Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
cloud-kernel
提交
d1185a8c
cloud-kernel
项目概览
openanolis
/
cloud-kernel
1 年多 前同步成功
通知
161
Star
36
Fork
7
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
10
列表
看板
标记
里程碑
合并请求
2
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
cloud-kernel
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
10
Issue
10
列表
看板
标记
里程碑
合并请求
2
合并请求
2
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
d1185a8c
编写于
7月 04, 2017
作者:
K
Kees Cook
浏览文件
操作
浏览文件
下载
差异文件
Merge branch 'merge/randstruct' into for-next/gcc-plugins
上级
6f7da290
03232e0d
变更
14
展开全部
隐藏空白更改
内联
并排
Showing
14 changed file
with
1146 addition
and
9 deletion
+1146
-9
Documentation/dontdiff
Documentation/dontdiff
+2
-0
arch/Kconfig
arch/Kconfig
+40
-1
arch/arm/include/asm/assembler.h
arch/arm/include/asm/assembler.h
+2
-0
arch/arm/kernel/entry-armv.S
arch/arm/kernel/entry-armv.S
+4
-1
arch/arm/mm/proc-macros.S
arch/arm/mm/proc-macros.S
+4
-6
include/linux/compiler-gcc.h
include/linux/compiler-gcc.h
+13
-0
include/linux/compiler.h
include/linux/compiler.h
+12
-0
include/linux/vermagic.h
include/linux/vermagic.h
+8
-1
scripts/Makefile.gcc-plugins
scripts/Makefile.gcc-plugins
+4
-0
scripts/gcc-plugins/.gitignore
scripts/gcc-plugins/.gitignore
+1
-0
scripts/gcc-plugins/Makefile
scripts/gcc-plugins/Makefile
+8
-0
scripts/gcc-plugins/gcc-common.h
scripts/gcc-plugins/gcc-common.h
+12
-0
scripts/gcc-plugins/gen-random-seed.sh
scripts/gcc-plugins/gen-random-seed.sh
+8
-0
scripts/gcc-plugins/randomize_layout_plugin.c
scripts/gcc-plugins/randomize_layout_plugin.c
+1028
-0
未找到文件。
Documentation/dontdiff
浏览文件 @
d1185a8c
...
...
@@ -207,6 +207,8 @@ r200_reg_safe.h
r300_reg_safe.h
r420_reg_safe.h
r600_reg_safe.h
randomize_layout_hash.h
randomize_layout_seed.h
recordmcount
relocs
rlim_names.h
...
...
arch/Kconfig
浏览文件 @
d1185a8c
...
...
@@ -425,7 +425,7 @@ config GCC_PLUGIN_STRUCTLEAK
bool "Force initialization of variables containing userspace addresses"
depends on GCC_PLUGINS
help
This plugin zero-initializes any structures
that
containing a
This plugin zero-initializes any structures containing a
__user attribute. This can prevent some classes of information
exposures.
...
...
@@ -443,6 +443,45 @@ config GCC_PLUGIN_STRUCTLEAK_VERBOSE
initialized. Since not all existing initializers are detected
by the plugin, this can produce false positive warnings.
config GCC_PLUGIN_RANDSTRUCT
bool "Randomize layout of sensitive kernel structures"
depends on GCC_PLUGINS
select MODVERSIONS if MODULES
help
If you say Y here, the layouts of structures explicitly
marked by __randomize_layout will be randomized at
compile-time. This can introduce the requirement of an
additional information exposure vulnerability for exploits
targeting these structure types.
Enabling this feature will introduce some performance impact,
slightly increase memory usage, and prevent the use of forensic
tools like Volatility against the system (unless the kernel
source tree isn't cleaned after kernel installation).
The seed used for compilation is located at
scripts/gcc-plgins/randomize_layout_seed.h. It remains after
a make clean to allow for external modules to be compiled with
the existing seed and will be removed by a make mrproper or
make distclean.
Note that the implementation requires gcc 4.7 or newer.
This plugin was ported from grsecurity/PaX. More information at:
* https://grsecurity.net/
* https://pax.grsecurity.net/
config GCC_PLUGIN_RANDSTRUCT_PERFORMANCE
bool "Use cacheline-aware structure randomization"
depends on GCC_PLUGIN_RANDSTRUCT
depends on !COMPILE_TEST
help
If you say Y here, the RANDSTRUCT randomization will make a
best effort at restricting randomization to cacheline-sized
groups of elements. It will further not randomize bitfields
in structures. This reduces the performance hit of RANDSTRUCT
at the cost of weakened randomization.
config HAVE_CC_STACKPROTECTOR
bool
help
...
