From: Kees Cook <keescook@chromium.org>
Date: Fri, 26 May 2017 04:40:22 +0000 (-0700)
Subject: randstruct: Whitelist big_key path struct overloading
X-Git-Tag: v4.13-rc1~159^2^2~3
X-Git-Url: https://git.kernelconcepts.de/?p=karo-tx-linux.git;a=commitdiff_plain;h=802762cdfff256b6bf3fdb624ac2c56ec043c4f0

randstruct: Whitelist big_key path struct overloading

The big_key payload structure intentionally stores a struct path in
two void pointers to avoid header soup. Whitelist this case:

security/keys/big_key.c: In function ‘big_key_read’:
security/keys/big_key.c:293:16: note: found mismatched rhs struct pointer types: ‘struct path’ and ‘void *’

   struct path *path = (struct path *)&key->payload.data[big_key_path];
                ^~~~

Cc: David Howells <dhowells@redhat.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
---

diff --git a/scripts/gcc-plugins/randomize_layout_plugin.c b/scripts/gcc-plugins/randomize_layout_plugin.c
index 2e710bf29699..c07818dac401 100644
--- a/scripts/gcc-plugins/randomize_layout_plugin.c
+++ b/scripts/gcc-plugins/randomize_layout_plugin.c
@@ -48,6 +48,8 @@ struct whitelist_entry {
 static const struct whitelist_entry whitelist[] = {
 	/* unix_skb_parms via UNIXCB() buffer */
 	{ "net/unix/af_unix.c", "unix_skb_parms", "char" },
+	/* big_key payload.data struct splashing */
+	{ "security/keys/big_key.c", "path", "void *" },
 	/* walk struct security_hook_heads as an array of struct list_head */
 	{ "security/security.c", "list_head", "security_hook_heads" },
 	{ }