On Tue, Jan 26, 2021 at 09:56:10AM -0800, Kees Cook wrote: > On Mon, Jan 25, 2021 at 04:19:53PM -0600, Josh Poimboeuf wrote: > > On Mon, Jan 25, 2021 at 02:03:07PM -0800, Kees Cook wrote: > > > On Mon, Jan 25, 2021 at 02:42:10PM -0600, Josh Poimboeuf wrote: > > > > When a GCC version mismatch is detected, print a warning and disable the > > > > plugin. The only exception is the RANDSTRUCT plugin which needs all > > > > code to see the same struct layouts. In that case print an error. > > > > > > I prefer this patch as-is: only randstruct needs a hard failure. The > > > others likely work (in fact, randstruct likely works too). > > > > I'm curious about this last statement, why would randstruct likely work? > > > > Even struct module has '__randomize_layout', wouldn't basic module init > > go splat? > > No; the seed is part of the generate includes -- you'll get the same > layout with the same seed. Right, but don't you need the plugin enabled to make use of that seed, so the structs get interpreted properly by the module? Or am I completely misunderstanding how this plugin works? -- Josh
