On Wed, Oct 24, 2018 at 1:52 PM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
>> On Oct 24, 2018, at 12:51 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>>> struct seccomp_data {
>>> int nr;
>>> __u32 arch;
>>> __u64 instruction_pointer;
>>> __u64 args[6];
>>> + __u32 pkru;
>>> + __u32 reserved;
>>> };
>>
>> struct seccomp_data only needs to be 32-bit aligned.
>
> On first reading, I thought the same thing. On second reading, I changed my mind: on a 32-bit kernel, the struct will be 4-byte aligned overall, whereas on a 64-bit kernel, it’ll be 8-byte aligned. This has no effect on the layout, but it affects the size.
Yeah, good point. So, that verify size test could just use
offsetof(struct seccomp_data, reserved) to make sure no one uses the
reserved field. (Or we could use __packed *shiver*)
--
Kees Cook
