05 Sep, 2018
1 commit
-
commit b86729109c5fd0a480300f40608aac68764b5adf upstream.
GCC 8 changed the order of some fields and is very picky about ordering
in static initializers, so instead just move to dynamic initializers,
and drop the redundant already-zero field assignments.Suggested-by: Valdis Kletnieks
Signed-off-by: Kees Cook
Cc: Lance Albertson
Signed-off-by: Greg Kroah-Hartman
08 Aug, 2017
1 commit
-
In the Linux kernel, struct type variables are rarely passed by-value,
and so functions that initialize such variables typically take an input
reference to the variable rather than returning a value that can
subsequently be used in an assignment.If the initalization function is not part of the same compilation unit,
the lack of an assignment operation defeats any analysis the compiler
can perform as to whether the variable may be used before having been
initialized. This means we may end up passing on such variables
uninitialized, resulting in potential information leaks.So extend the existing structleak GCC plugin so it will [optionally]
apply to all struct type variables that have their address taken at any
point, rather than only to variables of struct types that have a __user
annotation.Signed-off-by: Ard Biesheuvel
Signed-off-by: Kees Cook
19 Jan, 2017
1 commit
-
This plugin detects any structures that contain __user attributes and
makes sure it is being fully initialized so that a specific class of
information exposure is eliminated. (This plugin was originally designed
to block the exposure of siginfo in CVE-2013-2141.)Ported from grsecurity/PaX. This version adds a verbose option to the
plugin and the Kconfig.Signed-off-by: Kees Cook