xsm/flask: mkflash.sh: Use const when generating initial_sid_to_string[]

[PATCH] xsm/flask: mkflash.sh: Use const when generating initial_sid_to_string[]

Posted by Julien Grall 1 year, 5 months ago

From: Julien Grall <jgrall@amazon.com>

The array initial_sid_to_string is storing pointer to literal strings
and is not meant to be modified. So change the type of the variable
to "const char * const ...[]".

Signed-off-by: Julien Grall <jgrall@amazon.com>
---
 xen/xsm/flask/policy/mkflask.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xen/xsm/flask/policy/mkflask.sh b/xen/xsm/flask/policy/mkflask.sh
index 591ce832a1d1..611689768167 100755
--- a/xen/xsm/flask/policy/mkflask.sh
+++ b/xen/xsm/flask/policy/mkflask.sh
@@ -34,7 +34,7 @@ BEGIN	{
 		printf("/*\n * Security object class definitions\n */\n") > debugfile;
 		printf("    S_(\"null\")\n") > debugfile;
 		printf("/* This file is automatically generated.  Do not edit. */\n") > debugfile2;
-		printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2;
+		printf("static const char * const initial_sid_to_string[] =\n{\n") > debugfile2;
 		printf("    \"null\",\n") > debugfile2;
 	}
 /^[ \t]*#/	{
-- 
2.38.1

Re: [PATCH] xsm/flask: mkflash.sh: Use const when generating initial_sid_to_string[]

Posted by Daniel P. Smith 1 year, 5 months ago

On 12/12/22 04:36, Julien Grall wrote:
> From: Julien Grall <jgrall@amazon.com>
> 
> The array initial_sid_to_string is storing pointer to literal strings
> and is not meant to be modified. So change the type of the variable
> to "const char * const ...[]".
> 
> Signed-off-by: Julien Grall <jgrall@amazon.com>
> ---
>   xen/xsm/flask/policy/mkflask.sh | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/xen/xsm/flask/policy/mkflask.sh b/xen/xsm/flask/policy/mkflask.sh
> index 591ce832a1d1..611689768167 100755
> --- a/xen/xsm/flask/policy/mkflask.sh
> +++ b/xen/xsm/flask/policy/mkflask.sh
> @@ -34,7 +34,7 @@ BEGIN	{
>   		printf("/*\n * Security object class definitions\n */\n") > debugfile;
>   		printf("    S_(\"null\")\n") > debugfile;
>   		printf("/* This file is automatically generated.  Do not edit. */\n") > debugfile2;
> -		printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2;
> +		printf("static const char * const initial_sid_to_string[] =\n{\n") > debugfile2;
>   		printf("    \"null\",\n") > debugfile2;
>   	}
>   /^[ \t]*#/	{

Ack-by: Daniel P. Smith <dpsmith@apertussolutions.com>

Re: [PATCH] xsm/flask: mkflash.sh: Use const when generating initial_sid_to_string[]

Posted by Julien Grall 1 year, 5 months ago

Hi Daniel,

On 12/12/2022 11:31, Daniel P. Smith wrote:
> On 12/12/22 04:36, Julien Grall wrote:
>> From: Julien Grall <jgrall@amazon.com>
>>
>> The array initial_sid_to_string is storing pointer to literal strings
>> and is not meant to be modified. So change the type of the variable
>> to "const char * const ...[]".
>>
>> Signed-off-by: Julien Grall <jgrall@amazon.com>
>> ---
>>   xen/xsm/flask/policy/mkflask.sh | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/xen/xsm/flask/policy/mkflask.sh 
>> b/xen/xsm/flask/policy/mkflask.sh
>> index 591ce832a1d1..611689768167 100755
>> --- a/xen/xsm/flask/policy/mkflask.sh
>> +++ b/xen/xsm/flask/policy/mkflask.sh
>> @@ -34,7 +34,7 @@ BEGIN    {
>>           printf("/*\n * Security object class definitions\n */\n") > 
>> debugfile;
>>           printf("    S_(\"null\")\n") > debugfile;
>>           printf("/* This file is automatically generated.  Do not 
>> edit. */\n") > debugfile2;
>> -        printf("static char *initial_sid_to_string[] =\n{\n") > 
>> debugfile2;
>> +        printf("static const char * const initial_sid_to_string[] 
>> =\n{\n") > debugfile2;
>>           printf("    \"null\",\n") > debugfile2;
>>       }
>>   /^[ \t]*#/    {
> 
> Ack-by: Daniel P. Smith <dpsmith@apertussolutions.com>

Thanks. Not sure if this was intended, but the tag is technically 
Acked-by rather than Ack-by.

I have committed the patch.

Cheers,

-- 
Julien Grall