summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2017-01-13 22:14:39 +0300
committerKees Cook <keescook@chromium.org>2017-01-18 23:02:35 +0300
commitc61f13eaa1ee17728c41370100d2d45c254ce76f (patch)
tree63ae636a8d3bfc405b8a0a108ab17c24c5790fd8 /include
parent8d4973a1c01d4b38871fbc6631e1fdd20e6c9e90 (diff)
downloadlinux-c61f13eaa1ee17728c41370100d2d45c254ce76f.tar.xz
gcc-plugins: Add structleak for more stack initialization
This plugin detects any structures that contain __user attributes and makes sure it is being fully initialized so that a specific class of information exposure is eliminated. (This plugin was originally designed to block the exposure of siginfo in CVE-2013-2141.) Ported from grsecurity/PaX. This version adds a verbose option to the plugin and the Kconfig. Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'include')
-rw-r--r--include/linux/compiler.h6
1 files changed, 5 insertions, 1 deletions
diff --git a/include/linux/compiler.h b/include/linux/compiler.h
index cf0fa5d86059..91c30cba984e 100644
--- a/include/linux/compiler.h
+++ b/include/linux/compiler.h
@@ -27,7 +27,11 @@ extern void __chk_user_ptr(const volatile void __user *);
extern void __chk_io_ptr(const volatile void __iomem *);
# define ACCESS_PRIVATE(p, member) (*((typeof((p)->member) __force *) &(p)->member))
#else /* __CHECKER__ */
-# define __user
+# ifdef STRUCTLEAK_PLUGIN
+# define __user __attribute__((user))
+# else
+# define __user
+# endif
# define __kernel
# define __safe
# define __force