From 5a18ee55e6cb94b82609be431ccdf502b7c4949c Mon Sep 17 00:00:00 2001 From: =?utf8?q?Peter=20M=C3=BCller?= Date: Mon, 8 Aug 2022 13:17:19 +0000 Subject: [PATCH] Revert "linux: Randomize layout of sensitive kernel structures" This reverts commit 4c46e7f8180d75fe176c6e00bceaa1fccb0c4e97. --- config/kernel/kernel.config.x86_64-ipfire | 3 +-- config/rootfiles/common/armv6l/linux | 5 ----- config/rootfiles/common/x86_64/linux | 5 ----- 3 files changed, 1 insertion(+), 12 deletions(-) diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire index c6b63411d1..513888a8f4 100644 --- a/config/kernel/kernel.config.x86_64-ipfire +++ b/config/kernel/kernel.config.x86_64-ipfire @@ -793,8 +793,7 @@ CONFIG_HAVE_GCC_PLUGINS=y CONFIG_GCC_PLUGINS=y # CONFIG_GCC_PLUGIN_CYC_COMPLEXITY is not set CONFIG_GCC_PLUGIN_LATENT_ENTROPY=y -CONFIG_GCC_PLUGIN_RANDSTRUCT=y -CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE=y +# CONFIG_GCC_PLUGIN_RANDSTRUCT is not set # end of General architecture-dependent options CONFIG_RT_MUTEXES=y diff --git a/config/rootfiles/common/armv6l/linux b/config/rootfiles/common/armv6l/linux index 26e4dbe52e..8409c63f60 100644 --- a/config/rootfiles/common/armv6l/linux +++ b/config/rootfiles/common/armv6l/linux @@ -8071,8 +8071,6 @@ etc/modprobe.d/ipv6.conf #lib/modules/KVER-ipfire/build/include/config/GCC_PLUGINS #lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_ARM_SSP_PER_TASK #lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_LATENT_ENTROPY -#lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_RANDSTRUCT -#lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_RANDSTRUCT_PERFORMANCE #lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_STRUCTLEAK #lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_STRUCTLEAK_BYREF_ALL #lib/modules/KVER-ipfire/build/include/config/GCC_VERSION @@ -12145,7 +12143,6 @@ etc/modprobe.d/ipv6.conf #lib/modules/KVER-ipfire/build/include/generated/autoconf.h #lib/modules/KVER-ipfire/build/include/generated/bounds.h #lib/modules/KVER-ipfire/build/include/generated/compile.h -#lib/modules/KVER-ipfire/build/include/generated/randomize_layout_hash.h #lib/modules/KVER-ipfire/build/include/generated/timeconst.h #lib/modules/KVER-ipfire/build/include/generated/uapi #lib/modules/KVER-ipfire/build/include/generated/uapi/linux @@ -17591,8 +17588,6 @@ etc/modprobe.d/ipv6.conf #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/latent_entropy_plugin.c #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/latent_entropy_plugin.so #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/randomize_layout_plugin.c -#lib/modules/KVER-ipfire/build/scripts/gcc-plugins/randomize_layout_plugin.so -#lib/modules/KVER-ipfire/build/scripts/gcc-plugins/randomize_layout_seed.h #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/sancov_plugin.c #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/stackleak_plugin.c #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/structleak_plugin.c diff --git a/config/rootfiles/common/x86_64/linux b/config/rootfiles/common/x86_64/linux index 88a4bb40d0..f521714144 100644 --- a/config/rootfiles/common/x86_64/linux +++ b/config/rootfiles/common/x86_64/linux @@ -7624,8 +7624,6 @@ etc/modprobe.d/ipv6.conf #lib/modules/KVER-ipfire/build/include/config/GARP #lib/modules/KVER-ipfire/build/include/config/GCC_PLUGINS #lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_LATENT_ENTROPY -#lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_RANDSTRUCT -#lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_RANDSTRUCT_PERFORMANCE #lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_STRUCTLEAK #lib/modules/KVER-ipfire/build/include/config/GCC_PLUGIN_STRUCTLEAK_BYREF_ALL #lib/modules/KVER-ipfire/build/include/config/GCC_VERSION @@ -12139,7 +12137,6 @@ etc/modprobe.d/ipv6.conf #lib/modules/KVER-ipfire/build/include/generated/autoconf.h #lib/modules/KVER-ipfire/build/include/generated/bounds.h #lib/modules/KVER-ipfire/build/include/generated/compile.h -#lib/modules/KVER-ipfire/build/include/generated/randomize_layout_hash.h #lib/modules/KVER-ipfire/build/include/generated/timeconst.h #lib/modules/KVER-ipfire/build/include/generated/uapi #lib/modules/KVER-ipfire/build/include/generated/uapi/linux @@ -17579,8 +17576,6 @@ etc/modprobe.d/ipv6.conf #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/latent_entropy_plugin.c #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/latent_entropy_plugin.so #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/randomize_layout_plugin.c -#lib/modules/KVER-ipfire/build/scripts/gcc-plugins/randomize_layout_plugin.so -#lib/modules/KVER-ipfire/build/scripts/gcc-plugins/randomize_layout_seed.h #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/sancov_plugin.c #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/stackleak_plugin.c #lib/modules/KVER-ipfire/build/scripts/gcc-plugins/structleak_plugin.c -- 2.39.5