diff options
| author | Kees Cook | 2017-04-06 07:43:33 +0200 |
|---|---|---|
| committer | Kees Cook | 2017-06-30 21:00:52 +0200 |
| commit | 29e48ce87f1eaaa4b1fe3d9af90c586ac2d1fb74 (patch) | |
| tree | a71a2069bd8aeda44adf67b34c7ed1fa336f83fb /include/linux/sched.h | |
| parent | randstruct: Mark various structs for randomization (diff) | |
| download | kernel-qcow2-linux-29e48ce87f1eaaa4b1fe3d9af90c586ac2d1fb74.tar.gz kernel-qcow2-linux-29e48ce87f1eaaa4b1fe3d9af90c586ac2d1fb74.tar.xz kernel-qcow2-linux-29e48ce87f1eaaa4b1fe3d9af90c586ac2d1fb74.zip | |
task_struct: Allow randomized layout
This marks most of the layout of task_struct as randomizable, but leaves
thread_info and scheduler state untouched at the start, and thread_struct
untouched at the end.
Other parts of the kernel use unnamed structures, but the 0-day builder
using gcc-4.4 blows up on static initializers. Officially, it's documented
as only working on gcc 4.6 and later, which further confuses me:
https://gcc.gnu.org/wiki/C11Status
The structure layout randomization already requires gcc 4.7, but instead
of depending on the plugin being enabled, just check the gcc versions
for wider build testing. At Linus's suggestion, the marking is hidden
in a macro to reduce how ugly it looks. Additionally, indenting is left
unchanged since it would make things harder to read.
Randomization of task_struct is modified from Brad Spengler/PaX Team's
code in the last public patch of grsecurity/PaX based on my understanding
of the code. Changes or omissions from the original code are mine and
don't reflect the original grsecurity/PaX code.
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'include/linux/sched.h')
| -rw-r--r-- | include/linux/sched.h | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/include/linux/sched.h b/include/linux/sched.h index f833254fce00..e2ad3531e7fe 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -490,6 +490,13 @@ struct task_struct { #endif /* -1 unrunnable, 0 runnable, >0 stopped: */ volatile long state; + + /* + * This begins the randomizable portion of task_struct. Only + * scheduling-critical items should be added above here. + */ + randomized_struct_fields_start + void *stack; atomic_t usage; /* Per task flags (PF_*), defined further below: */ @@ -1051,6 +1058,13 @@ struct task_struct { /* Used by LSM modules for access restriction: */ void *security; #endif + + /* + * New fields for task_struct should be added above here, so that + * they are included in the randomized portion of task_struct. + */ + randomized_struct_fields_end + /* CPU-specific state of this task: */ struct thread_struct thread; |