summaryrefslogtreecommitdiffstats
path: root/arch
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2017-05-06 08:56:07 +0200
committerKees Cook <keescook@chromium.org>2017-08-02 02:04:48 +0200
commit9225331b310821760f39ba55b00b8973602adbb5 (patch)
tree486443275c8d05ebe69d6d403ccf0b8fe5296425 /arch
parentdrivers/net/wan/z85230.c: Use designated initializers (diff)
downloadlinux-9225331b310821760f39ba55b00b8973602adbb5.tar.xz
linux-9225331b310821760f39ba55b00b8973602adbb5.zip
randstruct: Enable function pointer struct detection
This enables the automatic structure selection logic in the randstruct GCC plugin. The selection logic randomizes all structures that contain only function pointers, unless marked with __no_randomize_layout. Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'arch')
-rw-r--r--arch/Kconfig12
1 files changed, 7 insertions, 5 deletions
diff --git a/arch/Kconfig b/arch/Kconfig
index 21d0089117fe..4ada3209146a 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -473,11 +473,13 @@ config GCC_PLUGIN_RANDSTRUCT
depends on GCC_PLUGINS
select MODVERSIONS if MODULES
help
- If you say Y here, the layouts of structures explicitly
- marked by __randomize_layout will be randomized at
- compile-time. This can introduce the requirement of an
- additional information exposure vulnerability for exploits
- targeting these structure types.
+ If you say Y here, the layouts of structures that are entirely
+ function pointers (and have not been manually annotated with
+ __no_randomize_layout), or structures that have been explicitly
+ marked with __randomize_layout, will be randomized at compile-time.
+ This can introduce the requirement of an additional information
+ exposure vulnerability for exploits targeting these structure
+ types.
Enabling this feature will introduce some performance impact,
slightly increase memory usage, and prevent the use of forensic