Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9225331b authored by Kees Cook's avatar Kees Cook
Browse files

randstruct: Enable function pointer struct detection



This enables the automatic structure selection logic in the randstruct
GCC plugin. The selection logic randomizes all structures that contain
only function pointers, unless marked with __no_randomize_layout.

Signed-off-by: default avatarKees Cook <keescook@chromium.org>
parent 3598f5d0
Loading
Loading
Loading
Loading
+7 −5
Original line number Diff line number Diff line
@@ -473,11 +473,13 @@ config GCC_PLUGIN_RANDSTRUCT
	depends on GCC_PLUGINS
	select MODVERSIONS if MODULES
	help
	  If you say Y here, the layouts of structures explicitly
	  marked by __randomize_layout will be randomized at
	  compile-time.  This can introduce the requirement of an
	  additional information exposure vulnerability for exploits
	  targeting these structure types.
	  If you say Y here, the layouts of structures that are entirely
	  function pointers (and have not been manually annotated with
	  __no_randomize_layout), or structures that have been explicitly
	  marked with __randomize_layout, will be randomized at compile-time.
	  This can introduce the requirement of an additional information
	  exposure vulnerability for exploits targeting these structure
	  types.

	  Enabling this feature will introduce some performance impact,
	  slightly increase memory usage, and prevent the use of forensic
+0 −3
Original line number Diff line number Diff line
@@ -436,9 +436,6 @@ static int is_pure_ops_struct(const_tree node)

	gcc_assert(TREE_CODE(node) == RECORD_TYPE || TREE_CODE(node) == UNION_TYPE);

	/* XXX: Do not apply randomization to all-ftpr structs yet. */
	return 0;

	for (field = TYPE_FIELDS(node); field; field = TREE_CHAIN(field)) {
		const_tree fieldtype = get_field_type(field);
		enum tree_code code = TREE_CODE(fieldtype);