| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Mar 2024 23:26:51 -0600 From: Kees Cook <kees@...nel.org> To: "Luck, Tony" <tony.luck@...el.com>, Kees Cook <keescook@...omium.org> CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, linux-hardening@...r.kernel.org Subject: Re: __randomize_layout; On March 27, 2024 9:21:59 AM MDT, "Luck, Tony" <tony.luck@...el.com> wrote: >This e-mail is to check you on whether that __randomize_layout can shuffle the >fields inside that nested union/structure. I tried some experiments, and in a >few kernel builds I saw the whole block move to different offsets, but the order >of x86_vendor, x86, x86_model, and x86_reserved was preserved. Yes, this is an intentional behavior: __randomize_layout will only apply to the struct it is attached to, and is not enabled for any substructs (anonymous or otherwise). >But experiments aren't proof. Nor defense against future versions of >scripts/gcc-plugins/randomize_layout_plugin.c becoming smarter or >more aggressive about changing layout. The behavior is also supported natively by Clang -- neither implementation is likely to ever change its treatment of substructs as it would kind of cause chaos. So you're all good! :) -- Kees Cook
Powered by blists - more mailing lists