Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9225331b authored by Kees Cook's avatar Kees Cook
Browse files

randstruct: Enable function pointer struct detection 



This enables the automatic structure selection logic in the randstruct
GCC plugin. The selection logic randomizes all structures that contain
only function pointers, unless marked with __no_randomize_layout.

Signed-off-by: default avatarKees Cook <keescook@chromium.org>
parent 3598f5d0

arch/Kconfig

+7 −5
Original line number Diff line number Diff line
@@ -473,11 +473,13 @@ config GCC_PLUGIN_RANDSTRUCT 
	depends on GCC_PLUGINS

	select MODVERSIONS if MODULES

	help

	  If you say Y here, the layouts of structures explicitly

	  marked by __randomize_layout will be randomized at

	  compile-time.  This can introduce the requirement of an

	  additional information exposure vulnerability for exploits

	  targeting these structure types.

	  If you say Y here, the layouts of structures that are entirely

	  function pointers (and have not been manually annotated with

	  __no_randomize_layout), or structures that have been explicitly

	  marked with __randomize_layout, will be randomized at compile-time.

	  This can introduce the requirement of an additional information

	  exposure vulnerability for exploits targeting these structure

	  types.



	  Enabling this feature will introduce some performance impact,

	  slightly increase memory usage, and prevent the use of forensic

scripts/gcc-plugins/randomize_layout_plugin.c

+0 −3
Original line number Diff line number Diff line
@@ -436,9 +436,6 @@ static int is_pure_ops_struct(const_tree node) 


	gcc_assert(TREE_CODE(node) == RECORD_TYPE || TREE_CODE(node) == UNION_TYPE);



	/* XXX: Do not apply randomization to all-ftpr structs yet. */

	return 0;



	for (field = TYPE_FIELDS(node); field; field = TREE_CHAIN(field)) {

		const_tree fieldtype = get_field_type(field);

		enum tree_code code = TREE_CODE(fieldtype);