projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3598f5d)
randstruct: Enable function pointer struct detection
authorKees Cook <keescook@chromium.org>
Sat, 6 May 2017 06:56:07 +0000 (23:56 -0700)
committerKees Cook <keescook@chromium.org>
Wed, 2 Aug 2017 00:04:48 +0000 (17:04 -0700)
This enables the automatic structure selection logic in the randstruct
GCC plugin. The selection logic randomizes all structures that contain
only function pointers, unless marked with __no_randomize_layout.

Signed-off-by: Kees Cook <keescook@chromium.org>
arch/Kconfig patch | blob | blame | history
scripts/gcc-plugins/randomize_layout_plugin.c patch | blob | blame | history

diff --git a/arch/Kconfig b/arch/Kconfig
index 21d0089117fe957be2e32f97d5ab92b3086abd1c..4ada3209146aad6f0315f253a22caa6f4218ec66 100644 (file)
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -473,11 +473,13 @@ config GCC_PLUGIN_RANDSTRUCT
        depends on GCC_PLUGINS
        select MODVERSIONS if MODULES
        help
-         If you say Y here, the layouts of structures explicitly
-         marked by __randomize_layout will be randomized at
-         compile-time.  This can introduce the requirement of an
-         additional information exposure vulnerability for exploits
-         targeting these structure types.
+         If you say Y here, the layouts of structures that are entirely
+         function pointers (and have not been manually annotated with
+         __no_randomize_layout), or structures that have been explicitly
+         marked with __randomize_layout, will be randomized at compile-time.
+         This can introduce the requirement of an additional information
+         exposure vulnerability for exploits targeting these structure
+         types.
 
          Enabling this feature will introduce some performance impact,
          slightly increase memory usage, and prevent the use of forensic
diff --git a/scripts/gcc-plugins/randomize_layout_plugin.c b/scripts/gcc-plugins/randomize_layout_plugin.c
index cdaac8c66734b05971c4e4476b73f9572aa936e3..0073af326449864b4da5f7a64677c0de2d5eafa2 100644 (file)
--- a/scripts/gcc-plugins/randomize_layout_plugin.c
+++ b/scripts/gcc-plugins/randomize_layout_plugin.c
@@ -436,9 +436,6 @@ static int is_pure_ops_struct(const_tree node)
 
        gcc_assert(TREE_CODE(node) == RECORD_TYPE || TREE_CODE(node) == UNION_TYPE);
 
-       /* XXX: Do not apply randomization to all-ftpr structs yet. */
-       return 0;
-
        for (field = TYPE_FIELDS(node); field; field = TREE_CHAIN(field)) {
                const_tree fieldtype = get_field_type(field);
                enum tree_code code = TREE_CODE(fieldtype);