Received: by 10.223.185.116 with SMTP id b49csp1240826wrg;
        Wed, 21 Feb 2018 14:53:53 -0800 (PST)
X-Google-Smtp-Source: AH8x2270eUWi6PYWvBTVz2TuDKhwnmnWaYdKUHbuWz7nFuQ1OsZk4XL7b2sIBNpORIRAwKUzaXo6
X-Received: by 10.167.131.199 with SMTP id j7mr4680592pfn.99.1519253632998;
        Wed, 21 Feb 2018 14:53:52 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519253632; cv=none;
        d=google.com; s=arc-20160816;
        b=dAFJs0EkTVtLjUSJjaCrOjEyvwhzRkwGXHU7VLNuhp5R4aJJH70bOHGlcjrvAytv/J
         F7LT2HwE3lkCDOvwb7RH9vE4bo2nmX3Cz7RMErPG1WysmmZPwBUhk2mruZVzWDr1UWYv
         dYlNK6vE8aWVqliNDLYqfDbbatxJMPzkXWOfZSoT5Kd+w2Zn1K46GX6B6VW91sXYyREq
         nMadYPEZP/UDONBrLivK9N3w3+FSM7JrGf32O8DiW2P8O5zH+YVPN81Y79CTbx/KIk7C
         XIO0HqnfkHdkbFjZRf9BPBTtuRIT2sSSO51o8/N+xjxjR+0tthHTgs4//t5XN0UBSwxO
         1Eqw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature:dkim-signature
         :arc-authentication-results;
        bh=kxuew4ZTQoRJczPeXLjkxx+3FTRYrWN0FHbH9qCtb0U=;
        b=gDv/+gCKUqGj3v1reb8usCIydoP3TO0eg6GfHCPHqhoc3T1dB4kf+nj2XtwzI17z3f
         AGdFEIFvu1ymPCNgqTpB43cF9oPXj0/dPegqDZ5oLRgXjejR0KT9CeXPoL66bRUUsChq
         N4t3LWxJpp4CW2KaJiYjVeyr/S83Y0T/mYIaojTNql4VR8zy6MzR2xOyLi2wP4wAh6ot
         BKYh3NS7BsEfR3UZ2z9y9kGPLMDmnQ8U3QZpXEHV+wyZPzA1JMKtlQ6bSV6JamB5aSt4
         5BALJkwZCqkmN9VPAw+hIA5NnUnpbMeLwl5i6mbAgGRKtOW8eK0i9XvfYMP4wVzAYS4Z
         0/eA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=RxmxLw0j;
       dkim=fail header.i=@chromium.org header.s=google header.b=bXuYaeG8;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y125si309115pgb.120.2018.02.21.14.53.38;
        Wed, 21 Feb 2018 14:53:52 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=RxmxLw0j;
       dkim=fail header.i=@chromium.org header.s=google header.b=bXuYaeG8;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751346AbeBUWwb (ORCPT <rfc822;xuyizhaos@gmail.com> + 99 others);
        Wed, 21 Feb 2018 17:52:31 -0500
Received: from mail-ua0-f177.google.com ([209.85.217.177]:37080 "EHLO
        mail-ua0-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750765AbeBUWw3 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 21 Feb 2018 17:52:29 -0500
Received: by mail-ua0-f177.google.com with SMTP id q8so2140323uae.4
        for <linux-kernel@vger.kernel.org>; Wed, 21 Feb 2018 14:52:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=kxuew4ZTQoRJczPeXLjkxx+3FTRYrWN0FHbH9qCtb0U=;
        b=RxmxLw0jKJ0TlQbksBa6na/W4u/H4ItkqVA67qyzREirRf4zSABrNQeqPxIDK6ID/J
         VMt4jdAVatgUkmziuYOjuA/PEcFrzPDxRMamLIwPrhIfVC+VCk8G1O2hjivDJoRPaKfn
         pq4bZTQUYicDr51z824oGiBoFTv+ch954De9w7t83j1uBFClqj2O++R2e1irv0G/dAGQ
         ornd9nDWx/Z9ONDWU24+U4ecqXGnZIh3RP2RI2oYnWSsg2yFcYch3GhxTJ3xLV7fiGw0
         mF8DEudLDvGFcRLVm4IkQmDETt9cz30dNkGhMwApWiJkJZdoR+sTciORqiRJhfmbQgTJ
         mYLQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=kxuew4ZTQoRJczPeXLjkxx+3FTRYrWN0FHbH9qCtb0U=;
        b=bXuYaeG8ixDy11F5vvdY/SGuykgCXPO8y3NJX85n+f+ELlGRW/PaWTJPR0xupdonfp
         YPoCTZs8DQpWVWXzdmweCzqdlxZNwyxp0u9jg7N5vBYRYjTmkiDnJ7nsM1vFhxIVhB5W
         L9mMhZMDP0n7Y5F8MKZignw35uWBr89/L5j6A=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=kxuew4ZTQoRJczPeXLjkxx+3FTRYrWN0FHbH9qCtb0U=;
        b=O0PZ8NO+VMJcyOu6N6L+E8+5d3ZOSIF+BJutcquB9CcKEUcT2OXTVSArRzrlTeLJt9
         S2maOl/h8ayl1KNGfa0cmTwuK3iHFHcMx0vYU4afkNCTpWUrFA5E+1CqLI9DQrVXIAVD
         t05t3RxGaAF20QQC7sP2KGuL3snH7+vRgMUPllZt3xHPIDlWvgbl+9w1xoyeYWl6ydbw
         QLKODLcPlVjfmDCZKPRZOJeExHVKbwR3t2GWDRm4CTunerT/eUL2AAusSEMMA2XZ+LGu
         HqVufwTARfNBqJpqkZUAauo1PAuFawEYMfC3n418mw1TGmJSPeD5lHJkE8nQt7LJ2Cqo
         +Dyg==
X-Gm-Message-State: APf1xPA3weVBhREvU4pTPj3gkbFu9T8wsiOtpgbUHFhl0zAy61kPeNyy
        6SeL4/Vve4Cij9+uKe+ba27V3jyaMZLaTORW82rE8w==
X-Received: by 10.176.48.231 with SMTP id d7mr3766187uam.0.1519253549121; Wed,
 21 Feb 2018 14:52:29 -0800 (PST)
MIME-Version: 1.0
Received: by 10.31.242.140 with HTTP; Wed, 21 Feb 2018 14:52:28 -0800 (PST)
In-Reply-To: <6be06ce5-87e6-0d9d-55b9-6c70c3578ecf@maciej.szmigiero.name>
References: <CAGXu5jLc_A1w4FM8FvQHGSPjLfOu80L_vbt_FkcE6+Bh_XMjxw@mail.gmail.com>
 <6be06ce5-87e6-0d9d-55b9-6c70c3578ecf@maciej.szmigiero.name>
From:   Kees Cook <keescook@chromium.org>
Date:   Wed, 21 Feb 2018 14:52:28 -0800
X-Google-Sender-Auth: qELG3FgQLBFWbnPLAxsXge1mJNw
Message-ID: <CAGXu5j+gvH+X-XyqFbY+X0xtG2mQoL5bO7T2_QaeEyr3-Z5eLw@mail.gmail.com>
Subject: Re: RANDSTRUCT structs need linux/compiler_types.h (Was: [nfsd4]
 potentially hardware breaking regression in 4.14-rc and 4.13.11)
To:     "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
Cc:     Patrick McLean <chutzpah@gentoo.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Emese Revfy <re.emese@gmail.com>,
        Al Viro <viro@zeniv.linux.org.uk>,
        Bruce Fields <bfields@redhat.com>,
        "Darrick J. Wong" <darrick.wong@oracle.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Linux NFS Mailing List <linux-nfs@vger.kernel.org>,
        Thorsten Leemhuis <regressions@leemhuis.info>,
        "kernel-hardening@lists.openwall.com" 
        <kernel-hardening@lists.openwall.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Feb 21, 2018 at 2:19 PM, Maciej S. Szmigiero
<mail@maciej.szmigiero.name> wrote:
> One can see that offsets used to access various members of struct path are
> different, and also that the original file from step 3 contains an object
> named "__randomize_layout".
>
> This is caused by a fact that the current version of nfs4xdr.c includes
> linux/fs_struct.h as the very first included header which then includes
> linux/path.h as the very first included header, which then defines
> struct path, but without including any files on its own.
>
> This results in __randomize_layout tag at the end of struct path
> definition being treated as a variable name (since linux/compiler-gcc.h
> that defines it as a type attribute has not been included yet).

Oh, well done! That would explain the code offset I was seeing when
the plugin on, but no-op, since the variable would still exist.

I'll play with Linus's suggestion and see what we get.

Thanks!

-Kees

-- 
Kees Cook
Pixel Security