On Thu, Feb 22, 2018 at 11:08 PM, Greg Kroah-Hartman
<gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
> On Thu, Feb 22, 2018 at 03:34:29PM -0800, Kees Cook wrote:
>> commit 28128c61e08eaeced9cc8ec0e6b5d677b5b94690 upstream.
>>
>> The header files for some structures could get included in such a way
>> that struct attributes (specifically __randomize_layout from path.h) would
>> be parsed as variable names instead of attributes. This could lead to
>> some instances of a structure being unrandomized, causing nasty GPFs, etc.
>>
>> This patch makes sure the compiler_types.h header is included in path.h.
>>
>> Reported-by: Patrick McLean <chutzpah@xxxxxxxxxx>
>> Root-caused-by: Maciej S. Szmigiero <mail@xxxxxxxxxxxxxxxxxxxxx>
>> Suggested-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
>> Tested-by: Maciej S. Szmigiero <mail@xxxxxxxxxxxxxxxxxxxxx>
>> Fixes: 3859a271a003 ("randstruct: Mark various structs for randomization")
>> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
>> Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
>> [kees: Adjusted to just path.h for -stable, as this is a smaller change]
>> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
>> ---
>> This is a much more narrow fix for the issue. I adjusted the commit subject
>> and body, but still reference the "full" upstream commit. Is this the best
>> way to handle this?
>
> What's wrong with just taking the original upstream commit here? It's
> only 2 lines, in kconfig.h instead of path.h. What is the reason this
> has to be in path.h for 4.14.y and 4.15.y?
I was (rightly) worried about unexpected build changes. If you'd
rather stick to upstream, we can do it. It'll just need at least one
fix so far:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f9da844d87796ac31b04e81ee95e155e9043132
Do you want me to just send those two?
-Kees
--
Kees Cook
Pixel Security