From patchwork Tue Mar 27 21:36:09 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10311741 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 352376037D for ; Tue, 27 Mar 2018 21:36:31 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2500229BBE for ; Tue, 27 Mar 2018 21:36:31 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1A00229BC7; Tue, 27 Mar 2018 21:36:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 02C4729BBE for ; Tue, 27 Mar 2018 21:36:29 +0000 (UTC) Received: (qmail 11688 invoked by uid 550); 27 Mar 2018 21:36:25 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 11636 invoked from network); 27 Mar 2018 21:36:24 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:mime-version:content-disposition; bh=aU11GN1LGHG2gbKyhtO+4MWlFf7ChucZzE4eqK/m1yE=; b=kzcFeqz9vUW/1sRYbuu7pVRiphtcDWT260xGBVN2akbAKx23Ks/jlPXH3SHiAs1j/p n6+UVgdZZ+443se3xj4Fcb6MLx8NOyPtQiBG29UPU+HIXAp5dxRF3oT4Y2K5sQvL4G3T 2pFDMunGVXsy23QF94fjFWP69kI1pE7i8eajE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version :content-disposition; bh=aU11GN1LGHG2gbKyhtO+4MWlFf7ChucZzE4eqK/m1yE=; b=kxs+Ax4/HXGbRHSjm3W5B+88vJ0bqyBpb2SqcNqGnkcIo8Ml6C/3rAqBEodjrk20a+ glgLmyyNARgiGiBHzfF2KEo9yTThOeU63+y0zxWO+S5tPlwg4A+uNPKGb3Uksh9w6nAf VHo10Lcndo04d1DsWISEuqinkUIr1BBM/3UDM6xVRpHJEDnr6rF/6X5a6SaRBA2iRi2j n4L1LdhEF6xfMh8XrPaFW0N0RuaKecD93LLuQp+oojiCO6FdJ5U6/f/U9+VbTcrX9AHS 56sh7m4WwEXcsSBab7/tRewIj7lQyD1tYOhLxdAybQqQtavKN4dQRacu7RRvUFqi2MXy nUrg== X-Gm-Message-State: AElRT7F99ZfmOaNaFATfrIEj+j1wLkY3C39giaDoZfvvIVWLuCg3WV6j 3AbNqoi6VYMQdku91Rl+po0uZg== X-Google-Smtp-Source: AIpwx4/cqOAjjnzzvW0UWOz0qywlm/foX5C4J1e/L1SDzTUdqHpVjJA8hIOUKxcgDJ/nrHQtSveL7w== X-Received: by 2002:a17:902:b086:: with SMTP id p6-v6mr961146plr.392.1522186572504; Tue, 27 Mar 2018 14:36:12 -0700 (PDT) Date: Tue, 27 Mar 2018 14:36:09 -0700 From: Kees Cook To: Andrew Morton Cc: Peter Zijlstra , Ingo Molnar , Linus Torvalds , linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: [PATCH] task_struct: Only use anon struct under randstruct plugin Message-ID: <20180327213609.GA2964@beast> MIME-Version: 1.0 Content-Disposition: inline X-Virus-Scanned: ClamAV using ClamSMTP The original intent for always adding the anonymous struct in task_struct was to make sure we had compiler coverage. However, this caused pathological padding of 40 bytes at the start of task_struct. Instead, move the anonymous struct to being only used when struct layout randomization is enabled. Reported-by: Peter Zijlstra Fixes: 29e48ce87f1e ("task_struct: Allow randomized") Cc: stable@vger.kernel.org Signed-off-by: Kees Cook --- include/linux/compiler-clang.h | 3 --- include/linux/compiler-gcc.h | 12 +++--------- 2 files changed, 3 insertions(+), 12 deletions(-) diff --git a/include/linux/compiler-clang.h b/include/linux/compiler-clang.h index d3f264a5b04d..ceb96ecab96e 100644 --- a/include/linux/compiler-clang.h +++ b/include/linux/compiler-clang.h @@ -17,9 +17,6 @@ */ #define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __COUNTER__) -#define randomized_struct_fields_start struct { -#define randomized_struct_fields_end }; - /* all clang versions usable with the kernel support KASAN ABI version 5 */ #define KASAN_ABI_VERSION 5 diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index e2c7f4369eff..b4bf73f5e38f 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -242,6 +242,9 @@ #if defined(RANDSTRUCT_PLUGIN) && !defined(__CHECKER__) #define __randomize_layout __attribute__((randomize_layout)) #define __no_randomize_layout __attribute__((no_randomize_layout)) +/* This anon struct can add padding, so only enable it under randstruct. */ +#define randomized_struct_fields_start struct { +#define randomized_struct_fields_end } __randomize_layout; #endif #endif /* GCC_VERSION >= 40500 */ @@ -256,15 +259,6 @@ */ #define __visible __attribute__((externally_visible)) -/* - * RANDSTRUCT_PLUGIN wants to use an anonymous struct, but it is only - * possible since GCC 4.6. To provide as much build testing coverage - * as possible, this is used for all GCC 4.6+ builds, and not just on - * RANDSTRUCT_PLUGIN builds. - */ -#define randomized_struct_fields_start struct { -#define randomized_struct_fields_end } __randomize_layout; - #endif /* GCC_VERSION >= 40600 */