- For the randstruct plugin, enable automatic randomization of structures
that are entirely function pointers (along with a couple designated initializer fixes). - For the structleak plugin, provide an option to perform zeroing initialization of all otherwise uninitialized stack variables that are passed by reference (Ard Biesheuvel). -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Kees Cook <kees@outflux.net> iQIcBAABCgAGBQJZrwHlAAoJEIly9N/cbcAmJR0QAKsTL0B6iBJlzrcAj6HkloMu QTTx+qrdpuhEJ+mH10JpOJnFctVI3vt7tUXGhBb0eBXuvnXPACjy3jx2X1tcnKf4 v2HLf2GuCb95HqDVgrzn+HNPiAPb0dEM7qJPV+VfZA0K2nb6dVmS9fDYQWCLGJI+ aazpmJDAOhXuKtUsbONaomoygBbS2kYrYCzqYB4M0FmZvbKw4CUdvVonkxhAITtl Zj3cl++jgHnVSNmyk92n3LTbIOv/o+pAMWv3/K6KDUIsNtVyk4znaghQJ6VKZhoR ua1gGzd0vrKMm960y8sDve+w5JSwaHVq6Y4jeqQynZywDpB998IhQiLmWfdSoN0O BPzAkxdNjCGNe+Ro6fQWYAXvnBZN2Gw8RiIjJP5DEz8EXe2BgGAFn3C6xbIS+F+A mXcn3Chorc1ZEfwMrbQ24vTfHRNmwMYQbZYZ9XftzixJU8XXhAf135DS+Enrc09X eSWEWaAJuF4en8A+1CsxO7vMh3U8tcS2lldbEUgXCJlNExzYFxBHwB2GImYXUt9D 1i74n0PSz3EA8zfVr3qsGdraJq+7Ubq2NRWoudtQPYbHIh+VZcQ2VQEFtWOkmlgB T4foN7s17MrZzxn8krlYy8yODFJkisRJi/A5ox7hERwZjAhMQdwbTEr8HhKTui6X rm73yglE4ebfidp4Iyq4 =3jxS -----END PGP SIGNATURE----- Merge tag 'gcc-plugins-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull gcc plugins update from Kees Cook: "This finishes the porting work on randstruct, and introduces a new option to structleak, both noted below: - For the randstruct plugin, enable automatic randomization of structures that are entirely function pointers (along with a couple designated initializer fixes). - For the structleak plugin, provide an option to perform zeroing initialization of all otherwise uninitialized stack variables that are passed by reference (Ard Biesheuvel)" * tag 'gcc-plugins-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: gcc-plugins: structleak: add option to init all vars used as byref args randstruct: Enable function pointer struct detection drivers/net/wan/z85230.c: Use designated initializers drm/amd/powerplay: rv: Use designated initializers
This commit is contained in:
commit
44ccba3f7b
19
arch/Kconfig
19
arch/Kconfig
|
@ -458,6 +458,13 @@ config GCC_PLUGIN_STRUCTLEAK
|
|||
* https://grsecurity.net/
|
||||
* https://pax.grsecurity.net/
|
||||
|
||||
config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL
|
||||
bool "Force initialize all struct type variables passed by reference"
|
||||
depends on GCC_PLUGIN_STRUCTLEAK
|
||||
help
|
||||
Zero initialize any struct type local variable that may be passed by
|
||||
reference without having been initialized.
|
||||
|
||||
config GCC_PLUGIN_STRUCTLEAK_VERBOSE
|
||||
bool "Report forcefully initialized variables"
|
||||
depends on GCC_PLUGIN_STRUCTLEAK
|
||||
|
@ -473,11 +480,13 @@ config GCC_PLUGIN_RANDSTRUCT
|
|||
depends on GCC_PLUGINS
|
||||
select MODVERSIONS if MODULES
|
||||
help
|
||||
If you say Y here, the layouts of structures explicitly
|
||||
marked by __randomize_layout will be randomized at
|
||||
compile-time. This can introduce the requirement of an
|
||||
additional information exposure vulnerability for exploits
|
||||
targeting these structure types.
|
||||
If you say Y here, the layouts of structures that are entirely
|
||||
function pointers (and have not been manually annotated with
|
||||
__no_randomize_layout), or structures that have been explicitly
|
||||
marked with __randomize_layout, will be randomized at compile-time.
|
||||
This can introduce the requirement of an additional information
|
||||
exposure vulnerability for exploits targeting these structure
|
||||
types.
