From ce98400f8a9ebd4e62e76b9e292b7598d0d66cc0 Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Fri, 2 Apr 2021 23:26:28 +0200
Subject: Added kernel section clear/protect after init

This is a huge security improvement as it prevents potential exploits
of using or modifying internal kernel functions or data.
---
 kernel/features/fs.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'kernel/features/fs.c')

diff --git a/kernel/features/fs.c b/kernel/features/fs.c
index 0ffe80f..cc9949e 100644
--- a/kernel/features/fs.c
+++ b/kernel/features/fs.c
@@ -16,7 +16,7 @@
  * VFS
  */
 
-static struct list *mount_points = NULL;
+PROTECTED static struct list *mount_points = NULL;
 
 static char *vfs_normalize_path(const char *path)
 {
@@ -293,7 +293,7 @@ res vfs_ready(const char *path)
 	return m->dev->vfs->ready(path, m->dev);
 }
 
-void vfs_install(void)
+CLEAR void vfs_install(void)
 {
 	mount_points = list_new();
 }
@@ -302,9 +302,9 @@ void vfs_install(void)
  * Device
  */
 
-static struct list *devices = NULL;
+PROTECTED static struct list *devices = NULL;
 
-void device_add(struct device *dev)
+CLEAR void device_add(struct device *dev)
 {
 	dev->id = rand() + 1;
 	list_add(devices, dev);
@@ -373,7 +373,7 @@ static res devfs_ready(const char *path, struct device *dev)
 	return target->ready();
 }
 
-void device_install(void)
+CLEAR void device_install(void)
 {
 	devices = list_new();
 
-- 
cgit v1.2.3