDB_SUCCESS;
}
-static int ocontext_write_selinux(struct policydb_compat_info *info,
+static int ocontext_write_selinux(const struct policydb_compat_info *info,
policydb_t *p, struct policy_file *fp)
{
unsigned int i, j;
@@ -1583,7 +1583,7 @@ static int ocontext_write_selinux(struct policydb_compat_info *info,
return POLICYDB_SUCCESS;
}
-static int ocontext_write(struct policydb_compat_info *info, policydb_t * p,
+static int ocontext_write(const struct policydb_compat_info *info, policydb_t * p,
struct policy_file *fp)
{
int rc = POLICYDB_ERROR;
@@ -2179,7 +2179,7 @@ int policydb_write(policydb_t * p, struct policy_file *fp)
unsigned int i, num_syms;
uint32_t buf[32], config;
size_t items, items2, len;
- struct policydb_compat_info *info;
+ const struct policydb_compat_info *info;
struct policy_data pd;
const char *policydb_str;
--
2.32.0
next prev parent reply other threads:[~2021-06-08 16:00 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-08 15:58 [PATCH 00/23] libsepol: miscellaneous cleanup Christian Göttsche
2021-06-08 15:58 ` [PATCH 01/23] libsepol: fix typos Christian Göttsche
2021-06-21 20:54 ` James Carter
2021-06-08 15:58 ` [PATCH 02/23] libsepol: resolve missing prototypes Christian Göttsche
2021-06-21 20:55 ` James Carter
2021-06-08 15:58 ` [PATCH 03/23] libsepol: remove unused functions Christian Göttsche
2021-06-21 20:54 ` James Carter
2021-06-08 15:58 ` [PATCH 04/23] libsepol: ignore UBSAN false-positives Christian Göttsche
2021-06-09 13:44 ` Ondrej Mosnacek
2021-06-09 14:05 ` James Carter
2021-07-01 18:06 ` [PATCH v2 1/3] " Christian Göttsche
2021-07-12 7:34 ` Nicolas Iooss
2021-07-13 19:59 ` Nicolas Iooss
2021-06-08 15:58 ` [PATCH 05/23] libsepol: avoid implicit conversions Christian Göttsche
2021-06-09 13:47 ` Ondrej Mosnacek
2021-07-01 18:06 ` [PATCH v2 2/3] " Christian Göttsche
2021-07-12 7:36 ` Nicolas Iooss
2021-07-13 20:01 ` Nicolas Iooss
2021-06-08 15:58 ` [PATCH 06/23] libsepol: avoid unsigned integer overflow Christian Göttsche
2021-06-21 20:58 ` James Carter
2021-06-08 15:58 ` [PATCH 07/23] libsepol: follow declaration-after-statement Christian Göttsche
2021-06-21 20:57 ` James Carter
2021-06-08 15:58 ` [PATCH 08/23] libsepol/cil: " Christian Göttsche
2021-06-21 20:56 ` James Carter
2021-06-08 15:58 ` [PATCH 09/23] libsepol: remove dead stores Christian Göttsche
2021-06-08 15:58 ` [PATCH 10/23] libsepol: mark read-only parameters of ebitmap interfaces const Christian Göttsche
2021-06-21 20:55 ` James Carter
2021-06-08 15:59 ` [PATCH 11/23] libsepol: mark read-only parameters of type_set_ " Christian Göttsche
2021-06-21 20:58 ` James Carter
2021-06-08 15:59 ` [PATCH 12/23] libsepol: do not allocate memory of size 0 Christian Göttsche
2021-06-21 20:59 ` James Carter
2021-06-08 15:59 ` [PATCH 13/23] libsepol: assure string NUL-termination Christian Göttsche
2021-06-09 14:38 ` James Carter
2021-07-01 18:07 ` [PATCH v2 3/3] libsepol: assure string NUL-termination of ibdev_name Christian Göttsche
2021-07-12 7:35 ` Nicolas Iooss
2021-07-13 19:59 ` Nicolas Iooss
2021-06-08 15:59 ` [PATCH 14/23] libsepol: remove dead stores Christian Göttsche
2021-06-08 15:59 ` [PATCH 15/23] libsepol/cil: silence cast warning Christian Göttsche
2021-06-21 20:58 ` James Carter
2021-06-08 15:59 ` [PATCH 16/23] libsepol/cil: drop extra semicolon Christian Göttsche
2021-06-21 20:57 ` James Carter
2021-06-08 15:59 ` [PATCH 17/23] libsepol/cil: drop dead store Christian Göttsche
2021-06-21 20:56 ` James Carter
2021-06-08 15:59 ` [PATCH 18/23] libsepol/cil: drop unnecessary casts Christian Göttsche
2021-06-21 20:55 ` James Carter
2021-06-08 15:59 ` [PATCH 19/23] libsepol/cil: avoid using maybe uninitialized variables Christian Göttsche
2021-06-21 21:00 ` James Carter
2021-06-08 15:59 ` [PATCH 20/23] libsepol: drop repeated semicolons Christian Göttsche
2021-06-21 20:54 ` James Carter
2021-06-08 15:59 ` [PATCH 21/23] libsepol: drop unnecessary casts Christian Göttsche
2021-06-21 20:57 ` James Carter
2021-06-08 15:59 ` [PATCH 22/23] libsepol: declare file local variable static Christian Göttsche
2021-06-21 21:00 ` James Carter
2021-06-08 15:59 ` Christian Göttsche [this message]
2021-06-21 20:59 ` [PATCH 23/23] libsepol: declare read-only arrays const James Carter
2021-06-24 14:29 ` [PATCH 00/23] libsepol: miscellaneous cleanup James Carter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210608155912.32047-24-cgzones@googlemail.com \
--to=cgzones@googlemail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.