[PATCH] hv: mark hv_driver read only after init

Stephen Hemminger stephen at networkplumber.org
Fri Aug 12 23:35:56 UTC 2016 

For hardening, the driver structure containing function pointers can
be marked read only after initial registration is done.

Signed-off-by: Stephen Hemminger <sthemmin at linuxonhyperv.com>

---
 drivers/hid/hid-hyperv.c              |    2 +-
 drivers/input/serio/hyperv-keyboard.c |    2 +-
 drivers/net/hyperv/netvsc_drv.c       |    2 +-
 drivers/pci/host/pci-hyperv.c         |    2 +-
 drivers/scsi/storvsc_drv.c            |    2 +-
 drivers/video/fbdev/hyperv_fb.c       |    2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

--- a/drivers/net/hyperv/netvsc_drv.c	2016-08-12 16:23:42.077030799 -0700
+++ b/drivers/net/hyperv/netvsc_drv.c	2016-08-12 16:23:42.073030781 -0700
@@ -1488,7 +1488,7 @@ static const struct hv_vmbus_device_id i
 MODULE_DEVICE_TABLE(vmbus, id_table);
 
 /* The one and only one */
-static struct  hv_driver netvsc_drv = {
+static struct hv_driver netvsc_drv __ro_after_init = {
 	.name = KBUILD_MODNAME,
 	.id_table = id_table,
 	.probe = netvsc_probe,
--- a/drivers/hid/hid-hyperv.c	2016-08-12 16:23:42.077030799 -0700
+++ b/drivers/hid/hid-hyperv.c	2016-08-12 16:23:42.077030799 -0700
@@ -593,7 +593,7 @@ static const struct hv_vmbus_device_id i
 
 MODULE_DEVICE_TABLE(vmbus, id_table);
 
-static struct  hv_driver mousevsc_drv = {
+static struct hv_driver mousevsc_drv __ro_after_init = {
 	.name = KBUILD_MODNAME,
 	.id_table = id_table,
 	.probe = mousevsc_probe,
--- a/drivers/input/serio/hyperv-keyboard.c	2016-08-12 16:23:42.077030799 -0700
+++ b/drivers/input/serio/hyperv-keyboard.c	2016-08-12 16:23:42.077030799 -0700
@@ -420,7 +420,7 @@ static const struct hv_vmbus_device_id i
 
 MODULE_DEVICE_TABLE(vmbus, id_table);
 
-static struct  hv_driver hv_kbd_drv = {
+static struct hv_driver hv_kbd_drv __ro_after_init = {
 	.name = KBUILD_MODNAME,
 	.id_table = id_table,
 	.probe = hv_kbd_probe,
@@ -434,6 +434,7 @@ static int __init hv_kbd_init(void)
 
 static void __exit hv_kbd_exit(void)
 {
+
 	vmbus_driver_unregister(&hv_kbd_drv);
 }
 
--- a/drivers/pci/host/pci-hyperv.c	2016-08-12 16:23:42.077030799 -0700
+++ b/drivers/pci/host/pci-hyperv.c	2016-08-12 16:23:42.077030799 -0700
@@ -2340,7 +2340,7 @@ static const struct hv_vmbus_device_id h
 
 MODULE_DEVICE_TABLE(vmbus, hv_pci_id_table);
 
-static struct hv_driver hv_pci_drv = {
+static struct hv_driver hv_pci_drv __ro_after_init = {
 	.name		= "hv_pci",
 	.id_table	= hv_pci_id_table,
 	.probe		= hv_pci_probe,
--- a/drivers/scsi/storvsc_drv.c	2016-08-12 16:23:42.077030799 -0700
+++ b/drivers/scsi/storvsc_drv.c	2016-08-12 16:23:42.077030799 -0700
@@ -1739,7 +1739,7 @@ static int storvsc_remove(struct hv_devi
 	return 0;
 }
 
-static struct hv_driver storvsc_drv = {
+static struct hv_driver storvsc_drv __ro_after_init = {
 	.name = KBUILD_MODNAME,
 	.id_table = id_table,
 	.probe = storvsc_probe,
--- a/drivers/video/fbdev/hyperv_fb.c	2016-08-12 16:23:42.077030799 -0700
+++ b/drivers/video/fbdev/hyperv_fb.c	2016-08-12 16:23:42.077030799 -0700
@@ -907,7 +907,7 @@ static const struct hv_vmbus_device_id i
 MODULE_DEVICE_TABLE(pci, pci_stub_id_table);
 MODULE_DEVICE_TABLE(vmbus, id_table);
 
-static struct hv_driver hvfb_drv = {
+static struct hv_driver hvfb_drv __ro_after_init = {
 	.name = KBUILD_MODNAME,
 	.id_table = id_table,
 	.probe = hvfb_probe,

More information about the devel mailing list