diff options
author | Kees Cook <keescook@chromium.org> | 2017-01-13 22:14:39 +0300 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2017-01-18 23:02:35 +0300 |
commit | c61f13eaa1ee17728c41370100d2d45c254ce76f (patch) | |
tree | 63ae636a8d3bfc405b8a0a108ab17c24c5790fd8 /include/linux/compiler.h | |
parent | 8d4973a1c01d4b38871fbc6631e1fdd20e6c9e90 (diff) | |
download | linux-c61f13eaa1ee17728c41370100d2d45c254ce76f.tar.xz |
gcc-plugins: Add structleak for more stack initialization
This plugin detects any structures that contain __user attributes and
makes sure it is being fully initialized so that a specific class of
information exposure is eliminated. (This plugin was originally designed
to block the exposure of siginfo in CVE-2013-2141.)
Ported from grsecurity/PaX. This version adds a verbose option to the
plugin and the Kconfig.
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'include/linux/compiler.h')
-rw-r--r-- | include/linux/compiler.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/include/linux/compiler.h b/include/linux/compiler.h index cf0fa5d86059..91c30cba984e 100644 --- a/include/linux/compiler.h +++ b/include/linux/compiler.h @@ -27,7 +27,11 @@ extern void __chk_user_ptr(const volatile void __user *); extern void __chk_io_ptr(const volatile void __iomem *); # define ACCESS_PRIVATE(p, member) (*((typeof((p)->member) __force *) &(p)->member)) #else /* __CHECKER__ */ -# define __user +# ifdef STRUCTLEAK_PLUGIN +# define __user __attribute__((user)) +# else +# define __user +# endif # define __kernel # define __safe # define __force |