From patchwork Mon Jun 19 20:56:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 9797823 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id DDE946020B for ; Mon, 19 Jun 2017 20:58:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E913D28459 for ; Mon, 19 Jun 2017 20:58:42 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DDD322846B; Mon, 19 Jun 2017 20:58:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 45E6128459 for ; Mon, 19 Jun 2017 20:58:40 +0000 (UTC) Received: (qmail 32324 invoked by uid 550); 19 Jun 2017 20:58:35 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Delivered-To: moderator for kernel-hardening@lists.openwall.com Received: (qmail 25622 invoked from network); 19 Jun 2017 20:57:06 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=srfORhKN35QL+a7eYbIO8mvHrhzuwyiI7bvPp4BXVPI=; b=T3WX/VdyFNP9IBdd4C8HNrxG7XlRSNsRnAW90mRW58w//Ljlis1WaI7kfB0jh6GP6p 58H/QuhLuFt70PnKl/BYXZAZ8Pp16I0Qf6E8jmWbpDjw+V62arUiWdi3ER6K+V84eoB6 OcFNo43VMM7yufnk3m8uTao+7EODtxY1ISRuM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=srfORhKN35QL+a7eYbIO8mvHrhzuwyiI7bvPp4BXVPI=; b=hDfDEOIkR0WDdtxOPduAX+zvP72hmGQzerojeyf56XgtxqGf4Yp35+MNvAsOf7Lxbm azFEECDfDT/9pLO2nQ+z/1cDkFQXH+bQUcEtTZmLCx1Cv0a4TfRnriHruKh5Va0sN/r+ nWNXRZTsYGUq1+aeSQZoEWfFHkMnM7+fbiM1F5csmsxYDwQQ+uTbbtqGLKDYJOG88hAB HZmrhEoy/Qa6BJPnEXydYGv+LKFHhJ6bSA1UeScvwO+dnjxyKLvY4+KfJO3vRUrnd5Xa BOofbZJ5dVkXL0ieY6wjhAbbkM+EOLL8hMzpqPcTUpYAj9KkhT+kDDaws54tEUli0YQv w13A== X-Gm-Message-State: AKS2vOx8/PnZ0FCjbO2/BLsSszL/5maDYg8NoX+QdOEENhK6S0krUhud V+CzmbP2zmATF9j3 X-Received: by 10.84.254.78 with SMTP id a14mr21373240pln.69.1497905814971; Mon, 19 Jun 2017 13:56:54 -0700 (PDT) From: Kees Cook To: kernel-hardening@lists.openwall.com Cc: Kees Cook , linux-kernel@vger.kernel.org Date: Mon, 19 Jun 2017 13:56:39 -0700 Message-Id: <1497905801-69164-3-git-send-email-keescook@chromium.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1497905801-69164-1-git-send-email-keescook@chromium.org> References: <1497905801-69164-1-git-send-email-keescook@chromium.org> Subject: [kernel-hardening] [PATCH 2/4] randstruct: opt-out externally exposed function pointer structs X-Virus-Scanned: ClamAV using ClamSMTP Some function pointer structures are used externally to the kernel, like the paravirt structures. These should never be randomized, so mark them as such. These markings are verbatim from Brad Spengler/PaX Team's code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions from the original code are mine and don't reflect the original grsecurity/PaX code. Signed-off-by: Kees Cook --- arch/arm/include/asm/cacheflush.h | 2 +- arch/x86/include/asm/paravirt_types.h | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/arch/arm/include/asm/cacheflush.h b/arch/arm/include/asm/cacheflush.h index d69bebf697e7..74504b154256 100644 --- a/arch/arm/include/asm/cacheflush.h +++ b/arch/arm/include/asm/cacheflush.h @@ -116,7 +116,7 @@ struct cpu_cache_fns { void (*dma_unmap_area)(const void *, size_t, int); void (*dma_flush_range)(const void *, const void *); -}; +} __no_randomize_layout; /* * Select the calling method diff --git a/arch/x86/include/asm/paravirt_types.h b/arch/x86/include/asm/paravirt_types.h index 7465d6fe336f..96c7e3cf43fa 100644 --- a/arch/x86/include/asm/paravirt_types.h +++ b/arch/x86/include/asm/paravirt_types.h @@ -83,7 +83,7 @@ struct pv_init_ops { */ unsigned (*patch)(u8 type, u16 clobber, void *insnbuf, unsigned long addr, unsigned len); -}; +} __no_randomize_layout; struct pv_lazy_ops { @@ -91,12 +91,12 @@ struct pv_lazy_ops { void (*enter)(void); void (*leave)(void); void (*flush)(void); -}; +} __no_randomize_layout; struct pv_time_ops { unsigned long long (*sched_clock)(void); unsigned long long (*steal_clock)(int cpu); -}; +} __no_randomize_layout; struct pv_cpu_ops { /* hooks for various privileged instructions */ @@ -175,7 +175,7 @@ struct pv_cpu_ops { void (*start_context_switch)(struct task_struct *prev); void (*end_context_switch)(struct task_struct *next); -}; +} __no_randomize_layout; struct pv_irq_ops { /* @@ -198,7 +198,7 @@ struct pv_irq_ops { #ifdef CONFIG_X86_64 void (*adjust_exception_frame)(void); #endif -}; +} __no_randomize_layout; struct pv_mmu_ops { unsigned long (*read_cr2)(void); @@ -306,7 +306,7 @@ struct pv_mmu_ops { an mfn. We can tell which is which from the index. */ void (*set_fixmap)(unsigned /* enum fixed_addresses */ idx, phys_addr_t phys, pgprot_t flags); -}; +} __no_randomize_layout; struct arch_spinlock; #ifdef CONFIG_SMP @@ -323,7 +323,7 @@ struct pv_lock_ops { void (*kick)(int cpu); struct paravirt_callee_save vcpu_is_preempted; -}; +} __no_randomize_layout; /* This contains all the paravirt structures: we get a convenient * number for each function using the offset which we use to indicate @@ -335,7 +335,7 @@ struct paravirt_patch_template { struct pv_irq_ops pv_irq_ops; struct pv_mmu_ops pv_mmu_ops; struct pv_lock_ops pv_lock_ops; -}; +} __no_randomize_layout; extern struct pv_info pv_info; extern struct pv_init_ops pv_init_ops;