On Sat, Sep 29, 2018 at 7:36 PM, Tetsuo Handa
<penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote:
> On 2018/09/30 3:18, Kees Cook wrote:
>>> Just wondering what is "__lsm_name_##lsm" for...
>>>
>>> +#define DEFINE_LSM(lsm) \
>>> + static const char __lsm_name_##lsm[] __initconst \
>>> + __aligned(1) = #lsm; \
>>> + static struct lsm_info __lsm_##lsm \
>>> + __used __section(.lsm_info.init) \
>>> + __aligned(sizeof(unsigned long)) \
>>> + = { \
>>> + .name = __lsm_name_##lsm, \
>>> +
>>> +#define END_LSM }
>>
>> I wasn't super happy with the END_LSM thing, but I wanted to be able
>> to declare the name as __initconst, otherwise it needlessly stays in
>> memory after init. That said, it's not a huge deal, and maybe
>> readability trumps a tiny meory savings?
>
> The value of .name field is a few bytes string, and is not sensitive
> information. Keeping such string in non-__initdata section unlikely
> increases total memory pages required for that module.
>
> Unless we need to generate unique address of such string for some reason,
> I think that this saving is pointless.
Okay, sounds good. I will adjust the macro and respin with a v4.
Thanks!
-Kees
--
Kees Cook
Pixel Security
