Hi Aleksa, 在 2020/8/26 16:24, Aleksa Sarai 写道: > On 2020-08-26, Shaokun Zhang <zhangshaokun@xxxxxxxxxxxxx> wrote: >> 在 2020/8/22 0:02, Will Deacon 写道: >>> - This thing is tagged with __randomize_layout, so it doesn't help anybody >>> using that crazy plugin >> >> This patch isolated the @f_count with @f_mode absolutely and we don't care the >> base address of the structure, or I may miss something what you said. > > __randomize_layout randomises the order of fields in a structure on each > kernel rebuild (to make attacks against sensitive kernel structures > theoretically harder because the offset of a field is per-build). It is My bad, I missed Will's comments for my poor understanding on it. > separate to ASLR or other base-related randomisation. However it depends > on having CONFIG_GCC_PLUGIN_RANDSTRUCT=y and I believe (at least for > distribution kernels) this isn't a widely-used configuration. Thanks for more explanations about it, in our test, this config is also disabled. If having CONFIG_GCC_PLUGIN_RANDSTRUCT=y, it seems this patch will lose its value. If it isn't widely-used for this config, hopefully we can do something on the scene. Thanks, Shaokun >
