From: Kees Cook <keescook@chromium.org>
To: linux-kernel@vger.kernel.org
Cc: Kees Cook <keescook@chromium.org>,
Andrew Morton <akpm@linux-foundation.org>,
Francis Laniel <laniel_francis@privacyrequired.com>,
Daniel Axtens <dja@axtens.net>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
Andrey Konovalov <andreyknvl@google.com>,
Dan Williams <dan.j.williams@intel.com>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
dri-devel@lists.freedesktop.org, linux-staging@lists.linux.dev,
linux-block@vger.kernel.org, linux-kbuild@vger.kernel.org,
clang-built-linux@googlegroups.com,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
linux-hardening@vger.kernel.org
Subject: [PATCH v2 27/63] fortify: Move remaining fortify helpers into fortify-string.h
Date: Tue, 17 Aug 2021 23:04:57 -0700 [thread overview]
Message-ID: <20210818060533.3569517-28-keescook@chromium.org> (raw)
In-Reply-To: <20210818060533.3569517-1-keescook@chromium.org>
When commit a28a6e860c6c ("string.h: move fortified functions definitions
in a dedicated header.") moved the fortify-specific code, some helpers
were left behind. Moves the remaining fortify-specific helpers into
fortify-string.h so they're together where they're used. This requires
that any FORTIFY helper function prototypes be conditionally built to
avoid "no prototype" warnings. Additionally removes unused helpers.
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Francis Laniel <laniel_francis@privacyrequired.com>
Cc: Daniel Axtens <dja@axtens.net>
Cc: Vincenzo Frascino <vincenzo.frascino@arm.com>
Cc: Andrey Konovalov <andreyknvl@google.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
include/linux/fortify-string.h | 7 +++++++
include/linux/string.h | 9 ---------
lib/string_helpers.c | 2 ++
3 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h
index c1be37437e77..7e67d02764db 100644
--- a/include/linux/fortify-string.h
+++ b/include/linux/fortify-string.h
@@ -2,6 +2,13 @@
#ifndef _LINUX_FORTIFY_STRING_H_
#define _LINUX_FORTIFY_STRING_H_
+#define __FORTIFY_INLINE extern __always_inline __attribute__((gnu_inline))
+#define __RENAME(x) __asm__(#x)
+
+void fortify_panic(const char *name) __noreturn __cold;
+void __read_overflow(void) __compiletime_error("detected read beyond size of object (1st parameter)");
+void __read_overflow2(void) __compiletime_error("detected read beyond size of object (2nd parameter)");
+void __write_overflow(void) __compiletime_error("detected write beyond size of object (1st parameter)");
#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)
extern void *__underlying_memchr(const void *p, int c, __kernel_size_t size) __RENAME(memchr);
diff --git a/include/linux/string.h b/include/linux/string.h
index b48d2d28e0b1..9473f81b9db2 100644
--- a/include/linux/string.h
+++ b/include/linux/string.h
@@ -249,15 +249,6 @@ static inline const char *kbasename(const char *path)
return tail ? tail + 1 : path;
}
-#define __FORTIFY_INLINE extern __always_inline __attribute__((gnu_inline))
-#define __RENAME(x) __asm__(#x)
-
-void fortify_panic(const char *name) __noreturn __cold;
