diff mbox series

lsm: constify 'mnt_opts' parameter in security_free_mnt_opts()

Message ID ZOXG/VVC1XRc7TtI@gmail.com (mailing list archive)
State Handled Elsewhere
Delegated to: Paul Moore
Headers show
Series lsm: constify 'mnt_opts' parameter in security_free_mnt_opts() | expand

Commit Message

Khadija Kamran Aug. 23, 2023, 8:44 a.m. UTC
The "sb_free_mnt_opts" hook has implementations registered in SELinux
and Smack. Looking at the function implementations we observe that the
"mnt_opts" parameter is not changing.

Mark the "mnt_opts" parameter of LSM hook security_free_mnt_opts() as
"const" since it will not be changing in the LSM hook.

Signed-off-by: Khadija Kamran <kamrankhadijadj@gmail.com>
---
 include/linux/lsm_hook_defs.h | 2 +-
 include/linux/security.h      | 2 +-
 security/security.c           | 2 +-
 security/selinux/hooks.c      | 2 +-
 security/smack/smack_lsm.c    | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

Comments

kernel test robot Aug. 23, 2023, 5:21 p.m. UTC | #1
Hi Khadija,

kernel test robot noticed the following build errors:

[auto build test ERROR on pcmoore-selinux/next]
[also build test ERROR on pcmoore-audit/next linus/master v6.5-rc7 next-20230823]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]

url:    https://github.com/intel-lab-lkp/linux/commits/Khadija-Kamran/lsm-constify-mnt_opts-parameter-in-security_free_mnt_opts/20230823-170310
base:   https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git next
patch link:    https://lore.kernel.org/r/ZOXG%2FVVC1XRc7TtI%40gmail.com
patch subject: [PATCH] lsm: constify 'mnt_opts' parameter in security_free_mnt_opts()
config: riscv-randconfig-001-20230823 (https://download.01.org/0day-ci/archive/20230824/202308240128.Gsn0b0Fv-lkp@intel.com/config)
compiler: clang version 14.0.6 (https://github.com/llvm/llvm-project.git f28c006a5895fc0e329fe15fead81e37457cb1d1)
reproduce: (https://download.01.org/0day-ci/archive/20230824/202308240128.Gsn0b0Fv-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202308240128.Gsn0b0Fv-lkp@intel.com/

All errors (new ones prefixed by >>):

>> fs/btrfs/super.c:1523:25: error: passing 'void **' to parameter of type 'const void **' discards qualifiers in nested pointer types [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
           security_free_mnt_opts(&new_sec_opts);
                                  ^~~~~~~~~~~~~
   include/linux/security.h:301:42: note: passing argument to parameter 'mnt_opts' here
   void security_free_mnt_opts(const void **mnt_opts);
                                            ^
   fs/btrfs/super.c:1536:25: error: passing 'void **' to parameter of type 'const void **' discards qualifiers in nested pointer types [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
           security_free_mnt_opts(&new_sec_opts);
                                  ^~~~~~~~~~~~~
   include/linux/security.h:301:42: note: passing argument to parameter 'mnt_opts' here
   void security_free_mnt_opts(const void **mnt_opts);
                                            ^
   fs/btrfs/super.c:1699:26: error: passing 'void **' to parameter of type 'const void **' discards qualifiers in nested pointer types [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
                   security_free_mnt_opts(&new_sec_opts);
                                          ^~~~~~~~~~~~~
   include/linux/security.h:301:42: note: passing argument to parameter 'mnt_opts' here
   void security_free_mnt_opts(const void **mnt_opts);
                                            ^
   3 errors generated.


