diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-07-19 11:55:18 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-07-19 11:55:18 -0400 |
| commit | e06fdaf40a5c021dd4a2ec797e8b724f07360070 (patch) | |
| tree | d0e7ec007cd0c4125b3879f389790ed900f00ad4 /include/linux/sched.h | |
| parent | a90c6ac2b5651b1f907de512c2fa648c9fa6bb6e (diff) | |
| parent | 8acdf5055974e49d337d51ac7011449cfd7b7d05 (diff) | |
Merge tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull structure randomization updates from Kees Cook:
"Now that IPC and other changes have landed, enable manual markings for
randstruct plugin, including the task_struct.
This is the rest of what was staged in -next for the gcc-plugins, and
comes in three patches, largest first:
- mark "easy" structs with __randomize_layout
- mark task_struct with an optional anonymous struct to isolate the
__randomize_layout section
- mark structs to opt _out_ of automated marking (which will come
later)
And, FWIW, this continues to pass allmodconfig (normal and patched to
enable gcc-plugins) builds of x86_64, i386, arm64, arm, powerpc, and
s390 for me"
* tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
randstruct: opt-out externally exposed function pointer structs
task_struct: Allow randomized layout
randstruct: Mark various structs for randomization
Diffstat (limited to 'include/linux/sched.h')
| -rw-r--r-- | include/linux/sched.h | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/include/linux/sched.h b/include/linux/sched.h index 2ba9ec93423f..8337e2db0bb2 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h | |||
| @@ -426,7 +426,7 @@ struct sched_rt_entity { | |||
| 426 | /* rq "owned" by this entity/group: */ | 426 | /* rq "owned" by this entity/group: */ |
| 427 | struct rt_rq *my_q; | 427 | struct rt_rq *my_q; |
| 428 | #endif | 428 | #endif |
| 429 | }; | 429 | } __randomize_layout; |
| 430 | 430 | ||
| 431 | struct sched_dl_entity { | 431 | struct sched_dl_entity { |
| 432 | struct rb_node rb_node; | 432 | struct rb_node rb_node; |
| @@ -526,6 +526,13 @@ struct task_struct { | |||
| 526 | #endif | 526 | #endif |
| 527 | /* -1 unrunnable, 0 runnable, >0 stopped: */ | 527 | /* -1 unrunnable, 0 runnable, >0 stopped: */ |
| 528 | volatile long state; | 528 | volatile long state; |
| 529 | |||
| 530 | /* | ||
| 531 | * This begins the randomizable portion of task_struct. Only | ||
| 532 | * scheduling-critical items should be added above here. | ||
| 533 | */ | ||
| 534 | randomized_struct_fields_start | ||
| 535 | |||
| 529 | void *stack; | 536 | void *stack; |
| 530 | atomic_t usage; | 537 | atomic_t usage; |
| 531 | /* Per task flags (PF_*), defined further below: */ | 538 | /* Per task flags (PF_*), defined further below: */ |
| @@ -1079,6 +1086,13 @@ struct task_struct { | |||
| 1079 | /* Used by LSM modules for access restriction: */ | 1086 | /* Used by LSM modules for access restriction: */ |
| 1080 | void *security; | 1087 | void *security; |
| 1081 | #endif | 1088 | #endif |
| 1089 | |||
| 1090 | /* | ||
| 1091 | * New fields for task_struct should be added above here, so that | ||
| 1092 | * they are included in the randomized portion of task_struct. | ||
| 1093 | */ | ||
| 1094 | randomized_struct_fields_end | ||
| 1095 | |||
| 1082 | /* CPU-specific state of this task: */ | 1096 | /* CPU-specific state of this task: */ |
| 1083 | struct thread_struct thread; | 1097 | struct thread_struct thread; |
| 1084 | 1098 | ||