-void __read_overflow(void) __compiletime_error("detected read beyond size of object passed as 1st parameter");
-void __read_overflow2(void) __compiletime_error("detected read beyond size of object passed as 2nd parameter");
-void __read_overflow3(void) __compiletime_error("detected read beyond size of object passed as 3rd parameter");
-void __write_overflow(void) __compiletime_error("detected write beyond size of object passed as 1st parameter");
-
#if !defined(__NO_FORTIFY) && defined(__OPTIMIZE__) && defined(CONFIG_FORTIFY_SOURCE)
#include <linux/fortify-string.h>
#endif
diff --git a/lib/string_helpers.c b/lib/string_helpers.c
index bde13612c25d..faa9d8e4e2c5 100644
--- a/lib/string_helpers.c
+++ b/lib/string_helpers.c
@@ -883,9 +883,11 @@ char *strreplace(char *s, char old, char new)
}
EXPORT_SYMBOL(strreplace);
+#ifdef CONFIG_FORTIFY_SOURCE
void fortify_panic(const char *name)
{
pr_emerg("detected buffer overflow in %s\n", name);
BUG();
}
EXPORT_SYMBOL(fortify_panic);
+#endif /* CONFIG_FORTIFY_SOURCE */
--
2.30.2
next prev parent reply other threads:[~2021-08-18 6:17 UTC|newest]
Thread overview: 116+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-18 6:04 [PATCH v2 00/63] Introduce strict memcpy() bounds checking Kees Cook
2021-08-18 6:04 ` [PATCH v2 01/63] ipw2x00: Avoid field-overflowing memcpy() Kees Cook
2021-08-18 6:04 ` [PATCH v2 02/63] net/mlx5e: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 03/63] rpmsg: glink: Replace strncpy() with strscpy_pad() Kees Cook
2021-08-18 6:04 ` [PATCH v2 04/63] pcmcia: ray_cs: Split memcpy() to avoid bounds check warning Kees Cook
2021-08-18 6:04 ` [PATCH v2 05/63] stddef: Introduce struct_group() helper macro Kees Cook
2021-08-18 22:35 ` Dan Williams
2021-08-18 6:04 ` [PATCH v2 06/63] cxl/core: Replace unions with struct_group() Kees Cook
2021-08-18 22:36 ` Dan Williams
2021-08-18 6:04 ` [PATCH v2 07/63] skbuff: Switch structure bounds to struct_group() Kees Cook
2021-09-01 13:46 ` Jason A. Donenfeld
2021-08-18 6:04 ` [PATCH v2 08/63] bnxt_en: Use struct_group_attr() for memcpy() region Kees Cook
2021-08-18 6:04 ` [PATCH v2 09/63] mwl8k: Use struct_group() " Kees Cook
2021-08-18 6:04 ` [PATCH v2 10/63] libertas: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 11/63] libertas_tf: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 12/63] thermal: intel: int340x_thermal: " Kees Cook
2021-11-23 13:19 ` Rafael J. Wysocki
2021-11-23 23:53 ` Srinivas Pandruvada
2021-11-24 13:33 ` Rafael J. Wysocki
2021-08-18 6:04 ` [PATCH v2 13/63] iommu/amd: " Kees Cook
2021-08-18 11:34 ` Joerg Roedel
2021-08-18 6:04 ` [PATCH v2 14/63] cxgb3: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 15/63] intersil: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 16/63] cxgb4: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 17/63] bnx2x: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 18/63] drm/amd/pm: " Kees Cook
2021-08-18 11:42 ` Lazar, Lijo
2021-08-18 23:59 ` Kees Cook
2021-08-19 5:03 ` Lazar, Lijo
2021-08-19 19:58 ` Kees Cook
2021-08-18 6:04 ` [PATCH v2 19/63] staging: wlan-ng: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 20/63] drm/mga/mga_ioc32: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 21/63] net/mlx5e: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 22/63] HID: cp2112: " Kees Cook
