| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Mar 2016 09:35:34 +0100
From: Matt Redfearn <matt.redfearn@...tec.com>
To: <IMG-MIPSLinuxKerneldevelopers@...tec.com>
CC: Matt Redfearn <matt.redfearn@...tec.com>,
Will Drewry <wad@...omium.org>, <linux-kernel@...r.kernel.org>,
Andy Lutomirski <luto@...capital.net>,
"Kees Cook" <keescook@...omium.org>
Subject: [PATCH v2 6/6] secomp: Constify mode1 syscall whitelist
These values are constant and should be marked as such.
Signed-off-by: Matt Redfearn <matt.redfearn@...tec.com>
---
Changes in v2: None
kernel/seccomp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index b0082c14764f..9243d686d11a 100644
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -513,14 +513,14 @@ static void seccomp_send_sigsys(int syscall, int reason)
* To be fully secure this must be combined with rlimit
* to limit the stack allocations too.
*/
-static int mode1_syscalls[] = {
+static const int mode1_syscalls[] = {
__NR_seccomp_read, __NR_seccomp_write, __NR_seccomp_exit, __NR_seccomp_sigreturn,
0, /* null terminated */
};
static void __secure_computing_strict(int this_syscall)
{
- int *syscall_whitelist = mode1_syscalls;
+ const int *syscall_whitelist = mode1_syscalls;
#ifdef CONFIG_COMPAT
if (is_compat_task())
syscall_whitelist = get_compat_mode1_syscalls();
--
2.5.0
Powered by blists - more mailing lists