From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter Zijlstra Subject: Re: [PATCH] pid: change task_struct::pid to read-only Date: Tue, 17 Dec 2013 10:58:01 +0100 Message-ID: <20131217095801.GF21999@twins.programming.kicks-ass.net> References: <8aa73d2b884439496f87d5f34c12ba9b4b40f7e5.1377032086.git.rgb@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org To: Richard Guy Briggs Cc: linux-audit@redhat.com, linux-kernel@vger.kernel.org, Eric Paris , Oleg Nesterov List-Id: linux-audit@redhat.com On Mon, Dec 16, 2013 at 04:03:38PM -0500, Richard Guy Briggs wrote: > task->pid is only ever assigned once (well ok, twice). For system health and > secure logging confidence, make it const to make it much more intentional when > it is being changed. > --- > > Peter, as you had suggested, does this approach work for you in terms of making > task_struct::pid a lot more difficult to accidentally change to try to preserve > its integrity? Yeah, looks good to me. > Is the use of memcpy() significantly different from *p = *q ? You'd have to look at the asm, but I suspect gcc knows to do full struct copies using mempcy.