...
arch/arm/include/asm/assembler.h
浏览文件 @
d1185a8c
...
...
@@ -87,6 +87,8 @@
#define CALGN(code...)
#endif
#define IMM12_MASK 0xfff
/*
* Enable and disable interrupts
*/
...
...
arch/arm/kernel/entry-armv.S
浏览文件 @
d1185a8c
...
...
@@ -797,7 +797,10 @@ ENTRY(__switch_to)
#if defined(CONFIG_CC_STACKPROTECTOR) && !defined(CONFIG_SMP)
ldr
r7
,
[
r2
,
#
TI_TASK
]
ldr
r8
,
=
__stack_chk_guard
ldr
r7
,
[
r7
,
#
TSK_STACK_CANARY
]
.
if
(
TSK_STACK_CANARY
>
IMM12_MASK
)
add
r7
,
r7
,
#
TSK_STACK_CANARY
&
~
IMM12_MASK
.
endif
ldr
r7
,
[
r7
,
#
TSK_STACK_CANARY
&
IMM12_MASK
]
#endif
#ifdef CONFIG_CPU_USE_DOMAINS
mcr
p15
,
0
,
r6
,
c3
,
c0
,
0
@
Set
domain
register
...
...
arch/arm/mm/proc-macros.S
浏览文件 @
d1185a8c
...
...
@@ -25,11 +25,6 @@
ldr
\
rd
,
[
\
rn
,
#
VMA_VM_FLAGS
]
.
endm
.
macro
tsk_mm
,
rd
,
rn
ldr
\
rd
,
[
\
rn
,
#
TI_TASK
]
ldr
\
rd
,
[
\
rd
,
#
TSK_ACTIVE_MM
]
.
endm
/*
*
act_mm
-
get
current
->
active_mm
*/
...
...
@@ -37,7 +32,10 @@
bic
\
rd
,
sp
,
#
8128
bic
\
rd
,
\
rd
,
#
63
ldr
\
rd
,
[
\
rd
,
#
TI_TASK
]
ldr
\
rd
,
[
\
rd
,
#
TSK_ACTIVE_MM
]
.
if
(
TSK_ACTIVE_MM
>
IMM12_MASK
)
add
\
rd
,
\
rd
,
#
TSK_ACTIVE_MM
&
~
IMM12_MASK
.
endif
ldr
\
rd
,
[
\
rd
,
#
TSK_ACTIVE_MM
&
IMM12_MASK
]
.
endm
/*
...
...
include/linux/compiler-gcc.h
浏览文件 @
d1185a8c
...
...
@@ -223,6 +223,11 @@
/* Mark a function definition as prohibited from being cloned. */
#define __noclone __attribute__((__noclone__, __optimize__("no-tracer")))
#ifdef RANDSTRUCT_PLUGIN
#define __randomize_layout __attribute__((randomize_layout))
#define __no_randomize_layout __attribute__((no_randomize_layout))
#endif
#endif
/* GCC_VERSION >= 40500 */
#if GCC_VERSION >= 40600
...
...
@@ -294,6 +299,14 @@
#define __no_sanitize_address __attribute__((no_sanitize_address))
#endif
#if GCC_VERSION >= 50100
/*
* Mark structures as requiring designated initializers.
* https://gcc.gnu.org/onlinedocs/gcc/Designated-Inits.html
*/
#define __designated_init __attribute__((designated_init))
#endif
#endif
/* gcc version >= 40000 specific checks */
#if !defined(__noclone)
...
...
include/linux/compiler.h
浏览文件 @
d1185a8c
...
...
@@ -440,10 +440,22 @@ static __always_inline void __write_once_size(volatile void *p, void *res, int s
# define __attribute_const__
/* unimplemented */
#endif
#ifndef __designated_init
# define __designated_init
#endif
#ifndef __latent_entropy
# define __latent_entropy
#endif
#ifndef __randomize_layout
# define __randomize_layout __designated_init
#endif
#ifndef __no_randomize_layout
# define __no_randomize_layout
#endif
/*
* Tell gcc if a function is cold. The compiler will assume any path
* directly leading to the call is unlikely.
...
...
include/linux/vermagic.h
浏览文件 @
d1185a8c
...
...
