diff options
| author |   Christian Göttsche <cgzones@googlemail.com> | 2022-05-02 16:43:38 +0200 |
|---|---|---|
| committer |   Paul Moore <paul@paul-moore.com> | 2022-05-03 15:53:49 -0400 |
| commit | ded34574d4d351ab0ca095a45496b393cef611c2 (patch) | |
| tree | 6884a97c4ba2c10ad542db83cfbd8afeab326895 /security/selinux/avc.c | |
| parent | selinux: fix indentation level of mls_ops block (diff) | |
| download | linux-dev-ded34574d4d351ab0ca095a45496b393cef611c2.tar.xz linux-dev-ded34574d4d351ab0ca095a45496b393cef611c2.zip | |
selinux: declare data arrays const
The arrays for the policy capability names, the initial sid identifiers
and the class and permission names are not changed at runtime. Declare
them const to avoid accidental modification.
Do not override the classmap and the initial sid list in the build time
script genheaders.
Check flose(3) is successful in genheaders.c, otherwise the written data
might be corrupted or incomplete.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
[PM: manual merge due to fuzz, minor style tweaks]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux/avc.c')
| -rw-r--r-- | security/selinux/avc.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 874c1c6fe10b..9a43af0ebd7d 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -668,7 +668,7 @@ static void avc_audit_pre_callback(struct audit_buffer *ab, void *a) struct common_audit_data *ad = a; struct selinux_audit_data *sad = ad->selinux_audit_data; u32 av = sad->audited; - const char **perms; + const char *const *perms; int i, perm; audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted"); |