nfsd: Const-ify NFSv4 encoding and decoding ops arrays

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Close an attack vector by moving the arrays of encoding and decoding
methods to read-only memory.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>

authored by

Chuck Lever and committed by

J. Bruce Fields 8 years ago c1df609d 2412e927

+2 -2

1 changed file

expand all

nfsd

nfs4xdr.c

+2 -2

fs/nfsd/nfs4xdr.c

··· 1780 1780 1781 1781 typedef __be32(*nfsd4_dec)(struct nfsd4_compoundargs *argp, void *); 1782 1782 1783 - static nfsd4_dec nfsd4_dec_ops[] = { 1783 + static const nfsd4_dec nfsd4_dec_ops[] = { 1784 1784 [OP_ACCESS] = (nfsd4_dec)nfsd4_decode_access, 1785 1785 [OP_CLOSE] = (nfsd4_dec)nfsd4_decode_close, 1786 1786 [OP_COMMIT] = (nfsd4_dec)nfsd4_decode_commit, ··· 4224 4224 * since we don't need to filter out obsolete ops as this is 4225 4225 * done in the decoding phase. 4226 4226 */ 4227 - static nfsd4_enc nfsd4_enc_ops[] = { 4227 + static const nfsd4_enc nfsd4_enc_ops[] = { 4228 4228 [OP_ACCESS] = (nfsd4_enc)nfsd4_encode_access, 4229 4229 [OP_CLOSE] = (nfsd4_enc)nfsd4_encode_close, 4230 4230 [OP_COMMIT] = (nfsd4_enc)nfsd4_encode_commit,