[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1495829844-69341-9-git-send-email-keescook@chromium.org>
Date: Fri, 26 May 2017 13:17:12 -0700
From: Kees Cook <keescook@...omium.org>
To: kernel-hardening@...ts.openwall.com
Cc: Kees Cook <keescook@...omium.org>,
"David S . Miller" <davem@...emloft.net>,
Laura Abbott <labbott@...hat.com>, x86@...nel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH v2 08/20] randstruct: Whitelist NIU struct page overloading
The NIU ethernet driver intentionally stores a page struct pointer on
top of the "mapping" field. Whitelist this case:
drivers/net/ethernet/sun/niu.c: In function ‘niu_rx_pkt_ignore’:
drivers/net/ethernet/sun/niu.c:3402:10: note: found mismatched ssa struct pointer types: ‘struct page’ and ‘struct address_space’
*link = (struct page *) page->mapping;
~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Cc: David S. Miller <davem@...emloft.net>
Signed-off-by: Kees Cook <keescook@...omium.org>
---
scripts/gcc-plugins/randomize_layout_plugin.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/scripts/gcc-plugins/randomize_layout_plugin.c b/scripts/gcc-plugins/randomize_layout_plugin.c
index 5f4e59a78eeb..f777ead58ba8 100644
--- a/scripts/gcc-plugins/randomize_layout_plugin.c
+++ b/scripts/gcc-plugins/randomize_layout_plugin.c
@@ -43,6 +43,8 @@ struct whitelist_entry {
};
static const struct whitelist_entry whitelist[] = {
+ /* NIU overloads mapping with page struct */
+ { "drivers/net/ethernet/sun/niu.c", "page", "address_space" },
/* unix_skb_parms via UNIXCB() buffer */
{ "net/unix/af_unix.c", "unix_skb_parms", "char" },
/* big_key payload.data struct splashing */
--
2.7.4
Powered by blists - more mailing lists