Re: [PATCH] PM: core: Do not randomize struct dev_pm_ops layout
From: Kees Cook
Date: Thu Aug 04 2022 - 22:12:58 EST
On August 4, 2022 10:15:08 AM PDT, "Rafael J. Wysocki" <rjw@xxxxxxxxxxxxx> wrote:
>From: Rafael J. Wysocki <rafael.j.wysocki@xxxxxxxxx>
>
>Because __rpm_get_callback() uses offsetof() to compute the address of
>the callback in question in struct dev_pm_ops, randomizing the layout
>of the latter leads to interesting, but unfortunately also undesirable
>results in some cases.
How does this manifest? This is a compile-time randomization, so offsetof() will find the correct location. Is struct dev_pm_ops created or consumed externally from the kernel at any point?
-Kees
>
>Prevent that from happening by using the __no_randomize_layout
>annotation on struct dev_pm_ops.
>
>Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@xxxxxxxxx>
>---
> include/linux/pm.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>Index: linux-pm/include/linux/pm.h
>===================================================================
>--- linux-pm.orig/include/linux/pm.h
>+++ linux-pm/include/linux/pm.h
>@@ -307,7 +307,7 @@ struct dev_pm_ops {
> int (*runtime_suspend)(struct device *dev);
> int (*runtime_resume)(struct device *dev);
> int (*runtime_idle)(struct device *dev);
>-};
>+} __no_randomize_layout;
>
> #define SYSTEM_SLEEP_PM_OPS(suspend_fn, resume_fn) \
> .suspend = pm_sleep_ptr(suspend_fn), \
>
>
>
--
Kees Cook