| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b1c7b612-5c5e-4234-9aa5-a83105d01c52@wanadoo.fr>
Date: Mon, 15 Dec 2025 08:19:33 +0100
From: Christophe JAILLET <christophe.jaillet@...adoo.fr>
To: Baoquan He <bhe@...hat.com>, coxu@...hat.com
Cc: Andrew Morton <akpm@...ux-foundation.org>, Vivek Goyal
<vgoyal@...hat.com>, Dave Young <dyoung@...hat.com>,
linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org,
kexec@...ts.infradead.org
Subject: Re: [PATCH] crash_dump: Constify struct configfs_item_operations and
configfs_group_operations
Le 15/12/2025 à 03:13, Baoquan He a écrit :
> On 12/14/25 at 06:57pm, Christophe JAILLET wrote:
>> 'struct configfs_item_operations' and 'configfs_group_operations' are not
>> modified in this driver.
>>
>> Constifying these structures moves some data to a read-only section, so
>> increases overall security, especially when the structure holds some
>> function pointers.
>>
>> On a x86_64, with allmodconfig, as an example:
>> Before:
>> ======
>> text data bss dec hex filename
>> 16339 11001 384 27724 6c4c kernel/crash_dump_dm_crypt.o
>>
>> After:
>> =====
>> text data bss dec hex filename
>> 16499 10841 384 27724 6c4c kernel/crash_dump_dm_crypt.o
>>
>> Signed-off-by: Christophe JAILLET <christophe.jaillet@...adoo.fr>
>
> Sounds not bad, leave this to Coiby to test.
>
>> ---
>> Compile tested only.
>>
>> This change is possible since commits f2f36500a63b and f7f78098690d.
>
> I don't follow here, why do these two commits have anything with this
> patch?
Without these patches, it won't compile because "struct
config_item_type" needs to be tweaked to accept some const field. It is
what is done by these patches that have landed 2 weeks ago or so.
Without these 2 commits, you would get (with French messages, sorry):
CC kernel/crash_dump_dm_crypt.o
kernel/crash_dump_dm_crypt.c:231:24: erreur: l'initialisation abandonne
le qualificatif « const » du type pointé [-Werror=discarded-qualifiers]
231 | .ct_item_ops = &config_key_item_ops,
| ^
kernel/crash_dump_dm_crypt.c:306:25: erreur: l'initialisation abandonne
le qualificatif « const » du type pointé [-Werror=discarded-qualifiers]
306 | .ct_group_ops = &config_keys_group_ops,
| ^
CJ
>
>> ---
>> kernel/crash_dump_dm_crypt.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/kernel/crash_dump_dm_crypt.c b/kernel/crash_dump_dm_crypt.c
>> index 401423ba477d..0d23dc1de67c 100644
>> --- a/kernel/crash_dump_dm_crypt.c
>> +++ b/kernel/crash_dump_dm_crypt.c
>> @@ -223,7 +223,7 @@ static void config_key_release(struct config_item *item)
>> key_count--;
>> }
>>
>> -static struct configfs_item_operations config_key_item_ops = {
>> +static const struct configfs_item_operations config_key_item_ops = {
>> .release = config_key_release,
>> };
>>
>> @@ -298,7 +298,7 @@ static struct configfs_attribute *config_keys_attrs[] = {
>> * Note that, since no extra work is required on ->drop_item(),
>> * no ->drop_item() is provided.
>> */
>> -static struct configfs_group_operations config_keys_group_ops = {
>> +static const struct configfs_group_operations config_keys_group_ops = {
>> .make_item = config_keys_make_item,
>> };
>>
>> --
>> 2.52.0
>>
>>
>
>
>
Powered by blists - more mailing lists