[grsec] Q. 'const'antify the members of a structure
J. R. Okajima
hooanon05 at yahoo.co.jp
Fri May 28 01:53:39 EDT 2010
pageexec at freemail.hu:
> the last remaining case is 3 and we have it on good authority (namely, Al Viro)
> that such constructs are not desirable in linux in general and should never
> occur in fact. now C doesn't make it possible to express this property easily,
:::
> what this does is that at compile time it'll fail on code which tries to
> directly write into the some_op field of such a structure (it does allow
> initialization which is what you need for case 2), which in turn implies
> that such structures cannot be dynamically allocated since they'd need
> direct writes to set up the individual members after the allocation. so
> this is the real reason for making field members const, it implicitly forces
> the programmer to think twice about what he's doing. or rather, it would,
:::
This is my case.
I am developing a kernel module which is not merged into mainline (and
it will not be). Some users use it with the grsec-pached kernel.
In order to support various filesystems and their options, my module
allocates struct foo_operations and sets members dynamically. And users
got the compilation errors.
I don't understand why these 'const's enhances the security. But I
think I can understand your explanation.
Thanx for explanation.
J. R. Okajima
More information about the grsecurity
mailing list