[apparmor] [PATCH 87/87] fs: move i_blocks up a few places in struct inode

Linus Torvalds torvalds at linux-foundation.org
Thu Sep 28 17:41:34 UTC 2023


On Thu, 28 Sept 2023 at 04:06, Jeff Layton <jlayton at kernel.org> wrote:
>
> Move i_blocks up above the i_lock, which moves the new 4 byte hole to
> just after the timestamps, without changing the size of the structure.

I'm sure others have mentioned this, but 'struct inode' is marked with
__randomize_layout, so the actual layout may end up being very
different.

I'm personally not convinced the whole structure randomization is
worth it - it's easy enough to figure out for any distro kernel since
the seed has to be the same across machines for modules to work, so
even if the seed isn't "public", any layout is bound to be fairly
easily discoverable.

So the whole randomization only really works for private kernel
builds, and it adds this kind of pain where "optimizing" the structure
layout is kind of pointless depending on various options.

I certainly *hope* no distro enables that pointless thing, but it's a worry.

               Linus



More information about the AppArmor mailing list