diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-07-19 17:55:18 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-07-19 17:55:18 +0200 |
commit | e06fdaf40a5c021dd4a2ec797e8b724f07360070 (patch) | |
tree | d0e7ec007cd0c4125b3879f389790ed900f00ad4 /security | |
parent | Merge tag 'ceph-for-4.13-rc2' of git://github.com/ceph/ceph-client (diff) | |
parent | randstruct: opt-out externally exposed function pointer structs (diff) | |
download | linux-e06fdaf40a5c021dd4a2ec797e8b724f07360070.tar.xz linux-e06fdaf40a5c021dd4a2ec797e8b724f07360070.zip |
Merge tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull structure randomization updates from Kees Cook:
"Now that IPC and other changes have landed, enable manual markings for
randstruct plugin, including the task_struct.
This is the rest of what was staged in -next for the gcc-plugins, and
comes in three patches, largest first:
- mark "easy" structs with __randomize_layout
- mark task_struct with an optional anonymous struct to isolate the
__randomize_layout section
- mark structs to opt _out_ of automated marking (which will come
later)
And, FWIW, this continues to pass allmodconfig (normal and patched to
enable gcc-plugins) builds of x86_64, i386, arm64, arm, powerpc, and
s390 for me"
* tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
randstruct: opt-out externally exposed function pointer structs
task_struct: Allow randomized layout
randstruct: Mark various structs for randomization
Diffstat (limited to 'security')
-rw-r--r-- | security/keys/internal.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/keys/internal.h b/security/keys/internal.h index 91bc6214ae57..1c02c6547038 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h @@ -198,7 +198,7 @@ struct request_key_auth { void *callout_info; size_t callout_len; pid_t pid; -}; +} __randomize_layout; extern struct key_type key_type_request_key_auth; extern struct key *request_key_auth_new(struct key *target, |