2021-08-20 13:01 ` Jiri Kosina
2021-08-20 15:48 ` Kees Cook
2021-08-18 6:04 ` [PATCH v2 23/63] media: omap3isp: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 24/63] sata_fsl: " Kees Cook
2021-08-18 6:04 ` [PATCH v2 25/63] compiler_types.h: Remove __compiletime_object_size() Kees Cook
2021-08-18 13:02 ` Miguel Ojeda
2021-08-18 6:04 ` [PATCH v2 26/63] lib/string: Move helper functions out of string.c Kees Cook
2021-08-18 9:35 ` Andy Shevchenko
2021-08-18 6:04 ` Kees Cook [this message]
2021-08-18 19:05 ` [PATCH v2 27/63] fortify: Move remaining fortify helpers into fortify-string.h Francis Laniel
2021-08-18 6:04 ` [PATCH v2 28/63] fortify: Explicitly disable Clang support Kees Cook
2021-08-18 6:04 ` [PATCH v2 29/63] fortify: Fix dropped strcpy() compile-time write overflow check Kees Cook
2021-08-18 6:05 ` [PATCH v2 30/63] fortify: Prepare to improve strnlen() and strlen() warnings Kees Cook
2021-08-18 6:05 ` [PATCH v2 31/63] fortify: Allow strlen() and strnlen() to pass compile-time known lengths Kees Cook
2021-08-18 6:05 ` [PATCH v2 32/63] fortify: Add compile-time FORTIFY_SOURCE tests Kees Cook
2021-08-18 6:05 ` [PATCH v2 33/63] lib: Introduce CONFIG_TEST_MEMCPY Kees Cook
2021-08-18 6:05 ` [PATCH v2 34/63] fortify: Detect struct member overflows in memcpy() at compile-time Kees Cook
2021-08-18 6:05 ` [PATCH v2 35/63] fortify: Detect struct member overflows in memmove() " Kees Cook
2021-08-18 6:05 ` [PATCH v2 36/63] scsi: ibmvscsi: Avoid multi-field memset() overflow by aiming at srp Kees Cook
2021-08-18 6:05 ` [PATCH v2 37/63] string.h: Introduce memset_after() for wiping trailing members/padding Kees Cook
2021-08-18 6:05 ` [PATCH v2 38/63] xfrm: Use memset_after() to clear padding Kees Cook
2021-08-18 6:05 ` [PATCH v2 39/63] ipv6: Use memset_after() to zero rt6_info Kees Cook
2021-08-18 6:05 ` [PATCH v2 40/63] netfilter: conntrack: Use memset_startat() to zero struct nf_conn Kees Cook
2021-08-18 6:05 ` [PATCH v2 41/63] net: 802: Use memset_startat() to clear struct fields Kees Cook
2021-08-18 6:05 ` [PATCH v2 42/63] net: dccp: Use memset_startat() for TP zeroing Kees Cook
2021-08-18 6:05 ` [PATCH v2 43/63] net: qede: Use memset_startat() for counters Kees Cook
2021-08-18 6:05 ` [PATCH v2 44/63] mac80211: Use memset_after() to clear tx status Kees Cook
2021-08-18 7:08 ` Johannes Berg
2021-08-18 8:06 ` Johannes Berg
2021-08-18 9:05 ` Kees Cook
2021-08-18 6:05 ` [PATCH v2 45/63] ath11k: Use memset_startat() for clearing queue descriptors Kees Cook
2021-08-19 13:19 ` Kalle Valo
2021-08-19 16:25 ` Kees Cook
2021-08-21 10:17 ` Kalle Valo
2021-08-22 8:11 ` Kees Cook
2021-08-18 6:05 ` [PATCH v2 46/63] iw_cxgb4: Use memset_startat() for cpl_t5_pass_accept_rpl Kees Cook
2021-08-18 6:05 ` [PATCH v2 47/63] intel_th: msu: Use memset_startat() for clearing hw header Kees Cook
2021-08-24 7:38 ` Alexander Shishkin
2021-08-18 6:05 ` [PATCH v2 48/63] IB/mthca: Use memset_startat() for clearing mpt_entry Kees Cook
2021-08-18 6:05 ` [PATCH v2 49/63] btrfs: Use memset_startat() to clear end of struct Kees Cook
