diff options
author | GONG, Ruiqi <gongruiqi1@huawei.com> | 2022-05-18 11:21:37 +0200 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2022-06-07 22:03:21 +0200 |
commit | 494688efdc5912b858d0a05563c9cf258c75d29a (patch) | |
tree | 28070bd80c016a59520c10de0955a50eb29614f7 /security/selinux/include/avc.h | |
parent | Linux 5.19-rc1 (diff) | |
download | linux-494688efdc5912b858d0a05563c9cf258c75d29a.tar.xz linux-494688efdc5912b858d0a05563c9cf258c75d29a.zip |
selinux: add __randomize_layout to selinux_audit_data
Randomize the layout of struct selinux_audit_data as suggested in [1],
since it contains a pointer to struct selinux_state, an already
randomized strucure.
[1]: https://github.com/KSPP/linux/issues/188
Signed-off-by: GONG, Ruiqi <gongruiqi1@huawei.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux/include/avc.h')
-rw-r--r-- | security/selinux/include/avc.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h index 2b372f98f2d7..5525b94fd266 100644 --- a/security/selinux/include/avc.h +++ b/security/selinux/include/avc.h @@ -53,7 +53,7 @@ struct selinux_audit_data { u32 denied; int result; struct selinux_state *state; -}; +} __randomize_layout; /* * AVC operations |