Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 9 Nov 2015 08:42:53 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Julia Lawall <julia.lawall@...6.fr>, Joe Perches <joe@...ches.com>
Cc: kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org,
        Kees Cook <keescook@...omium.org>, kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH] video: constify geode ops structures

On Sun, Nov 08, 2015 at 10:24:49PM +0000, Julia Lawall wrote:
> On Mon, 9 Nov 2015, Dan Carpenter wrote:
> 
> > Cool.  So, in grsec they use a GCC plugin to make these const
> > automatically since they only contain function pointers.  There about
> > 100 struct types marked as __no_const.  Kees would like to adopt the
> > grsec pluggin approach I expect.  Do you have an idea how many structs
> > only contain function pointers or how many consts we would have to add
> > to get the same effect without the plugin?
> 
> My list has 373 type names.  In the list there are counts for good
> (already const) and bad (not const).  The sum of the bad values is 2467.
> The list is below.
> 
> julia

Fantastic!  Thanks.  We could autogenerate the list of type names and
make checkpatch.pl complain if we declared those types as non const.

I ran this command to find which functions grsec marks as __no_const.

egrep '(^ struct |^@@|__no_const;)' grsecurity-3.1-4.2.5-201511021814.patch | grep __no_const -B1 | grep -v __no_const | grep -v '^--' | cut -d @ -f 5-  | cut -b 9- | cut -d ' ' -f 1

There are 60 structs declared as __no_const.  For some structs they
declare a no_const version and use it as needed.  Like this:
typedef struct net_device_ops __no_const net_device_ops_no_const;

grep __no_const grsecurity-3.1-4.2.5-201511021814.patch | grep typedef | cut -d ' ' -f 3

There are 32 of those.

Then I compared to see if their structs were on your list.  For some
reason there quite a few one their list which are not on yours.  Out
of the first 10 about half weren't on your list.  cpu_cache_fns,
outer_cache_fns, psci_operations, smp_operations, omap_hwmod_soc_ops,
smp_ops_t.  These are mostly different arches?

Also bit_table has in int has well as a function pointers but it is on
their list.  I'm not sure why.  Maybe they are marking structs const
that I don't know about.

The other trick that they do is they define structs as __do_const if
they want them to be const by default, which is pretty neat.  This feels
like it should be a standard GCC feature.  In the meantime we could
mark things as __do_const and print a sparse warning if it was declared
as not const.

I have attached the list of __no_const structs.

regards,
dan carpenter



View attachment "no_const" of type "text/plain" (1404 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.