2021-08-18 6:35 ` Nikolay Borisov
2021-08-18 9:28 ` David Sterba
2021-08-18 6:05 ` [PATCH v2 50/63] tracing: Use memset_startat() to zero struct trace_iterator Kees Cook
2021-08-18 13:33 ` Steven Rostedt
2021-08-18 16:21 ` Kees Cook
2021-08-18 6:05 ` [PATCH v2 51/63] drbd: Use struct_group() to zero algs Kees Cook
2021-08-18 6:05 ` [PATCH v2 52/63] cm4000_cs: Use struct_group() to zero struct cm4000_dev region Kees Cook
2021-08-18 6:05 ` [PATCH v2 53/63] KVM: x86: Use struct_group() to zero decode cache Kees Cook
2021-08-18 15:11 ` Sean Christopherson
2021-08-18 16:23 ` Kees Cook
2021-08-18 22:53 ` Sean Christopherson
2021-08-18 23:06 ` Kees Cook
2021-08-18 6:05 ` [PATCH v2 54/63] dm integrity: Use struct_group() to zero struct journal_sector Kees Cook
2021-08-18 6:05 ` [PATCH v2 55/63] HID: roccat: Use struct_group() to zero kone_mouse_event Kees Cook
2021-08-20 13:02 ` Jiri Kosina
[not found] ` <CAJr-aD=6-g7VRw2Hw0dhs+RrtA=Tago5r6Dukfw_gGPB0YYKOQ@mail.gmail.com>
2021-08-20 15:27 ` Jiri Kosina
2021-08-20 15:49 ` Kees Cook
2021-08-20 15:57 ` Kees Cook
2021-08-20 16:11 ` Jiri Kosina
2021-08-18 6:05 ` [PATCH v2 56/63] RDMA/mlx5: Use struct_group() to zero struct mlx5_ib_mr Kees Cook
2021-08-19 12:27 ` Jason Gunthorpe
2021-08-19 16:19 ` Kees Cook
2021-08-19 16:47 ` Jason Gunthorpe
2021-08-19 18:14 ` Kees Cook
2021-08-20 12:34 ` Jason Gunthorpe
2021-08-20 15:56 ` Kees Cook
2021-08-18 6:05 ` [PATCH v2 57/63] powerpc/signal32: Use struct_group() to zero spe regs Kees Cook
2021-08-20 7:49 ` Michael Ellerman
2021-08-20 7:53 ` Christophe Leroy
2021-08-20 12:13 ` Michael Ellerman
2021-08-20 15:55 ` Kees Cook
2021-08-23 4:55 ` Michael Ellerman
2021-08-18 6:05 ` [PATCH v2 58/63] ethtool: stats: Use struct_group() to clear all stats at once Kees Cook
2021-08-18 6:05 ` [PATCH v2 59/63] can: flexcan: Use struct_group() to zero struct flexcan_regs regions Kees Cook
2021-08-18 6:26 ` Marc Kleine-Budde
2021-08-18 6:05 ` [PATCH v2 60/63] net/af_iucv: Use struct_group() to zero struct iucv_sock region Kees Cook
2021-09-09 6:14 ` Karsten Graul
2021-08-18 6:05 ` [PATCH v2 61/63] powerpc: Split memset() to avoid multi-field overflow Kees Cook
2021-08-18 6:42 ` Christophe Leroy
2021-08-18 22:30 ` Kees Cook
2021-08-18 6:05 ` [PATCH v2 62/63] fortify: Detect struct member overflows in memset() at compile-time Kees Cook
2021-08-18 6:05 ` [PATCH v2 63/63] fortify: Work around Clang inlining bugs Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210818060533.3569517-28-keescook@chromium.org \
--to=keescook@chromium.org \
--cc=akpm@linux-foundation.org \
--cc=andreyknvl@google.com \
--cc=clang-built-linux@googlegroups.com \
--cc=dan.j.williams@intel.com \
--cc=dja@axtens.net \
--cc=dri-devel@lists.freedesktop.org \
--cc=gregkh@linuxfoundation.org \
--cc=gustavoars@kernel.org \
--cc=laniel_francis@privacyrequired.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-staging@lists.linux.dev \
--cc=linux-wireless@vger.kernel.org \
--cc=linux@rasmusvillemoes.dk \
--cc=netdev@vger.kernel.org \
--cc=vincenzo.frascino@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).