| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e7361a1bb7defbb0f7056b884e83f8d75ac9fe21.1727517084.git.christophe.jaillet@wanadoo.fr>
Date: Sat, 28 Sep 2024 11:52:46 +0200
From: Christophe JAILLET <christophe.jaillet@...adoo.fr>
To: Paolo Bonzini <pbonzini@...hat.com>
Cc: linux-kernel@...r.kernel.org,
kernel-janitors@...r.kernel.org,
Christophe JAILLET <christophe.jaillet@...adoo.fr>,
kvm@...r.kernel.org
Subject: [PATCH] kvm/vfio: Constify struct kvm_device_ops
'struct kvm_device_ops' is not modified in this driver.
Constifying this structure moves some data to a read-only section, so
increases overall security, especially when the structure holds some
function pointers.
On a x86_64, with allmodconfig:
Before:
======
text data bss dec hex filename
2605 169 16 2790 ae6 virt/kvm/vfio.o
After:
=====
text data bss dec hex filename
2685 89 16 2790 ae6 virt/kvm/vfio.o
Signed-off-by: Christophe JAILLET <christophe.jaillet@...adoo.fr>
---
Compile tested only
---
virt/kvm/vfio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/virt/kvm/vfio.c b/virt/kvm/vfio.c
index 388ae471d258..e72a6a1d5a20 100644
--- a/virt/kvm/vfio.c
+++ b/virt/kvm/vfio.c
@@ -353,7 +353,7 @@ static void kvm_vfio_release(struct kvm_device *dev)
static int kvm_vfio_create(struct kvm_device *dev, u32 type);
-static struct kvm_device_ops kvm_vfio_ops = {
+static const struct kvm_device_ops kvm_vfio_ops = {
.name = "kvm-vfio",
.create = kvm_vfio_create,
.release = kvm_vfio_release,
--
2.46.1
Powered by blists - more mailing lists