Added kernel section clear/protect after init

This is a huge security improvement as it prevents potential exploits of using or modifying internal kernel functions or data.
author: Marvin Borner 2021-04-02 23:26:28 +0200
committer: Marvin Borner 2021-04-02 23:26:28 +0200
commit: ce98400f8a9ebd4e62e76b9e292b7598d0d66cc0 (patch)
tree: 823f06c2c325ead611863eeb3ac974c1ae562878 /kernel/features/fs.c
parent: fe468b476d567b6aa0695a030c408ccf46278c7d (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/kernel/features/fs.c b/kernel/features/fs.c
index 0ffe80f..cc9949e 100644
--- a/kernel/features/fs.c
+++ b/kernel/features/fs.c
@@ -16,7 +16,7 @@
  * VFS
  */
 
-static struct list *mount_points = NULL;
+PROTECTED static struct list *mount_points = NULL;
 
 static char *vfs_normalize_path(const char *path)
 {
@@ -293,7 +293,7 @@ res vfs_ready(const char *path)
 	return m->dev->vfs->ready(path, m->dev);
 }
 
-void vfs_install(void)
+CLEAR void vfs_install(void)
 {
 	mount_points = list_new();
 }
@@ -302,9 +302,9 @@ void vfs_install(void)
  * Device
  */
 
-static struct list *devices = NULL;
+PROTECTED static struct list *devices = NULL;
 
-void device_add(struct device *dev)
+CLEAR void device_add(struct device *dev)
 {
 	dev->id = rand() + 1;
 	list_add(devices, dev);
@@ -373,7 +373,7 @@ static res devfs_ready(const char *path, struct device *dev)
 	return target->ready();
 }
 
-void device_install(void)
+CLEAR void device_install(void)
 {
 	devices = list_new();
author	Marvin Borner	2021-04-02 23:26:28 +0200
committer	Marvin Borner	2021-04-02 23:26:28 +0200
commit	ce98400f8a9ebd4e62e76b9e292b7598d0d66cc0 (patch)
tree	823f06c2c325ead611863eeb3ac974c1ae562878 /kernel/features/fs.c
parent	fe468b476d567b6aa0695a030c408ccf46278c7d (diff)