diff options
Diffstat (limited to 'arch')
-rw-r--r-- | arch/Kconfig | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/arch/Kconfig b/arch/Kconfig index 0f1621489bf0..596f0e66e69f 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -480,11 +480,13 @@ config GCC_PLUGIN_RANDSTRUCT depends on GCC_PLUGINS select MODVERSIONS if MODULES help - If you say Y here, the layouts of structures explicitly - marked by __randomize_layout will be randomized at - compile-time. This can introduce the requirement of an - additional information exposure vulnerability for exploits - targeting these structure types. + If you say Y here, the layouts of structures that are entirely + function pointers (and have not been manually annotated with + __no_randomize_layout), or structures that have been explicitly + marked with __randomize_layout, will be randomized at compile-time. + This can introduce the requirement of an additional information + exposure vulnerability for exploits targeting these structure + types. Enabling this feature will introduce some performance impact, slightly increase memory usage, and prevent the use of forensic |