git.baikalelectronics.ru Git - kernel.git/commit

author	Christian Göttsche <cgzones@googlemail.com>
	Mon, 2 May 2022 14:43:38 +0000 (16:43 +0200)
committer	Paul Moore <paul@paul-moore.com>
	Tue, 3 May 2022 19:53:49 +0000 (15:53 -0400)
commit	6499d006206f86c9df94f5d3552b21a093dfd437
tree	6884a97c4ba2c10ad542db83cfbd8afeab326895	tree \| snapshot
parent	34ccdff0340cdd3fd260b25038c358ee27feb8ca	commit \| diff

selinux: declare data arrays const

The arrays for the policy capability names, the initial sid identifiers
and the class and permission names are not changed at runtime. Declare
them const to avoid accidental modification.

Do not override the classmap and the initial sid list in the build time
script genheaders.

Check flose(3) is successful in genheaders.c, otherwise the written data
might be corrupted or incomplete.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
[PM: manual merge due to fuzz, minor style tweaks]
Signed-off-by: Paul Moore <paul@paul-moore.com>

scripts/selinux/genheaders/genheaders.c		diff \| blob \| history
scripts/selinux/mdp/mdp.c		diff \| blob \| history
security/selinux/avc.c		diff \| blob \| history
security/selinux/include/avc_ss.h		diff \| blob \| history
security/selinux/include/classmap.h		diff \| blob \| history
security/selinux/include/initial_sid_to_string.h		diff \| blob \| history
security/selinux/include/policycap.h		diff \| blob \| history
security/selinux/include/policycap_names.h		diff \| blob \| history
security/selinux/ss/avtab.c		diff \| blob \| history
security/selinux/ss/policydb.c		diff \| blob \| history
security/selinux/ss/services.c		diff \| blob \| history