diff options
| author | Kees Cook <keescook@chromium.org> | 2017-01-13 14:14:39 -0500 |
|---|---|---|
| committer | Kees Cook <keescook@chromium.org> | 2017-01-18 15:02:35 -0500 |
| commit | c61f13eaa1ee17728c41370100d2d45c254ce76f (patch) | |
| tree | 63ae636a8d3bfc405b8a0a108ab17c24c5790fd8 /include/linux/compiler.h | |
| parent | 8d4973a1c01d4b38871fbc6631e1fdd20e6c9e90 (diff) | |
gcc-plugins: Add structleak for more stack initialization
This plugin detects any structures that contain __user attributes and
makes sure it is being fully initialized so that a specific class of
information exposure is eliminated. (This plugin was originally designed
to block the exposure of siginfo in CVE-2013-2141.)
Ported from grsecurity/PaX. This version adds a verbose option to the
plugin and the Kconfig.
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'include/linux/compiler.h')
| -rw-r--r-- | include/linux/compiler.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/include/linux/compiler.h b/include/linux/compiler.h index cf0fa5d86059..91c30cba984e 100644 --- a/include/linux/compiler.h +++ b/include/linux/compiler.h | |||
| @@ -27,7 +27,11 @@ extern void __chk_user_ptr(const volatile void __user *); | |||
| 27 | extern void __chk_io_ptr(const volatile void __iomem *); | 27 | extern void __chk_io_ptr(const volatile void __iomem *); |
| 28 | # define ACCESS_PRIVATE(p, member) (*((typeof((p)->member) __force *) &(p)->member)) | 28 | # define ACCESS_PRIVATE(p, member) (*((typeof((p)->member) __force *) &(p)->member)) |
| 29 | #else /* __CHECKER__ */ | 29 | #else /* __CHECKER__ */ |
| 30 | # define __user | 30 | # ifdef STRUCTLEAK_PLUGIN |
| 31 | # define __user __attribute__((user)) | ||
| 32 | # else | ||
| 33 | # define __user | ||
| 34 | # endif | ||
| 31 | # define __kernel | 35 | # define __kernel |
| 32 | # define __safe | 36 | # define __safe |
| 33 | # define __force | 37 | # define __force |