vim +1523 fs/btrfs/super.c

450ba0ea06b6ed Josef Bacik       2010-11-19  1427  
312c89fbca0689 Misono, Tomohiro  2017-12-14  1428  /*
312c89fbca0689 Misono, Tomohiro  2017-12-14  1429   * Find a superblock for the given device / mount point.
312c89fbca0689 Misono, Tomohiro  2017-12-14  1430   *
312c89fbca0689 Misono, Tomohiro  2017-12-14  1431   * Note: This is based on mount_bdev from fs/super.c with a few additions
312c89fbca0689 Misono, Tomohiro  2017-12-14  1432   *       for multiple device setup.  Make sure to keep it in sync.
312c89fbca0689 Misono, Tomohiro  2017-12-14  1433   */
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1434  static struct dentry *btrfs_mount_root(struct file_system_type *fs_type,
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1435  		int flags, const char *device_name, void *data)
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1436  {
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1437  	struct block_device *bdev = NULL;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1438  	struct super_block *s;
36350e95a2b1fe Gu Jinxiang       2018-07-12  1439  	struct btrfs_device *device = NULL;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1440  	struct btrfs_fs_devices *fs_devices = NULL;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1441  	struct btrfs_fs_info *fs_info = NULL;
204cc0ccf1d49c Al Viro           2018-12-13  1442  	void *new_sec_opts = NULL;
05bdb9965305bb Christoph Hellwig 2023-06-08  1443  	blk_mode_t mode = sb_open_mode(flags);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1444  	int error = 0;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1445  
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1446  	if (data) {
a65001e8a4d465 Al Viro           2018-12-10  1447  		error = security_sb_eat_lsm_opts(data, &new_sec_opts);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1448  		if (error)
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1449  			return ERR_PTR(error);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1450  	}
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1451  
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1452  	/*
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1453  	 * Setup a dummy root and fs_info for test/set super.  This is because
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1454  	 * we don't actually fill this stuff out until open_ctree, but we need
8260edba67a2e6 Josef Bacik       2020-01-24  1455  	 * then open_ctree will properly initialize the file system specific
8260edba67a2e6 Josef Bacik       2020-01-24  1456  	 * settings later.  btrfs_init_fs_info initializes the static elements
8260edba67a2e6 Josef Bacik       2020-01-24  1457  	 * of the fs_info (locks and such) to make cleanup easier if we find a
8260edba67a2e6 Josef Bacik       2020-01-24  1458  	 * superblock with our given fs_devices later on at sget() time.
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1459  	 */
a8fd1f71749387 Jeff Mahoney      2018-02-15  1460  	fs_info = kvzalloc(sizeof(struct btrfs_fs_info), GFP_KERNEL);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1461  	if (!fs_info) {
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1462  		error = -ENOMEM;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1463  		goto error_sec_opts;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1464  	}
8260edba67a2e6 Josef Bacik       2020-01-24  1465  	btrfs_init_fs_info(fs_info);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1466  
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1467  	fs_info->super_copy = kzalloc(BTRFS_SUPER_INFO_SIZE, GFP_KERNEL);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1468  	fs_info->super_for_commit = kzalloc(BTRFS_SUPER_INFO_SIZE, GFP_KERNEL);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1469  	if (!fs_info->super_copy || !fs_info->super_for_commit) {
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1470  		error = -ENOMEM;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1471  		goto error_fs_info;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1472  	}
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1473  
399f7f4c42e8a5 David Sterba      2018-06-19  1474  	mutex_lock(&uuid_mutex);
2ef789288afd36 Christoph Hellwig 2023-06-08  1475  	error = btrfs_parse_device_options(data, mode);
81ffd56b574535 David Sterba      2018-06-19  1476  	if (error) {
399f7f4c42e8a5 David Sterba      2018-06-19  1477  		mutex_unlock(&uuid_mutex);
399f7f4c42e8a5 David Sterba      2018-06-19  1478  		goto error_fs_info;
81ffd56b574535 David Sterba      2018-06-19  1479  	}
399f7f4c42e8a5 David Sterba      2018-06-19  1480  
2ef789288afd36 Christoph Hellwig 2023-06-08  1481  	device = btrfs_scan_one_device(device_name, mode);
36350e95a2b1fe Gu Jinxiang       2018-07-12  1482  	if (IS_ERR(device)) {
399f7f4c42e8a5 David Sterba      2018-06-19  1483  		mutex_unlock(&uuid_mutex);
36350e95a2b1fe Gu Jinxiang       2018-07-12  1484  		error = PTR_ERR(device);
399f7f4c42e8a5 David Sterba      2018-06-19  1485  		goto error_fs_info;
81ffd56b574535 David Sterba      2018-06-19  1486  	}
399f7f4c42e8a5 David Sterba      2018-06-19  1487  
36350e95a2b1fe Gu Jinxiang       2018-07-12  1488  	fs_devices = device->fs_devices;
399f7f4c42e8a5 David Sterba      2018-06-19  1489  	fs_info->fs_devices = fs_devices;
399f7f4c42e8a5 David Sterba      2018-06-19  1490  
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1491  	error = btrfs_open_devices(fs_devices, mode, fs_type);
f5194e34cabadd David Sterba      2018-06-19  1492  	mutex_unlock(&uuid_mutex);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1493  	if (error)
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1494  		goto error_fs_info;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1495  
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1496  	if (!(flags & SB_RDONLY) && fs_devices->rw_devices == 0) {
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1497  		error = -EACCES;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1498  		goto error_close_devices;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1499  	}
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1500  
