Commit ad05e6ca authored by Kees Cook's avatar Kees Cook

Merge branch 'for-next/gcc-plugin/structleak' into for-next/gcc-plugins

parents 9225331b f7dd2507
...@@ -458,6 +458,13 @@ config GCC_PLUGIN_STRUCTLEAK ...@@ -458,6 +458,13 @@ config GCC_PLUGIN_STRUCTLEAK
* https://grsecurity.net/ * https://grsecurity.net/
* https://pax.grsecurity.net/ * https://pax.grsecurity.net/
config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL
bool "Force initialize all struct type variables passed by reference"
depends on GCC_PLUGIN_STRUCTLEAK
help
Zero initialize any struct type local variable that may be passed by
reference without having been initialized.
config GCC_PLUGIN_STRUCTLEAK_VERBOSE config GCC_PLUGIN_STRUCTLEAK_VERBOSE
bool "Report forcefully initialized variables" bool "Report forcefully initialized variables"
depends on GCC_PLUGIN_STRUCTLEAK depends on GCC_PLUGIN_STRUCTLEAK
......
...@@ -27,6 +27,7 @@ ifdef CONFIG_GCC_PLUGINS ...@@ -27,6 +27,7 @@ ifdef CONFIG_GCC_PLUGINS
gcc-plugin-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) += structleak_plugin.so gcc-plugin-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) += structleak_plugin.so
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE) += -fplugin-arg-structleak_plugin-verbose gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE) += -fplugin-arg-structleak_plugin-verbose
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL) += -fplugin-arg-structleak_plugin-byref-all
gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) += -DSTRUCTLEAK_PLUGIN gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) += -DSTRUCTLEAK_PLUGIN
gcc-plugin-$(CONFIG_GCC_PLUGIN_RANDSTRUCT) += randomize_layout_plugin.so gcc-plugin-$(CONFIG_GCC_PLUGIN_RANDSTRUCT) += randomize_layout_plugin.so
......
...@@ -16,6 +16,7 @@ ...@@ -16,6 +16,7 @@
* Options: * Options:
* -fplugin-arg-structleak_plugin-disable * -fplugin-arg-structleak_plugin-disable
* -fplugin-arg-structleak_plugin-verbose * -fplugin-arg-structleak_plugin-verbose
* -fplugin-arg-structleak_plugin-byref-all
* *
* Usage: * Usage:
* $ # for 4.5/4.6/C based 4.7 * $ # for 4.5/4.6/C based 4.7
...@@ -42,6 +43,7 @@ static struct plugin_info structleak_plugin_info = { ...@@ -42,6 +43,7 @@ static struct plugin_info structleak_plugin_info = {
}; };
static bool verbose; static bool verbose;
static bool byref_all;
static tree handle_user_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs) static tree handle_user_attribute(tree *node, tree name, tree args, int flags, bool *no_add_attrs)
{ {
...@@ -150,7 +152,9 @@ static void initialize(tree var) ...@@ -150,7 +152,9 @@ static void initialize(tree var)
/* these aren't the 0days you're looking for */ /* these aren't the 0days you're looking for */
if (verbose) if (verbose)
inform(DECL_SOURCE_LOCATION(var), inform(DECL_SOURCE_LOCATION(var),
"userspace variable will be forcibly initialized"); "%s variable will be forcibly initialized",
(byref_all && TREE_ADDRESSABLE(var)) ? "byref"
: "userspace");
/* build the initializer expression */ /* build the initializer expression */
initializer = build_constructor(TREE_TYPE(var), NULL); initializer = build_constructor(TREE_TYPE(var), NULL);
...@@ -190,7 +194,8 @@ static unsigned int structleak_execute(void) ...@@ -190,7 +194,8 @@ static unsigned int structleak_execute(void)
continue; continue;
/* if the type is of interest, examine the variable */ /* if the type is of interest, examine the variable */
if (TYPE_USERSPACE(type)) if (TYPE_USERSPACE(type) ||
(byref_all && TREE_ADDRESSABLE(var)))
initialize(var); initialize(var);
} }
...@@ -232,6 +237,10 @@ __visible int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gc ...@@ -232,6 +237,10 @@ __visible int plugin_init(struct plugin_name_args *plugin_info, struct plugin_gc
verbose = true; verbose = true;
continue; continue;
} }
if (!strcmp(argv[i].key, "byref-all")) {
byref_all = true;
continue;
}
error(G_("unknown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key); error(G_("unknown option '-fplugin-arg-%s-%s'"), plugin_name, argv[i].key);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment