Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAGXu5jKzKAje_gtOQY7ukh67LLqmcWzVQ502V6akAB6ShH3h3w@mail.gmail.com>
Date: Mon, 9 Nov 2015 15:34:53 -0800
From: Kees Cook <keescook@...omium.org>
To: Julia Lawall <julia.lawall@...6.fr>
Cc: Emese Revfy <re.emese@...il.com>, 
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, 
	Dan Carpenter <dan.carpenter@...cle.com>, Joe Perches <joe@...ches.com>, 
	kernel-janitors@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>, 
	PaX Team <pageexec@...email.hu>
Subject: Re: Re: [PATCH] video: constify geode ops structures

On Mon, Nov 9, 2015 at 1:55 PM, Julia Lawall <julia.lawall@...6.fr> wrote:
> On Mon, 9 Nov 2015, Kees Cook wrote:
>
>> On Mon, Nov 9, 2015 at 9:48 AM, Julia Lawall <julia.lawall@...6.fr> wrote:
>> > On Mon, 9 Nov 2015, Emese Revfy wrote:
>> >
>> >> On Mon, 9 Nov 2015 14:50:47 +0000 (GMT)
>> >> Julia Lawall <julia.lawall@...6.fr> wrote:
>> >> > > Actually, it looks like Emese Revfy is going to merge the GCC plugin
>> >> > > constify stuff sooner rather than later so maybe adding all these consts
>> >> > > isn't going to be needed.
>> >> >
>> >> > Is there any advantage of const over the plugin?  The consts are easy to
>> >> > add.
>> >>
>> >> Hi,
>> >>
>> >> I think it's a very good advantage that the plugin constifies automatically
>> >> without regular maintenance (e.g., generate patches with coccinelle,
>> >> send patches to the maintainers every new kernel version). ;)
>> >> But if it doesn't convince you, I did constification by hand (with a coccinelle
>> >> script) some years ago.
>> >> There are too many types that can be const and it took too long to prepare and
>> >> get the maintainers to accept the patches.
>> >> And it never ends as there are always new types that can be const.
>> >
>> > What happens if some structures cannot be made const because there is a
>> > reassignment somewhere?  Is there any feedback about the problem?
>>
>> AIUI, for now, we can't make those const (though I would be happy to
>> be corrected). My hope would be to allow reassignment using something
>> like PaX's kernel_open/kernel_close inlines to allow for temporary
>> modification of read-only things (as part of the KERNEXEC feature).
>
> What I was more wondering was whether there is any feedback about the
> situation?

My plan is to help get the PaX constification plugin into the upstream
kernel. We'll know more about the feedback on that when it gets
attempted (hopefully in the coming weeks).

-Kees

-- 
Kees Cook
Chrome OS Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.