d24fa5c1da0802 Anand Jain        2021-08-24  1501  	bdev = fs_devices->latest_dev->bdev;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1502  	s = sget(fs_type, btrfs_test_super, btrfs_set_super, flags | SB_NOSEC,
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1503  		 fs_info);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1504  	if (IS_ERR(s)) {
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1505  		error = PTR_ERR(s);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1506  		goto error_close_devices;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1507  	}
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1508  
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1509  	if (s->s_root) {
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1510  		btrfs_close_devices(fs_devices);
0d4b0463011de0 Josef Bacik       2020-01-24  1511  		btrfs_free_fs_info(fs_info);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1512  		if ((flags ^ s->s_flags) & SB_RDONLY)
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1513  			error = -EBUSY;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1514  	} else {
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1515  		snprintf(s->s_id, sizeof(s->s_id), "%pg", bdev);
e33c267ab70de4 Roman Gushchin    2022-05-31  1516  		shrinker_debugfs_rename(&s->s_shrink, "sb-%s:%s", fs_type->name,
e33c267ab70de4 Roman Gushchin    2022-05-31  1517  					s->s_id);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1518  		btrfs_sb(s)->bdev_holder = fs_type;
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1519  		error = btrfs_fill_super(s, fs_devices, data);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1520  	}
a65001e8a4d465 Al Viro           2018-12-10  1521  	if (!error)
204cc0ccf1d49c Al Viro           2018-12-13  1522  		error = security_sb_set_mnt_opts(s, new_sec_opts, 0, NULL);
a65001e8a4d465 Al Viro           2018-12-10 @1523  	security_free_mnt_opts(&new_sec_opts);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1524  	if (error) {
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1525  		deactivate_locked_super(s);
a65001e8a4d465 Al Viro           2018-12-10  1526  		return ERR_PTR(error);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1527  	}
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1528  
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1529  	return dget(s->s_root);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1530  
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1531  error_close_devices:
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1532  	btrfs_close_devices(fs_devices);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1533  error_fs_info:
0d4b0463011de0 Josef Bacik       2020-01-24  1534  	btrfs_free_fs_info(fs_info);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1535  error_sec_opts:
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1536  	security_free_mnt_opts(&new_sec_opts);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1537  	return ERR_PTR(error);
72fa39f5c7a1c9 Misono, Tomohiro  2017-12-14  1538  }
312c89fbca0689 Misono, Tomohiro  2017-12-14  1539
Paul Moore Sept. 13, 2023, 10:18 p.m. UTC | #2
On Wed, Aug 23, 2023 at 1:22 PM kernel test robot <lkp@intel.com> wrote:
>
> Hi Khadija,
>
> kernel test robot noticed the following build errors:
>
> [auto build test ERROR on pcmoore-selinux/next]
> [also build test ERROR on pcmoore-audit/next linus/master v6.5-rc7 next-20230823]
> [If your patch is applied to the wrong git tree, kindly drop us a note.
> And when submitting patch, we suggest to use '--base' as documented in
> https://git-scm.com/docs/git-format-patch#_base_tree_information]
>
> url:    https://github.com/intel-lab-lkp/linux/commits/Khadija-Kamran/lsm-constify-mnt_opts-parameter-in-security_free_mnt_opts/20230823-170310
> base:   https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git next
> patch link:    https://lore.kernel.org/r/ZOXG%2FVVC1XRc7TtI%40gmail.com
> patch subject: [PATCH] lsm: constify 'mnt_opts' parameter in security_free_mnt_opts()
> config: riscv-randconfig-001-20230823 (https://download.01.org/0day-ci/archive/20230824/202308240128.Gsn0b0Fv-lkp@intel.com/config)
> compiler: clang version 14.0.6 (https://github.com/llvm/llvm-project.git f28c006a5895fc0e329fe15fead81e37457cb1d1)
> reproduce: (https://download.01.org/0day-ci/archive/20230824/202308240128.Gsn0b0Fv-lkp@intel.com/reproduce)
>
> If you fix the issue in a separate patch/commit (i.e. not just a new version of
> the same patch/commit), kindly add following tags
> | Reported-by: kernel test robot <lkp@intel.com>
> | Closes: https://lore.kernel.org/oe-kbuild-all/202308240128.Gsn0b0Fv-lkp@intel.com/
>
> All errors (new ones prefixed by >>):
>
> >> fs/btrfs/super.c:1523:25: error: passing 'void **' to parameter of type 'const void **' discards qualifiers in nested pointer types [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
>            security_free_mnt_opts(&new_sec_opts);
>                                   ^~~~~~~~~~~~~
>    include/linux/security.h:301:42: note: passing argument to parameter 'mnt_opts' here
>    void security_free_mnt_opts(const void **mnt_opts);
>                                             ^
>    fs/btrfs/super.c:1536:25: error: passing 'void **' to parameter of type 'const void **' discards qualifiers in nested pointer types [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
>            security_free_mnt_opts(&new_sec_opts);
>                                   ^~~~~~~~~~~~~
>    include/linux/security.h:301:42: note: passing argument to parameter 'mnt_opts' here
>    void security_free_mnt_opts(const void **mnt_opts);
>                                             ^
>    fs/btrfs/super.c:1699:26: error: passing 'void **' to parameter of type 'const void **' discards qualifiers in nested pointer types [-Werror,-Wincompatible-pointer-types-discards-qualifiers]
>                    security_free_mnt_opts(&new_sec_opts);
>                                           ^~~~~~~~~~~~~
>    include/linux/security.h:301:42: note: passing argument to parameter 'mnt_opts' here
>    void security_free_mnt_opts(const void **mnt_opts);
>                                             ^
>    3 errors generated.

