Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b2724d58 authored by Eric Biggers's avatar Eric Biggers Committed by Mimi Zohar
Browse files

security/integrity: constify some read-only data 



Constify some static data that is never modified,
so that it is placed in .rodata.

Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
parent 691115c3

security/integrity/digsig.c

+1 −1
Original line number Diff line number Diff line
@@ -26,7 +26,7 @@ 


static struct key *keyring[INTEGRITY_KEYRING_MAX];



static const char *keyring_name[INTEGRITY_KEYRING_MAX] = {

static const char * const keyring_name[INTEGRITY_KEYRING_MAX] = {

#ifndef CONFIG_INTEGRITY_TRUSTED_KEYRING

	"_evm",

	"_ima",

security/integrity/evm/evm_crypto.c

+2 −2
Original line number Diff line number Diff line
@@ -27,7 +27,7 @@ 
#define EVMKEY "evm-key"

#define MAX_KEY_SIZE 128

static unsigned char evmkey[MAX_KEY_SIZE];

static int evmkey_len = MAX_KEY_SIZE;

static const int evmkey_len = MAX_KEY_SIZE;



struct crypto_shash *hmac_tfm;

static struct crypto_shash *evm_tfm[HASH_ALGO__LAST];
@@ -38,7 +38,7 @@ static DEFINE_MUTEX(mutex); 


static unsigned long evm_set_key_flags;



static char * const evm_hmac = "hmac(sha1)";

static const char evm_hmac[] = "hmac(sha1)";



/**

 * evm_set_key() - set EVM HMAC key from the kernel

security/integrity/ima/ima.h

+1 −1
Original line number Diff line number Diff line
@@ -88,7 +88,7 @@ struct ima_template_desc { 
	char *name;

	char *fmt;

	int num_fields;

	struct ima_template_field **fields;

	const struct ima_template_field **fields;

};



struct ima_template_entry {

security/integrity/ima/ima_api.c

+2 −1
Original line number Diff line number Diff line
@@ -51,7 +51,8 @@ int ima_alloc_init_template(struct ima_event_data *event_data, 


	(*entry)->template_desc = template_desc;

	for (i = 0; i < template_desc->num_fields; i++) {

		struct ima_template_field *field = template_desc->fields[i];

		const struct ima_template_field *field =

			template_desc->fields[i];

		u32 len;



		result = field->field_init(event_data,

security/integrity/ima/ima_fs.c

+2 −1
Original line number Diff line number Diff line
@@ -179,7 +179,8 @@ int ima_measurements_show(struct seq_file *m, void *v) 
	/* 6th:  template specific data */

	for (i = 0; i < e->template_desc->num_fields; i++) {

		enum ima_show_type show = IMA_SHOW_BINARY;

		struct ima_template_field *field = e->template_desc->fields[i];

		const struct ima_template_field *field =

			e->template_desc->fields[i];



		if (is_ima_template && strcmp(field->field_id, "d") == 0)

			show = IMA_SHOW_BINARY_NO_FIELD_LEN;