git: 28b0084af332 - main - kern: mac: sprinkle a bit of const correctness
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 23 Apr 2026 18:48:10 UTC
The branch main has been updated by kevans:
URL: https://cgit.FreeBSD.org/src/commit/?id=28b0084af332c34af3bdc60354bb7feea8ceeaa3
commit 28b0084af332c34af3bdc60354bb7feea8ceeaa3
Author: Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2026-04-23 18:47:09 +0000
Commit: Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2026-04-23 18:47:09 +0000
kern: mac: sprinkle a bit of const correctness
mpc_name and mpc_fullname are string literals in correct usage, so they
should really be const instead.
mpc_ops aren't typically const, but the framework shouldn't be doing
anything to clobber it; thus, good to constify it as a reminder.
Switch to using a slightly more semantically correct `void **` in the
fastpath bits while we're here, since we only do arithmetic on the outer
layer of pointer and compare the inner to a pointer-typed (NULL).
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D55702
---
sys/security/mac/mac_framework.c | 10 +++++-----
sys/security/mac/mac_policy.h | 6 +++---
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/sys/security/mac/mac_framework.c b/sys/security/mac/mac_framework.c
index fec63b99c0e0..e1733f114a5d 100644
--- a/sys/security/mac/mac_framework.c
+++ b/sys/security/mac/mac_framework.c
@@ -417,7 +417,7 @@ mac_policy_update(void)
* policies. Gross hack below enables doing it in a cheap manner.
*/
-#define FPO(f) (offsetof(struct mac_policy_ops, mpo_##f) / sizeof(uintptr_t))
+#define FPO(f) (offsetof(struct mac_policy_ops, mpo_##f) / sizeof(void *))
struct mac_policy_fastpath_elem {
int count;
@@ -488,12 +488,12 @@ static void
mac_policy_fastpath_register(struct mac_policy_conf *mpc)
{
struct mac_policy_fastpath_elem *mpfe;
- uintptr_t **ops;
+ const void * const *ops;
int i;
mac_policy_xlock_assert();
- ops = (uintptr_t **)mpc->mpc_ops;
+ ops = (const void * const *)mpc->mpc_ops;
for (i = 0; i < nitems(mac_policy_fastpath_array); i++) {
mpfe = &mac_policy_fastpath_array[i];
if (ops[mpfe->offset] != NULL)
@@ -505,12 +505,12 @@ static void
mac_policy_fastpath_unregister(struct mac_policy_conf *mpc)
{
struct mac_policy_fastpath_elem *mpfe;
- uintptr_t **ops;
+ const void * const *ops;
int i;
mac_policy_xlock_assert();
- ops = (uintptr_t **)mpc->mpc_ops;
+ ops = (const void * const *)mpc->mpc_ops;
for (i = 0; i < nitems(mac_policy_fastpath_array); i++) {
mpfe = &mac_policy_fastpath_array[i];
if (ops[mpfe->offset] != NULL)
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index 03c0ea2f8550..4c6cb1b9b2d0 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -1070,9 +1070,9 @@ struct mac_policy_ops {
* structure, as its layout is statically compiled into all policies.
*/
struct mac_policy_conf {
- char *mpc_name; /* policy name */
- char *mpc_fullname; /* policy full name */
- struct mac_policy_ops *mpc_ops; /* policy operations */
+ const char *mpc_name; /* policy name */
+ const char *mpc_fullname; /* policy full name */
+ const struct mac_policy_ops *mpc_ops; /* policy operations */
int mpc_loadtime_flags; /* flags */
int *mpc_field_off; /* security field */
int mpc_runtime_flags; /* flags */