Hi,
Please pull these gcc-plugins changes for v4.13-rc2. Now that IPC and
other trees have landed, it's sensible to pull the manual markings
portion of randstruct. This is the rest of what was staged in -next for
the gcc-plugins, and comes in three patches, largest first:
- mark "easy" structs with __randomize_layout
- mark task_struct with an optional anonymous struct to isolate the
__randomize_layout section
- mark structs to opt _out_ of automated marking (which will come later)
Various (trivial) merge conflicts exist due to additions to structures.
Since there were more than a couple, I thought I'd just send along how
I solved the conflicts when I did the merge to your tree this morning,
if it helps:
diff --cc fs/proc/internal.h
index 18694598bebf,07b16318223f..aa2b89071630
--- a/fs/proc/internal.h
+++ b/fs/proc/internal.h
@@@ -67,10 -67,10 +67,10 @@@ struct proc_inode
struct proc_dir_entry *pde;
struct ctl_table_header *sysctl;
struct ctl_table *sysctl_entry;
- struct list_head sysctl_inodes;
+ struct hlist_node sysctl_inodes;
const struct proc_ns_operations *ns_ops;
struct inode vfs_inode;
- };
+ } __randomize_layout;
/*
* General functions
diff --cc include/linux/fs.h
index 7b5d6816542b,8f28143486c4..6e1fd5d21248
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@@ -295,8 -275,7 +295,8 @@@ struct kiocb
void (*ki_complete)(struct kiocb *iocb, long ret, long ret2);
void *private;
int ki_flags;
+ enum rw_hint ki_hint;
- };
+ } __randomize_layout;
static inline bool is_sync_kiocb(struct kiocb *kiocb)
{
@@@ -403,8 -392,7 +403,8 @@@ struct address_space
gfp_t gfp_mask; /* implicit gfp mask for
allocations */
struct list_head private_list; /* ditto */
void *private_data; /* ditto */
+ errseq_t wb_err;
- } __attribute__((aligned(sizeof(long))));
+ } __attribute__((aligned(sizeof(long)))) __randomize_layout;
/*
* On most architectures that alignment is already the case; but
* must be enforced here for CRIS, to let the least significant bit
@@@ -882,8 -868,8 +882,9 @@@ struct file
struct list_head f_tfile_llink;
#endif /* #ifdef CONFIG_EPOLL */
struct address_space *f_mapping;
+ errseq_t f_wb_err;
- } __attribute__((aligned(4))); /* lest something weird decides that 2
is OK */
+ } __randomize_layout
+ __attribute__((aligned(4))); /* lest something weird decides that 2
is OK */
struct file_handle {
__u32 handle_bytes;
diff --cc include/linux/ipc.h
index 5591f055e13f,ea0eb0b5f98c..fadd579d577d
--- a/include/linux/ipc.h
+++ b/include/linux/ipc.h
@@@ -20,9 -20,6 +20,9 @@@ struct kern_ipc_perm
umode_t mode;
unsigned long seq;
void *security;
+
+ struct rcu_head rcu;
+ atomic_t refcount;
- } ____cacheline_aligned_in_smp;
+ } ____cacheline_aligned_in_smp __randomize_layout;
#endif /* _LINUX_IPC_H */
diff --cc include/linux/sem.h
index be5cf2ea14ad,23bcbdfad4a6..de2deb8676bd
--- a/include/linux/sem.h
+++ b/include/linux/sem.h
@@@ -39,9 -21,7 +39,9 @@@ struct sem_array
int sem_nsems; /* no. of semaphores in array */
int complex_count; /* pending complex operations */
unsigned int use_global_lock;/* >0: global lock required */
+
+ struct sem sems[];
- };
+ } __randomize_layout;
#ifdef CONFIG_SYSVIPC
And, FWIW, this continues to pass allmodconfig (normal and patched to
enable gcc-plugins) builds of x86_64, i386, arm64, arm, powerpc, and
s390 for me.
Thanks!
-Kees
The following changes since commit ffa47aa678cfaa9b88e8a26cfb115b4768325121:
ARM: Prepare for randomized task_struct (2017-06-30 12:00:50 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git
tags/gcc-plugins-v4.13-rc2
for you to fetch changes up to 8acdf5055974e49d337d51ac7011449cfd7b7d05:
randstruct: opt-out externally exposed function pointer structs (2017-06-30
12:00:52 -0700)
----------------------------------------------------------------
Now that IPC and other changes have landed, enable manual markings for
randstruct plugin, including the task_struct.
----------------------------------------------------------------
Kees Cook (3):
randstruct: Mark various structs for randomization
task_struct: Allow randomized layout
randstruct: opt-out externally exposed function pointer structs
arch/arm/include/asm/cacheflush.h | 2 +-
arch/x86/include/asm/paravirt_types.h | 16 ++++++++--------
arch/x86/include/asm/processor.h | 2 +-
fs/mount.h | 4 ++--
fs/namei.c | 2 +-
fs/proc/internal.h | 6 +++---
include/linux/binfmts.h | 4 ++--
include/linux/cdev.h | 2 +-
include/linux/compiler-gcc.h | 13 ++++++++++++-
include/linux/compiler.h | 5 +++++
include/linux/cred.h | 4 ++--
include/linux/dcache.h | 2 +-
include/linux/fs.h | 17 +++++++++--------
include/linux/fs_struct.h | 2 +-
include/linux/ipc.h | 2 +-
include/linux/ipc_namespace.h | 2 +-
include/linux/key-type.h | 4 ++--
include/linux/kmod.h | 2 +-
include/linux/kobject.h | 2 +-
include/linux/lsm_hooks.h | 4 ++--
include/linux/mm_types.h | 4 ++--
include/linux/module.h | 4 ++--
include/linux/mount.h | 2 +-
include/linux/msg.h | 2 +-
include/linux/path.h | 2 +-
include/linux/pid_namespace.h | 2 +-
include/linux/proc_ns.h | 2 +-
include/linux/sched.h | 16 +++++++++++++++-
include/linux/sched/signal.h | 2 +-
include/linux/sem.h | 2 +-
include/linux/shm.h | 2 +-
include/linux/sysctl.h | 2 +-
include/linux/tty.h | 2 +-
include/linux/tty_driver.h | 4 ++--
include/linux/user_namespace.h | 2 +-
include/linux/utsname.h | 2 +-
include/net/af_unix.h | 2 +-
include/net/neighbour.h | 2 +-
include/net/net_namespace.h | 2 +-
include/net/sock.h | 2 +-
kernel/futex.c | 4 ++--
security/keys/internal.h | 2 +-
42 files changed, 97 insertions(+), 66 deletions(-)
--
Kees Cook
Pixel Security
