From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751517AbdFZXva (ORCPT ); Mon, 26 Jun 2017 19:51:30 -0400 Received: from mail-pf0-f179.google.com ([209.85.192.179]:34640 "EHLO mail-pf0-f179.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751440AbdFZXvX (ORCPT ); Mon, 26 Jun 2017 19:51:23 -0400 Date: Mon, 26 Jun 2017 16:51:22 -0700 From: Kees Cook To: Andrew Morton Cc: Jonathan Corbet , Mika Westerberg , Bjorn Helgaas , Mauro Carvalho Chehab , Heikki Krogerus , Daniel Micay , linux-kernel@vger.kernel.org Subject: [PATCH] fortify: Avoid panic() in favor of BUG() Message-ID: <20170626235122.GA25261@beast> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Since detection of a given fortify failure is sufficient to stop the memory corruption from happening, it doesn't make sense to unconditionally bring down the entire system. Instead, use BUG() which will stop the bad thread of kernel execution (and only optionally panic the system). Cc: Daniel Micay Signed-off-by: Kees Cook --- lib/string.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/string.c b/lib/string.c index a6ee1955a701..ebbb99c775bd 100644 --- a/lib/string.c +++ b/lib/string.c @@ -981,6 +981,7 @@ EXPORT_SYMBOL(strreplace); void fortify_panic(const char *name) { - panic("detected buffer overflow in %s", name); + pr_emerg("detected buffer overflow in %s\n", name); + BUG(); } EXPORT_SYMBOL(fortify_panic); -- 2.7.4 -- Kees Cook Pixel Security