[Ocfs2-devel] [PATCH] xattr: Constify ->name member of "struct xattr".
Paul Moore
paul at paul-moore.com
Tue Jul 23 11:27:08 PDT 2013
On Saturday, June 08, 2013 09:54:56 PM Tetsuo Handa wrote:
> >From 96df8b4be7f8702913a0245b2312958e2eea6caf Mon Sep 17 00:00:00 2001
>
> From: Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp>
> Date: Sat, 8 Jun 2013 21:46:58 +0900
> Subject: [PATCH] xattr: Constify ->name member of "struct xattr".
>
> Since everybody sets kstrdup()ed constant string to "struct xattr"->name but
> nobody modifies "struct xattr"->name , we can omit kstrdup() and its
> failure checking by constifying ->name member of "struct xattr".
>
> Signed-off-by: Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp>
[NOTE: Added the SELinux list to the To/CC line.]
I looked over the patch and gave it a quick test on my system, everything
seems reasonable to me.
Reviewed-by: Paul Moore <paul at paul-moore.com>
Tested-by: Paul Moore <paul at paul-moore.com>
> ---
> fs/ocfs2/xattr.h | 2 +-
> include/linux/security.h | 8 ++++----
> include/linux/xattr.h | 2 +-
> include/uapi/linux/reiserfs_xattr.h | 2 +-
> security/capability.c | 2 +-
> security/integrity/evm/evm_main.c | 2 +-
> security/security.c | 8 +++-----
> security/selinux/hooks.c | 17 ++++++-----------
> security/smack/smack_lsm.c | 9 +++------
> 9 files changed, 21 insertions(+), 31 deletions(-)
>
> diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h
> index e5c7f15..19f134e 100644
> --- a/fs/ocfs2/xattr.h
> +++ b/fs/ocfs2/xattr.h
> @@ -32,7 +32,7 @@ enum ocfs2_xattr_type {
>
> struct ocfs2_security_xattr_info {
> int enable;
> - char *name;
> + const char *name;
> void *value;
> size_t value_len;
> };
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 40560f4..2e64d73 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -1466,7 +1466,7 @@ struct security_operations {
> int (*inode_alloc_security) (struct inode *inode);
> void (*inode_free_security) (struct inode *inode);
> int (*inode_init_security) (struct inode *inode, struct inode *dir,
> - const struct qstr *qstr, char **name,
> + const struct qstr *qstr, const char **name,
> void **value, size_t *len);
> int (*inode_create) (struct inode *dir,
> struct dentry *dentry, umode_t mode);
> @@ -1737,7 +1737,7 @@ int security_inode_init_security(struct inode *inode,
> struct inode *dir, const struct qstr *qstr,
> initxattrs initxattrs, void *fs_data);
> int security_old_inode_init_security(struct inode *inode, struct inode
> *dir, - const struct qstr *qstr, char **name,
> + const struct qstr *qstr, const char **name,
> void **value, size_t *len);
> int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t
> mode); int security_inode_link(struct dentry *old_dentry, struct inode
> *dir, @@ -2048,8 +2048,8 @@ static inline int
> security_inode_init_security(struct inode *inode, static inline int
> security_old_inode_init_security(struct inode *inode, struct inode *dir,
> const struct qstr *qstr,
> - char **name, void **value,
> - size_t *len)
> + const char **name,
> + void **value, size_t *len)
> {
> return -EOPNOTSUPP;
> }
> diff --git a/include/linux/xattr.h b/include/linux/xattr.h
> index fdbafc6..91b0a68 100644
> --- a/include/linux/xattr.h
> +++ b/include/linux/xattr.h
> @@ -31,7 +31,7 @@ struct xattr_handler {
> };
>
> struct xattr {
> - char *name;
> + const char *name;
> void *value;
> size_t value_len;
> };
> diff --git a/include/uapi/linux/reiserfs_xattr.h
> b/include/uapi/linux/reiserfs_xattr.h index d8ce17c..38fdd64 100644
> --- a/include/uapi/linux/reiserfs_xattr.h
> +++ b/include/uapi/linux/reiserfs_xattr.h
> @@ -16,7 +16,7 @@ struct reiserfs_xattr_header {
> };
>
> struct reiserfs_security_handle {
> - char *name;
> + const char *name;
> void *value;
> size_t length;
> };
> diff --git a/security/capability.c b/security/capability.c
> index 1728d4e..b311ff0 100644
> --- a/security/capability.c
> +++ b/security/capability.c
> @@ -119,7 +119,7 @@ static void cap_inode_free_security(struct inode *inode)
> }
>
> static int cap_inode_init_security(struct inode *inode, struct inode *dir,
> - const struct qstr *qstr, char **name,
> + const struct qstr *qstr, const char **name,
> void **value, size_t *len)
> {
> return -EOPNOTSUPP;
> diff --git a/security/integrity/evm/evm_main.c
> b/security/integrity/evm/evm_main.c index cdbde17..2787080 100644
> --- a/security/integrity/evm/evm_main.c
> +++ b/security/integrity/evm/evm_main.c
> @@ -405,7 +405,7 @@ int evm_inode_init_security(struct inode *inode,
>
> evm_xattr->value = xattr_data;
> evm_xattr->value_len = sizeof(*xattr_data);
> - evm_xattr->name = kstrdup(XATTR_EVM_SUFFIX, GFP_NOFS);
> + evm_xattr->name = XATTR_EVM_SUFFIX;
> return 0;
> out:
> kfree(xattr_data);
> diff --git a/security/security.c b/security/security.c
> index a3dce87..8849691 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -335,10 +335,10 @@ int security_inode_init_security(struct inode *inode,
> struct inode *dir, if (unlikely(IS_PRIVATE(inode)))
> return 0;
>
> - memset(new_xattrs, 0, sizeof new_xattrs);
> if (!initxattrs)
> return security_ops->inode_init_security(inode, dir, qstr,
> NULL, NULL, NULL);
> + memset(new_xattrs, 0, sizeof(new_xattrs));
> lsm_xattr = new_xattrs;
> ret = security_ops->inode_init_security(inode, dir, qstr,
> &lsm_xattr->name,
> @@ -353,16 +353,14 @@ int security_inode_init_security(struct inode *inode,
> struct inode *dir, goto out;
> ret = initxattrs(inode, new_xattrs, fs_data);
> out:
> - for (xattr = new_xattrs; xattr->name != NULL; xattr++) {
> - kfree(xattr->name);
> + for (xattr = new_xattrs; xattr->value != NULL; xattr++)
> kfree(xattr->value);
> - }
> return (ret == -EOPNOTSUPP) ? 0 : ret;
> }
> EXPORT_SYMBOL(security_inode_init_security);
>
> int security_old_inode_init_security(struct inode *inode, struct inode
> *dir, - const struct qstr *qstr, char **name,
> + const struct qstr *qstr, const char **name,
> void **value, size_t *len)
> {
> if (unlikely(IS_PRIVATE(inode)))
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 5c6f2cd..16b8e51 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -2516,7 +2516,8 @@ static void selinux_inode_free_security(struct inode
> *inode) }
>
> static int selinux_inode_init_security(struct inode *inode, struct inode
> *dir, - const struct qstr *qstr, char **name,
> + const struct qstr *qstr,
> + const char **name,
> void **value, size_t *len)
> {
> const struct task_security_struct *tsec = current_security();
> @@ -2524,7 +2525,7 @@ static int selinux_inode_init_security(struct inode
> *inode, struct inode *dir, struct superblock_security_struct *sbsec;
> u32 sid, newsid, clen;
> int rc;
> - char *namep = NULL, *context;
> + char *context;
>
> dsec = dir->i_security;
> sbsec = dir->i_sb->s_security;
> @@ -2560,19 +2561,13 @@ static int selinux_inode_init_security(struct inode
> *inode, struct inode *dir, if (!ss_initialized || !(sbsec->flags &
> SE_SBLABELSUPP))
> return -EOPNOTSUPP;
>
> - if (name) {
> - namep = kstrdup(XATTR_SELINUX_SUFFIX, GFP_NOFS);
> - if (!namep)
> - return -ENOMEM;
> - *name = namep;
> - }
> + if (name)
> + *name = XATTR_SELINUX_SUFFIX;
>
> if (value && len) {
> rc = security_sid_to_context_force(newsid, &context, &clen);
> - if (rc) {
> - kfree(namep);
> + if (rc)
> return rc;
> - }
> *value = context;
> *len = clen;
> }
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index d52c780..46e5b47 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -554,7 +554,7 @@ static void smack_inode_free_security(struct inode
> *inode) * Returns 0 if it all works out, -ENOMEM if there's no memory
> */
> static int smack_inode_init_security(struct inode *inode, struct inode
> *dir, - const struct qstr *qstr, char **name,
> + const struct qstr *qstr, const char **name,
> void **value, size_t *len)
> {
> struct smack_known *skp;
> @@ -564,11 +564,8 @@ static int smack_inode_init_security(struct inode
> *inode, struct inode *dir, char *dsp = smk_of_inode(dir);
> int may;
>
> - if (name) {
> - *name = kstrdup(XATTR_SMACK_SUFFIX, GFP_NOFS);
> - if (*name == NULL)
> - return -ENOMEM;
> - }
> + if (name)
> + *name = XATTR_SMACK_SUFFIX;
>
> if (value) {
> skp = smk_find_entry(csp);
--
paul moore
www.paul-moore.com
More information about the Ocfs2-devel
mailing list