selinux: randomize layout of key structures - linux-dev - Linux kernel development work

diff options

author	Stephen Smalley <sds@tycho.nsa.gov>	2019-12-13 15:28:38 -0500
committer	Paul Moore <paul@paul-moore.com>	2019-12-18 21:26:06 -0500
commit	5c108d4e18f80be01965792726c81b105fbd677a (patch)
tree	5232e3ccd8383887072b4f8f3f7587e8ff237c99 /security/selinux/avc.c
parent	selinux: clean up selinux_enabled/disabled/enforcing_boot (diff)
download	linux-dev-5c108d4e18f80be01965792726c81b105fbd677a.tar.xz linux-dev-5c108d4e18f80be01965792726c81b105fbd677a.zip

selinux: randomize layout of key structures

Randomize the layout of key selinux data structures. Initially this is applied to the selinux_state, selinux_ss, policydb, and task_security_struct data structures. NB To test/use this mechanism, one must install the necessary build-time dependencies, e.g. gcc-plugin-devel on Fedora, and enable CONFIG_GCC_PLUGIN_RANDSTRUCT in the kernel configuration. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Reviewed-by: Kees Cook <keescook@chromium.org> [PM: double semi-colon fixed] Signed-off-by: Paul Moore <paul@paul-moore.com>

Diffstat (limited to 'security/selinux/avc.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: