[apparmor] [PATCH 2/5] apparmor: constify some pointer arguments to some audit-related functions

Tue Mar 4 01:11:38 UTC 2025

The constified pointer arguments are not actually modified, so encode this
into the function prototypes.

Signed-off-by: Ryan Lee <ryan.lee at canonical.com>
---
 security/apparmor/audit.c          | 10 +++++-----
 security/apparmor/include/audit.h  | 10 +++++-----
 security/apparmor/include/policy.h |  2 +-
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/security/apparmor/audit.c b/security/apparmor/audit.c
index f0619676fc4a..100eaf9cab00 100644
--- a/security/apparmor/audit.c
+++ b/security/apparmor/audit.c
@@ -302,8 +302,8 @@ static int uid_cmp(kuid_t lhs, kuid_t rhs)
 }
 
 /* std C cmp.  negative is less than, 0 is equal, positive greater than */
-long aa_audit_data_cmp(struct apparmor_audit_data *lhs,
-		       struct apparmor_audit_data *rhs)
+long aa_audit_data_cmp(const struct apparmor_audit_data *lhs,
+		       const struct apparmor_audit_data *rhs)
 {
 	long res;
 
@@ -374,7 +374,7 @@ void aa_audit_node_free_kref(struct kref *kref)
 	audit_node_free(node);
 }
 
-struct aa_audit_node *aa_dup_audit_data(struct apparmor_audit_data *orig,
+struct aa_audit_node *aa_dup_audit_data(const struct apparmor_audit_data *orig,
 					gfp_t gfp)
 {
 	struct aa_audit_node *copy;
@@ -477,8 +477,8 @@ __out_skip:								\
 })
 
 // increments refcount on node
-struct aa_audit_node *aa_audit_cache_find(struct aa_audit_cache *cache,
-					  struct apparmor_audit_data *ad)
+struct aa_audit_node *aa_audit_cache_find(const struct aa_audit_cache *cache,
+					  const struct apparmor_audit_data *ad)
 {
 	struct aa_audit_node *node;
 
diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h
index 97e4beccf3a7..9182abc7ed01 100644
--- a/security/apparmor/include/audit.h
+++ b/security/apparmor/include/audit.h
@@ -205,8 +205,8 @@ static inline void aa_audit_cache_init(struct aa_audit_cache *cache)
 	INIT_LIST_HEAD(&cache->head);
 }
 
-struct aa_audit_node *aa_audit_cache_find(struct aa_audit_cache *cache,
-					  struct apparmor_audit_data *ad);
+struct aa_audit_node *aa_audit_cache_find(const struct aa_audit_cache *cache,
+					  const struct apparmor_audit_data *ad);
 struct aa_audit_node *aa_audit_cache_insert(struct aa_audit_cache *cache,
 					    struct aa_audit_node *node);
 void aa_audit_cache_update_ent(struct aa_audit_cache *cache,
@@ -259,10 +259,10 @@ int aa_audit_rule_match(struct lsmblob *blob, u32 field, u32 op, void *vrule);
 
 
 void aa_audit_node_free_kref(struct kref *kref);
-struct aa_audit_node *aa_dup_audit_data(struct apparmor_audit_data *orig,
+struct aa_audit_node *aa_dup_audit_data(const struct apparmor_audit_data *orig,
 					gfp_t gfp);
-long aa_audit_data_cmp(struct apparmor_audit_data *lhs,
-		       struct apparmor_audit_data *rhs);
+long aa_audit_data_cmp(const struct apparmor_audit_data *lhs,
+		       const struct apparmor_audit_data *rhs);
 
 
 static inline struct aa_audit_node *aa_get_audit_node(struct aa_audit_node *node)
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h
index d5aeb7b71d29..bd89a2cd2128 100644
--- a/security/apparmor/include/policy.h
+++ b/security/apparmor/include/policy.h
@@ -413,7 +413,7 @@ static inline void aa_put_profile(struct aa_profile *p)
 		kref_put(&p->label.count, aa_label_kref);
 }
 
-static inline int AUDIT_MODE(struct aa_profile *profile)
+static inline int AUDIT_MODE(const struct aa_profile *profile)
 {
 	if (aa_g_audit != AUDIT_NORMAL)
 		return aa_g_audit;
-- 
2.43.0