@@ -24,10 +24,17 @@
#ifndef MODULE_ARCH_VERMAGIC
#define MODULE_ARCH_VERMAGIC ""
#endif
#ifdef RANDSTRUCT_PLUGIN
#include <generated/randomize_layout_hash.h>
#define MODULE_RANDSTRUCT_PLUGIN "RANDSTRUCT_PLUGIN_" RANDSTRUCT_HASHED_SEED
#else
#define MODULE_RANDSTRUCT_PLUGIN
#endif
#define VERMAGIC_STRING \
UTS_RELEASE " " \
MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \
MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_MODVERSIONS \
MODULE_ARCH_VERMAGIC
MODULE_ARCH_VERMAGIC \
MODULE_RANDSTRUCT_PLUGIN
scripts/Makefile.gcc-plugins
浏览文件 @
d1185a8c
...
...
@@ -29,6 +29,10 @@ ifdef CONFIG_GCC_PLUGINS
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE)
+=
-fplugin-arg-structleak_plugin-verbose
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK)
+=
-DSTRUCTLEAK_PLUGIN
gcc-plugin-$(CONFIG_GCC_PLUGIN_RANDSTRUCT)
+=
randomize_layout_plugin.so
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_RANDSTRUCT)
+=
-DRANDSTRUCT_PLUGIN
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE)
+=
-fplugin-arg-randomize_layout_plugin-performance-mode
GCC_PLUGINS_CFLAGS
:=
$(
strip
$(
addprefix
-fplugin
=
$(objtree)
/scripts/gcc-plugins/,
$
(
gcc-plugin-y
))
$
(
gcc-plugin-cflags-y
))
export
PLUGINCC
GCC_PLUGINS_CFLAGS
GCC_PLUGIN
GCC_PLUGIN_SUBDIR
...
...
scripts/gcc-plugins/.gitignore
0 → 100644
浏览文件 @
d1185a8c
randomize_layout_seed.h
scripts/gcc-plugins/Makefile
浏览文件 @
d1185a8c
...
...
@@ -18,6 +18,14 @@ endif
export
HOSTLIBS
$(obj)/randomize_layout_plugin.o
:
$(objtree)/$(obj)/randomize_layout_seed.h
quiet_cmd_create_randomize_layout_seed
=
GENSEED
$@
cmd_create_randomize_layout_seed
=
\
$(CONFIG_SHELL)
$(srctree)
/
$(src)
/gen-random-seed.sh
$@
$(objtree)
/include/generated/randomize_layout_hash.h
$(objtree)/$(obj)/randomize_layout_seed.h
:
FORCE
$(
call
if_changed,create_randomize_layout_seed
)
targets
=
randomize_layout_seed.h randomize_layout_hash.h
$(HOSTLIBS)-y
:=
$(
foreach
p,
$(GCC_PLUGIN)
,
$(
if
$(
findstring
/,
$(p)
)
,,
$(p)
))
always
:=
$
(
$(HOSTLIBS)
-y
)
...
...
scripts/gcc-plugins/gcc-common.h
浏览文件 @
d1185a8c
...
...
@@ -63,6 +63,13 @@
#endif
#if BUILDING_GCC_VERSION >= 4006
/*
* The c-family headers were moved into a subdirectory in GCC version
* 4.7, but most plugin-building users of GCC 4.6 are using the Debian
* or Ubuntu package, which has an out-of-tree patch to move this to the
* same location as found in 4.7 and later:
* https://sources.debian.net/src/gcc-4.6/4.6.3-14/debian/patches/pr45078.diff/
*/
#include "c-family/c-common.h"
#else
#include "c-common.h"
...
...
@@ -946,4 +953,9 @@ static inline void debug_gimple_stmt(const_gimple s)
get_inner_reference(exp, pbitsize, pbitpos, poffset, pmode, punsignedp, preversep, pvolatilep)
#endif
#if BUILDING_GCC_VERSION < 7000
#define SET_DECL_ALIGN(decl, align) DECL_ALIGN(decl) = (align)
#define SET_DECL_MODE(decl, mode) DECL_MODE(decl) = (mode)
#endif
#endif
scripts/gcc-plugins/gen-random-seed.sh
0 → 100644
浏览文件 @
d1185a8c
#!/bin/sh
if
[
!
-f
"
$1
"
]
;
then
SEED
=
`
od
-A
n
-t
x8
-N
32 /dev/urandom |
tr
-d
' \n'
`
echo
"const char *randstruct_seed =
\"
$SEED
\"
;"
>
"
$1
"
HASH
=
`
echo
-n
"
$SEED
"
|
sha256sum
|
cut
-d
" "
-f1
|
tr
-d
' \n'
`
echo
"#define RANDSTRUCT_HASHED_SEED
\"
$HASH
\"
"
>
"
$2
"
fi
scripts/gcc-plugins/randomize_layout_plugin.c
0 → 100644
浏览文件 @
d1185a8c
此差异已折叠。
点击以展开。
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录