From patchwork Tue Oct 23 21:35:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Igor Stoppa X-Patchwork-Id: 10653735 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C2E0414BB for ; Tue, 23 Oct 2018 21:36:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AF4FD2A3D1 for ; Tue, 23 Oct 2018 21:36:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A37DE2A3D3; Tue, 23 Oct 2018 21:36:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4C3242A3D1 for ; Tue, 23 Oct 2018 21:36:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729208AbeJXGBb (ORCPT ); Wed, 24 Oct 2018 02:01:31 -0400 Received: from mail-lj1-f193.google.com ([209.85.208.193]:42155 "EHLO mail-lj1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728725AbeJXGB3 (ORCPT ); Wed, 24 Oct 2018 02:01:29 -0400 Received: by mail-lj1-f193.google.com with SMTP id l25-v6so994869lja.9; Tue, 23 Oct 2018 14:36:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references:reply-to; bh=TAyei4tGiwzaEFtWD6qceoBqlcxrR+efj6ojDl9ZulY=; b=itzYzOZKVGSRr5rVXV9w3CTN+HNRtiP2lfwk2bdN5A02HCaZvCEbnax0J9Fu/juSNo EcY511Ql87pqbnb0nQ0U4qlvdE/WGUUTyhGDw3ocKVdXVrH6nq1j+VVbuuQZBZ3Y2I+u 29hbESNI1S7hLjecHmP8IOlcVCaZa30vVsEtLe64Cw9MI0v07p2NrG9jjY3s2KBpm8lg rRfTiwuxjwvwnfNey826fVQVWA/nhe5Q/2Tp+jYyyT3lcto+pe0S34JatMd3V+ebedOk MjWulDt7SOtNxlaCwZMuKPaoMCvmL2XsAbZoMRLzFuGwvYBHmVQ/0nqh9XiTQOyJz+ee 7Qwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:reply-to; bh=TAyei4tGiwzaEFtWD6qceoBqlcxrR+efj6ojDl9ZulY=; b=qmPncgZgYAZ7B5z9r9VkHj7sP3R+Goc+1cjWqvxT+uCPkJ8DpIope5xsWZg2OOmcV7 xLNIrWh1a4Dddfs9dWxkIq9b2KG9l34HKqkhDvqohX0rQQI7qiDLQ6byf9f7eIhoG5sJ TDiBlviZCfsat/Mo+1pFnzmXXHQ9jV6Z1fwd4TJzLr3EoYcblY16CYxAemcZVLdf11lI cqWOIXeOrp5nNUUgK8cTD4BIbzNJJbyuNurzgA/flVxkAR7PBnbqmEP+EXd+4wUpI5HI e66nDUaD3LnhnQ0vAwsw1Ua4CPduAMx5Sl8P6p+0E+iBHa0PTD2l1VmYXklgkvAI3QN5 R23w== X-Gm-Message-State: AGRZ1gJEmDFFjsnpYXaDIE4V21mQYDS0pnMcky6bmnhDm+NhBs6jEjNQ 4E9NubASgMH+e9+XL8fltiI= X-Google-Smtp-Source: ACcGV62jyvAifNg0UaxHUEFim2YZjRqmlefBY1q8HSVOsnALwybksvOWnPKQYCy+l29Mj8oEFgWb/A== X-Received: by 2002:a2e:3810:: with SMTP id f16-v6mr13247460lja.77.1540330576357; Tue, 23 Oct 2018 14:36:16 -0700 (PDT) Received: from localhost.localdomain (91-159-62-169.elisa-laajakaista.fi. [91.159.62.169]) by smtp.gmail.com with ESMTPSA id y127-v6sm377950lfc.13.2018.10.23.14.36.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 23 Oct 2018 14:36:15 -0700 (PDT) From: Igor Stoppa X-Google-Original-From: Igor Stoppa To: Mimi Zohar , Kees Cook , Matthew Wilcox , Dave Chinner , James Morris , Michal Hocko , kernel-hardening@lists.openwall.com, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org Cc: igor.stoppa@huawei.com, Dave Hansen , Jonathan Corbet , Laura Abbott , Greg Kroah-Hartman , Andrew Morton , Masahiro Yamada , Alexey Dobriyan , Pekka Enberg , "Paul E. McKenney" , Lihao Liang , linux-kernel@vger.kernel.org Subject: [PATCH 13/17] prmem: linked list: disable layout randomization Date: Wed, 24 Oct 2018 00:35:00 +0300 Message-Id: <20181023213504.28905-14-igor.stoppa@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181023213504.28905-1-igor.stoppa@huawei.com> References: <20181023213504.28905-1-igor.stoppa@huawei.com> Reply-To: Igor Stoppa Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Some of the data structures used in list management are composed by two pointers. Since the kernel is now configured by default to randomize the layout of data structures soleley composed by pointers, this might prevent correct type punning between these structures and their write rare counterpart. It shouldn't be anyway a big loss, in terms of security: with only two fields, there is a 50% chance of guessing correctly the layout. The randomization is disabled only when write rare is enabled. Signed-off-by: Igor Stoppa CC: Kees Cook CC: Greg Kroah-Hartman CC: Andrew Morton CC: Masahiro Yamada CC: Alexey Dobriyan CC: Pekka Enberg CC: "Paul E. McKenney" CC: Lihao Liang CC: linux-kernel@vger.kernel.org --- include/linux/types.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/types.h b/include/linux/types.h index 53609bbdcf0f..a9f6f6515fdc 100644 --- a/include/linux/types.h +++ b/include/linux/types.h @@ -187,12 +187,12 @@ typedef struct { struct list_head { struct list_head *next __aligned(sizeof(void *)); struct list_head *prev __aligned(sizeof(void *)); -} __aligned(sizeof(void *)); +} __no_randomize_layout __aligned(sizeof(void *)); struct hlist_node { struct hlist_node *next __aligned(sizeof(void *)); struct hlist_node **pprev __aligned(sizeof(void *)); -} __aligned(sizeof(void *)); +} __no_randomize_layout __aligned(sizeof(void *)); #else struct list_head { struct list_head *next, *prev;