|
||||
|
||||
Enabling this feature will introduce some performance impact,
|
||||
slightly increase memory usage, and prevent the use of forensic
|
||||
|
|
|
@ -317,8 +317,8 @@ static int rv_tf_set_num_active_display(struct pp_hwmgr *hwmgr, void *input,
|
|||
}
|
||||
|
||||
static const struct phm_master_table_item rv_set_power_state_list[] = {
|
||||
{ NULL, rv_tf_set_clock_limit },
|
||||
{ NULL, rv_tf_set_num_active_display },
|
||||
{ .tableFunction = rv_tf_set_clock_limit },
|
||||
{ .tableFunction = rv_tf_set_num_active_display },
|
||||
{ }
|
||||
};
|
||||
|
||||
|
@ -391,7 +391,7 @@ static int rv_tf_disable_gfx_off(struct pp_hwmgr *hwmgr,
|
|||
}
|
||||
|
||||
static const struct phm_master_table_item rv_disable_dpm_list[] = {
|
||||
{NULL, rv_tf_disable_gfx_off},
|
||||
{ .tableFunction = rv_tf_disable_gfx_off },
|
||||
{ },
|
||||
};
|
||||
|
||||
|
@ -416,7 +416,7 @@ static int rv_tf_enable_gfx_off(struct pp_hwmgr *hwmgr,
|
|||
}
|
||||
|
||||
static const struct phm_master_table_item rv_enable_dpm_list[] = {
|
||||
{NULL, rv_tf_enable_gfx_off},
|
||||
{ .tableFunction = rv_tf_enable_gfx_off },
|
||||
{ },
|
||||
};
|
||||
|
||||
|
|
|
@ -483,11 +483,10 @@ static void z8530_status(struct z8530_channel *chan)
|
|||
write_zsctrl(chan, RES_H_IUS);
|
||||
}
|
||||
|
||||
struct z8530_irqhandler z8530_sync =
|
||||
{
|
||||
z8530_rx,
|
||||
z8530_tx,
|
||||
z8530_status
|
||||
struct z8530_irqhandler z8530_sync = {
|
||||
.rx = z8530_rx,
|
||||
.tx = z8530_tx,
|
||||
.status = z8530_status,
|
||||
};
|
||||
|
||||
EXPORT_SYMBOL(z8530_sync);
|
||||
|
@ -605,15 +604,15 @@ static void z8530_dma_status(struct z8530_channel *chan)
|
|||
}
|
||||
|
||||
static struct z8530_irqhandler z8530_dma_sync = {
|
||||
z8530_dma_rx,
|
||||
z8530_dma_tx,
|
||||
z8530_dma_status
|
||||
.rx = z8530_dma_rx,
|
||||
.tx = z8530_dma_tx,
|
||||
.status = z8530_dma_status,
|
||||
};
|
||||
|
||||
static struct z8530_irqhandler z8530_txdma_sync = {
|
||||
z8530_rx,
|
||||
z8530_dma_tx,
|
||||
z8530_dma_status
|
||||
.rx = z8530_rx,
|
||||
.tx = z8530_dma_tx,
|
||||
.status = z8530_dma_status,
|
||||
};
|
||||
|
||||
/**
|
||||
|
@ -678,11 +677,10 @@ static void z8530_status_clear(struct z8530_channel *chan)
|
|||
write_zsctrl(chan, RES_H_IUS);
|
||||
}
|
||||
|
||||
struct z8530_irqhandler z8530_nop=
|
||||
{
|
||||
z8530_rx_clear,
|
||||
z8530_tx_clear,
|
||||
z8530_status_clear
|
||||
struct z8530_irqhandler z8530_nop = {
|
||||
.rx = z8530_rx_clear,
|
||||
.tx = z8530_tx_clear,
|
||||
.status = z8530_status_clear,
|
||||
};
|
||||
|
||||
|
||||
|
|
|
@ -27,6 +27,7 @@ ifdef CONFIG_GCC_PLUGINS
|
|||
|
||||
gcc-plugin-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) += structleak_plugin.so
|
||||
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE) += -fplugin-arg-structleak_plugin-verbose
|
||||
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL) += -fplugin-arg-structleak_plugin-byref-all
|
||||
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) += -DSTRUCTLEAK_PLUGIN
|
||||
|
||||
gcc-plugin-$(CONFIG_GCC_PLUGIN_RANDSTRUCT) += randomize_layout_plugin.so
|
||||
|
|
|
@ -436,9 +436,6 @@ static int is_pure_ops_struct(const_tree node)
|
|||
|
||||
gcc_assert(TREE_CODE(node) == RECORD_TYPE || TREE_CODE(node) == UNION_TYPE);
|
||||
|
||||
/* XXX: Do not apply randomization to all-ftpr structs yet. */
|
||||
return 0;
|
||||
|
||||
for (field = TYPE_FIELDS(node); field; field = TREE_CHAIN(field)) {
|
||||
const_tree fieldtype = get_field_type(field);
|
||||
enum tree_code code = TREE_CODE(fieldtype);
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
* Options:
|
||||
* -fplugin-arg-structleak_plugin-disable
|
||||
* -fplugin-arg-structleak_plugin-verbose
|
||||
* -fplugin-arg-structleak_plugin-byref-all
|
||||
*
|
||||
* Usage:
|
||||
* $ # for 4.5/4.6/C based 4.7
|
||||
|
@ -42,6 +43,7 @@ static struct plugin_info structleak_plugin_info = {
|
|||
};
|
||||
|
||||
static bool verbose;
|
||||
static bool byref_all;
|
||||
|
||||
static tree handle_user_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs)
|
||||
{
|
||||
|
@ -150,7 +152,9 @@ static void initialize(tree var)
|
|||
/* these aren't the 0days you're looking for */
|
||||
if (verbose)
|
||||
inform(DECL_SOURCE_LOCATION(var),
|
||||
"userspace variable will be forcibly initialized");
|
||||
"%s variable will be forcibly initialized",
|
||||
(byref_all && TREE_ADDRESSABLE(var)) ? "byref"
|
||||
: "userspace");
|
||||
|
||||
/* build the initializer expression */
|
||||
initializer = build_constructor(TREE_TYPE(var), NULL);
|
||||
|
@ -190,7 +194,8 @@ static unsigned int structleak_execute(void)
|
|||
continue;
|
||||
|
||||
/* if the type is of interest, examine the variable */
|
||||
if (TYPE_USERSPACE(type))
|
||||
if (TYPE_USERSPACE(type) ||
|
||||
(byref_all && TREE_ADDRESSABLE(var)))
|
||||
initialize(var);
|
||||
}
|
||||
|
||||
|
@ -232,6 +237,10 @@ __visible int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gc
|
|||
verbose = true;
|
||||
continue;
|
||||
}
|
||||
if (!strcmp(argv[i].key, "byref-all")) {
|
||||
byref_all = true;
|
||||
continue;
|
||||
}
|
||||
error(G_("unknown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue