Declaring sideways like this is unsafe, because the compiler can't check that
the implementaton in flask_op.c still has the same type.
Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com>
---
CC: Daniel De Graaf <dgde...@tycho.nsa.gov>
CC: Daniel Smith <dpsm...@apertussolutions.com>
v2:
* Rework in the face of no useful progress on the better fix.
---
xen/xsm/flask/flask_op.c | 1 +
xen/xsm/flask/hooks.c | 4 +---
xen/xsm/flask/private.h | 9 +++++++++
3 files changed, 11 insertions(+), 3 deletions(-)
create mode 100644 xen/xsm/flask/private.h
diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c
index 221ff00fd3cc..bb3bebc30e01 100644
--- a/xen/xsm/flask/flask_op.c
+++ b/xen/xsm/flask/flask_op.c
@@ -21,6 +21,7 @@
#include <avc_ss.h>
#include <objsec.h>
#include <conditional.h>
+#include "private.h"
#define ret_t long
#define _copy_to_guest copy_to_guest
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 3b29f7fde372..6ff1be28e4a4 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -36,6 +36,7 @@
#include <avc_ss.h>
#include <objsec.h>
#include <conditional.h>
+#include "private.h"
static u32 domain_sid(const struct domain *dom)
{
@@ -1742,9 +1743,6 @@ static int flask_argo_send(const struct domain *d, const
struct domain *t)
#endif
-long do_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op);
-int compat_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op);
-
static const struct xsm_ops __initconstrel flask_ops = {
.security_domaininfo = flask_security_domaininfo,
.domain_create = flask_domain_create,
diff --git a/xen/xsm/flask/private.h b/xen/xsm/flask/private.h
new file mode 100644
index 000000000000..73b0de87245a
--- /dev/null
+++ b/xen/xsm/flask/private.h
@@ -0,0 +1,9 @@
+#ifndef XSM_FLASK_PRIVATE
+#define XSM_FLASK_PRIVATE
+
+#include <public/xen.h>
+
+long do_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op);
+int compat_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op);
+
+#endif /* XSM_FLASK_PRIVATE */
--
2.11.0
