mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-12-29 07:34:06 +08:00
3859a271a0
This marks many critical kernel structures for randomization. These are structures that have been targeted in the past in security exploits, or contain functions pointers, pointers to function pointer tables, lists, workqueues, ref-counters, credentials, permissions, or are otherwise sensitive. This initial list was extracted from Brad Spengler/PaX Team's code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions from the original code are mine and don't reflect the original grsecurity/PaX code. Left out of this list is task_struct, which requires special handling and will be covered in a subsequent patch. Signed-off-by: Kees Cook <keescook@chromium.org>
86 lines
1.7 KiB
C
86 lines
1.7 KiB
C
#ifndef _LINUX_UTSNAME_H
|
|
#define _LINUX_UTSNAME_H
|
|
|
|
|
|
#include <linux/sched.h>
|
|
#include <linux/kref.h>
|
|
#include <linux/nsproxy.h>
|
|
#include <linux/ns_common.h>
|
|
#include <linux/err.h>
|
|
#include <uapi/linux/utsname.h>
|
|
|
|
enum uts_proc {
|
|
UTS_PROC_OSTYPE,
|
|
UTS_PROC_OSRELEASE,
|
|
UTS_PROC_VERSION,
|
|
UTS_PROC_HOSTNAME,
|
|
UTS_PROC_DOMAINNAME,
|
|
};
|
|
|
|
struct user_namespace;
|
|
extern struct user_namespace init_user_ns;
|
|
|
|
struct uts_namespace {
|
|
struct kref kref;
|
|
struct new_utsname name;
|
|
struct user_namespace *user_ns;
|
|
struct ucounts *ucounts;
|
|
struct ns_common ns;
|
|
} __randomize_layout;
|
|
extern struct uts_namespace init_uts_ns;
|
|
|
|
#ifdef CONFIG_UTS_NS
|
|
static inline void get_uts_ns(struct uts_namespace *ns)
|
|
{
|
|
kref_get(&ns->kref);
|
|
}
|
|
|
|
extern struct uts_namespace *copy_utsname(unsigned long flags,
|
|
struct user_namespace *user_ns, struct uts_namespace *old_ns);
|
|
extern void free_uts_ns(struct kref *kref);
|
|
|
|
static inline void put_uts_ns(struct uts_namespace *ns)
|
|
{
|
|
kref_put(&ns->kref, free_uts_ns);
|
|
}
|
|
#else
|
|
static inline void get_uts_ns(struct uts_namespace *ns)
|
|
{
|
|
}
|
|
|
|
static inline void put_uts_ns(struct uts_namespace *ns)
|
|
{
|
|
}
|
|
|
|
static inline struct uts_namespace *copy_utsname(unsigned long flags,
|
|
struct user_namespace *user_ns, struct uts_namespace *old_ns)
|
|
{
|
|
if (flags & CLONE_NEWUTS)
|
|
return ERR_PTR(-EINVAL);
|
|
|
|
return old_ns;
|
|
}
|
|
#endif
|
|
|
|
#ifdef CONFIG_PROC_SYSCTL
|
|
extern void uts_proc_notify(enum uts_proc proc);
|
|
#else
|
|
static inline void uts_proc_notify(enum uts_proc proc)
|
|
{
|
|
}
|
|
#endif
|
|
|
|
static inline struct new_utsname *utsname(void)
|
|
{
|
|
return ¤t->nsproxy->uts_ns->name;
|
|
}
|
|
|
|
static inline struct new_utsname *init_utsname(void)
|
|
{
|
|
return &init_uts_ns.name;
|
|
}
|
|
|
|
extern struct rw_semaphore uts_sem;
|
|
|
|
#endif /* _LINUX_UTSNAME_H */
|