diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-07-19 08:55:18 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-07-19 08:55:18 -0700 |
| commit | e06fdaf40a5c021dd4a2ec797e8b724f07360070 (patch) | |
| tree | d0e7ec007cd0c4125b3879f389790ed900f00ad4 /include/net | |
| parent | a90c6ac2b5651b1f907de512c2fa648c9fa6bb6e (diff) | |
| parent | 8acdf5055974e49d337d51ac7011449cfd7b7d05 (diff) | |
| download | linux-e06fdaf40a5c021dd4a2ec797e8b724f07360070.tar.gz | |
Merge tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull structure randomization updates from Kees Cook:
"Now that IPC and other changes have landed, enable manual markings for
randstruct plugin, including the task_struct.
This is the rest of what was staged in -next for the gcc-plugins, and
comes in three patches, largest first:
- mark "easy" structs with __randomize_layout
- mark task_struct with an optional anonymous struct to isolate the
__randomize_layout section
- mark structs to opt _out_ of automated marking (which will come
later)
And, FWIW, this continues to pass allmodconfig (normal and patched to
enable gcc-plugins) builds of x86_64, i386, arm64, arm, powerpc, and
s390 for me"
* tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
randstruct: opt-out externally exposed function pointer structs
task_struct: Allow randomized layout
randstruct: Mark various structs for randomization
Diffstat (limited to 'include/net')
| -rw-r--r-- | include/net/af_unix.h | 2 | ||||
| -rw-r--r-- | include/net/neighbour.h | 2 | ||||
| -rw-r--r-- | include/net/net_namespace.h | 2 | ||||
| -rw-r--r-- | include/net/sock.h | 2 |
4 files changed, 4 insertions, 4 deletions
diff --git a/include/net/af_unix.h b/include/net/af_unix.h index 678e4d6fa317..53b1a2cca421 100644 --- a/include/net/af_unix.h +++ b/include/net/af_unix.h @@ -37,7 +37,7 @@ struct unix_skb_parms { u32 secid; /* Security ID */ #endif u32 consumed; -}; +} __randomize_layout; #define UNIXCB(skb) (*(struct unix_skb_parms *)&((skb)->cb)) diff --git a/include/net/neighbour.h b/include/net/neighbour.h index afc39e3a3f7c..9816df225af3 100644 --- a/include/net/neighbour.h +++ b/include/net/neighbour.h @@ -156,7 +156,7 @@ struct neighbour { struct rcu_head rcu; struct net_device *dev; u8 primary_key[0]; -}; +} __randomize_layout; struct neigh_ops { int family; diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index 31a2b51bef2c..1c401bd4c2e0 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -148,7 +148,7 @@ struct net { #endif struct sock *diag_nlsk; atomic_t fnhe_genid; -}; +} __randomize_layout; #include <linux/seq_file_net.h> diff --git a/include/net/sock.h b/include/net/sock.h index f69c8c2782df..7c0632c7e870 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -1128,7 +1128,7 @@ struct proto { atomic_t socks; #endif int (*diag_destroy)(struct sock *sk, int err); -}; +} __randomize_layout; int proto_register(struct proto *prot, int alloc_slab); void proto_unregister(struct proto *prot); |