Date: Sun, 8 Nov 2015 09:15:22 -0800 From: Greg KH <gregkh@...uxfoundation.org> To: Emese Revfy <re.emese@...il.com> Cc: Josh Triplett <josh@...htriplett.org>, Kees Cook <keescook@...omium.org>, "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, PaX Team <pageexec@...email.hu>, Brad Spengler <spender@...ecurity.net>, Theodore Tso <tytso@...gle.com> Subject: Re: Proposal for kernel self protection features On Sat, Nov 07, 2015 at 10:58:10PM +0100, Emese Revfy wrote: > > > Could the plugin operate in a mode where it emits warnings to add such > > > annotations explicitly in the code, rather than just automatically > > > moving the data? > > > > That would be nice for the constanfy mode as well, especially as some > > people aren't using gcc to build the kernel anymore, so it would be good > > to mark these "for real" in the .c code wherever possible to allow other > > compilers to take advantage of the plugin indirectly. > > Yes, I can do it of course. There can be two kernel config options: > * warning (dry run) mode: the plugin just prints out the warnings > * constify: do the constification automatically That sounds wonderful, I would love to see this happen. thanks, greg k-h
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.