[PATCH] pid: change task_struct::pid to read-only
Peter Zijlstra
peterz at infradead.org
Tue Dec 17 09:58:01 UTC 2013
On Mon, Dec 16, 2013 at 04:03:38PM -0500, Richard Guy Briggs wrote:
> task->pid is only ever assigned once (well ok, twice). For system health and
> secure logging confidence, make it const to make it much more intentional when
> it is being changed.
> ---
>
> Peter, as you had suggested, does this approach work for you in terms of making
> task_struct::pid a lot more difficult to accidentally change to try to preserve
> its integrity?
Yeah, looks good to me.
> Is the use of memcpy() significantly different from *p = *q ?
You'd have to look at the asm, but I suspect gcc knows to do full struct
copies using mempcy.
More information about the Linux-audit
mailing list