Hi Khadija, can you check to see if these errors can be resolved?
diff mbox series

Patch

diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
index 6bb55e61e8e8..7b193349db89 100644
--- a/include/linux/lsm_hook_defs.h
+++ b/include/linux/lsm_hook_defs.h
@@ -61,7 +61,7 @@  LSM_HOOK(int, -ENOPARAM, fs_context_parse_param, struct fs_context *fc,
 LSM_HOOK(int, 0, sb_alloc_security, struct super_block *sb)
 LSM_HOOK(void, LSM_RET_VOID, sb_delete, struct super_block *sb)
 LSM_HOOK(void, LSM_RET_VOID, sb_free_security, struct super_block *sb)
-LSM_HOOK(void, LSM_RET_VOID, sb_free_mnt_opts, void *mnt_opts)
+LSM_HOOK(void, LSM_RET_VOID, sb_free_mnt_opts, const void *mnt_opts)
 LSM_HOOK(int, 0, sb_eat_lsm_opts, char *orig, void **mnt_opts)
 LSM_HOOK(int, 0, sb_mnt_opts_compat, struct super_block *sb, void *mnt_opts)
 LSM_HOOK(int, 0, sb_remount, struct super_block *sb, void *mnt_opts)
diff --git a/include/linux/security.h b/include/linux/security.h
index e2734e9e44d5..acdd1eccf2d3 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -298,7 +298,7 @@  int security_fs_context_parse_param(struct fs_context *fc, struct fs_parameter *
 int security_sb_alloc(struct super_block *sb);
 void security_sb_delete(struct super_block *sb);
 void security_sb_free(struct super_block *sb);
-void security_free_mnt_opts(void **mnt_opts);
+void security_free_mnt_opts(const void **mnt_opts);
 int security_sb_eat_lsm_opts(char *options, void **mnt_opts);
 int security_sb_mnt_opts_compat(struct super_block *sb, void *mnt_opts);
 int security_sb_remount(struct super_block *sb, void *mnt_opts);
diff --git a/security/security.c b/security/security.c
index d5ff7ff45b77..8386d764d9fc 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1238,7 +1238,7 @@  void security_sb_free(struct super_block *sb)
  *
  * Free memory associated with @mnt_ops.
  */
-void security_free_mnt_opts(void **mnt_opts)
+void security_free_mnt_opts(const void **mnt_opts)
 {
 	if (!*mnt_opts)
 		return;
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 79b4890e9936..225b76839c95 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -342,7 +342,7 @@  struct selinux_mnt_opts {
 	u32 defcontext_sid;
 };
 
-static void selinux_free_mnt_opts(void *mnt_opts)
+static void selinux_free_mnt_opts(const void *mnt_opts)
 {
 	kfree(mnt_opts);
 }
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 7a3e9ab137d8..290593dcd852 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -557,7 +557,7 @@  struct smack_mnt_opts {
 	const char *fstransmute;
 };
 
-static void smack_free_mnt_opts(void *mnt_opts)
+static void smack_free_mnt_opts(const void *mnt_opts)
 {
 	kfree(mnt_opts);
 }