mirror of
https://github.com/torvalds/linux.git
synced 2025-11-02 01:29:02 +02:00
3859a271a0
This marks many critical kernel structures for randomization. These are structures that have been targeted in the past in security exploits, or contain functions pointers, pointers to function pointer tables, lists, workqueues, ref-counters, credentials, permissions, or are otherwise sensitive. This initial list was extracted from Brad Spengler/PaX Team's code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions from the original code are mine and don't reflect the original grsecurity/PaX code. Left out of this list is task_struct, which requires special handling and will be covered in a subsequent patch. Signed-off-by: Kees Cook <keescook@chromium.org>
52 lines
1.3 KiB
C
52 lines
1.3 KiB
C
#ifndef _LINUX_SEM_H
|
|
#define _LINUX_SEM_H
|
|
|
|
#include <linux/atomic.h>
|
|
#include <linux/rcupdate.h>
|
|
#include <linux/cache.h>
|
|
#include <uapi/linux/sem.h>
|
|
|
|
struct task_struct;
|
|
|
|
/* One sem_array data structure for each set of semaphores in the system. */
|
|
struct sem_array {
|
|
struct kern_ipc_perm sem_perm; /* permissions .. see ipc.h */
|
|
time_t sem_ctime; /* last change time */
|
|
struct sem *sem_base; /* ptr to first semaphore in array */
|
|
struct list_head pending_alter; /* pending operations */
|
|
/* that alter the array */
|
|
struct list_head pending_const; /* pending complex operations */
|
|
/* that do not alter semvals */
|
|
struct list_head list_id; /* undo requests on this array */
|
|
int sem_nsems; /* no. of semaphores in array */
|
|
int complex_count; /* pending complex operations */
|
|
unsigned int use_global_lock;/* >0: global lock required */
|
|
} __randomize_layout;
|
|
|
|
#ifdef CONFIG_SYSVIPC
|
|
|
|
struct sysv_sem {
|
|
struct sem_undo_list *undo_list;
|
|
};
|
|
|
|
extern int copy_semundo(unsigned long clone_flags, struct task_struct *tsk);
|
|
extern void exit_sem(struct task_struct *tsk);
|
|
|
|
#else
|
|
|
|
struct sysv_sem {
|
|
/* empty */
|
|
};
|
|
|
|
static inline int copy_semundo(unsigned long clone_flags, struct task_struct *tsk)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline void exit_sem(struct task_struct *tsk)
|
|
{
|
|
return;
|
|
}
|
|
#endif
|
|
|
|
#endif /* _LINUX_SEM_H */
|