lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140701081759.GA19708@infradead.org>
Date:	Tue, 1 Jul 2014 01:17:59 -0700
From:	Christoph Hellwig <hch@...radead.org>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Fabian Frederick <fabf@...net.be>, linux-kernel@...r.kernel.org,
	joe@...ches.com
Subject: Re: [RFC 1/1] proc: constify seq_operations

On Mon, Jun 30, 2014 at 01:39:39PM -0700, Andrew Morton wrote:
> On Mon, 30 Jun 2014 21:03:17 +0200 Fabian Frederick <fabf@...net.be> wrote:
> 
> > proc_uid_seq_operations, proc_gid_seq_operations and proc_projid_seq_operations
> > are only called in proc_id_map_open with seq_open as
> > const struct seq_operations so we can constify the 3 structures and update
> > proc_id_map_open prototype.
> 
> There are an absolutely enormous number of places where we could
> constify things.  For sheer sanity's sake I'm not inclined to churn the
> code in this way unless a patch provides some sort of runtime benefit. 
> And this particular patch doesn't appear to change the generated code
> at all.

Unlike a lot of the cleanup patches which provide no benefit at all
constifying op vectors moves them from .text to .data which is not
marked executable and thus reduce the attack vector for kernel exploits.

So I defintively like to see these much more than a lot of the other
things filling up the lists.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