From patchwork Mon Mar  5 11:18:24 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jinbum Park <jinb.park7@gmail.com>
X-Patchwork-Id: 10258725
Return-Path: 
 <linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	CB4DD60134 for <patchwork-linux-arm@patchwork.kernel.org>;
	Mon,  5 Mar 2018 11:19:29 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B9BED2896B
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Mon,  5 Mar 2018 11:19:29 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id AE42128984; Mon,  5 Mar 2018 11:19:29 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM autolearn=ham version=3.3.1
Received: from bombadil.infradead.org (bombadil.infradead.org
	[198.137.202.133])
	(using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3F7552896B
	for <patchwork-linux-arm@patchwork.kernel.org>;
	Mon,  5 Mar 2018 11:19:29 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-ID:Subject:To:From
	:Date:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:
	List-Owner; bh=ewma/QExjZ+DxTNJkd9oFQ5PIr3VvI+RcG0N+aXNhYY=;
	b=ngm0ZtVLTGa0gw
	uP3pVuSmeg2wtKCWkW2dNPqDOubli186kJ+FHFXdOwDq3C2gsh7iOIP0BizSvsnPeS2b/z4lh35/A
	F5XWtZCKfi3XTlnFkjgWCnGhtfIDVHwBxaLBQ3Zupw0U9W2C363r4z+lrIbWhoCmovV/pQWScWBV6
	+HZF8DwWcMuEqnIxsSU2AcvTjJCiyYLydspqVuh/a+8N6+JNmdewxnkER7tOrjFa9XKbucSCCP3gM
	fLY4TqPWrblVE72QuTeFO18BlBzXvz4C3WoszjzN9mR7vY3eu5RnLtHIPtr1W3X7/udyZ6ExmkVI1
	J14T7gn+46kPSAeg4cYA==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux))
	id 1eso9H-00065A-Af; Mon, 05 Mar 2018 11:19:19 +0000
Received: from mail-pf0-x244.google.com ([2607:f8b0:400e:c00::244])
	by bombadil.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux))
	id 1eso8g-0005gC-2E for linux-arm-kernel@lists.infradead.org;
	Mon, 05 Mar 2018 11:19:05 +0000
Received: by mail-pf0-x244.google.com with SMTP id a16so7043819pfn.9
	for <linux-arm-kernel@lists.infradead.org>;
	Mon, 05 Mar 2018 03:18:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=date:from:to:cc:subject:message-id:mime-version:content-disposition
	:user-agent; bh=VS5Cvod2yup69YZ8TkrWuwx4G0+ROdocQ7MzaK//5/M=;
	b=Mqnedi5d74w3vhGLwtVkaHVaPV/rizriFgnHONg7l1EItxWeXUxHF0TwGrqg7uqQA0
	KWRMe2OrhxxBIiKwnh/rZbysLhht4Gi73NzQwhJVJY9OuDHqN64eBHWN2NQtImwJMwuU
	TYMUzl8v65LH00zlBCqBrzrFUu7VKPM1ZGuY0ta32k8hwcRl5RmX3UUNZv4/i+zMasSp
	pMV8A90aZVAzZnOZ8NVZyKNHm2Xum3JUaDKrFyXZKo4qFIK5disUhyUtakM1rUQoqg8m
	7aTXgyHVeKCj6STcKu+kYQYdnXp1ztc2kuxTgrTSW2XjMToeT0s/K7IY0WLmFsJkot3u
	1cSw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version
	:content-disposition:user-agent;
	bh=VS5Cvod2yup69YZ8TkrWuwx4G0+ROdocQ7MzaK//5/M=;
	b=Mj2T9xZ2cgdUNOKfytp5/SNdbsuq507tt7+KiMLSLJ2+gnlUiEdM+gmrzthQ0hm0l/
	QE3ZnNbMiv4if/214t2UXJvg4lvjpsu85EOoV1cAHqY/EcMv9Ct+fSV6GDjbKvqks9Uu
	53TiGy/oUxpOEs3QFs4OkVtprvVSUQNSknugvcH73PUNCf18MDIUdXPksAMLBQSZw3cS
	ZTQJ9pXp0pVxgqw6lf670za6ibu22Bnf5w/eClfeRQognkuz4W0fSSiV7RvWaDdklUml
	0dZphbzsN233PnmOGr6f+6qNeeNAf8KSEvyEiCwI8FvSF069WBn00bVJvsb/oE4b4j8q
	Q5cA==
X-Gm-Message-State: APf1xPBbGhEsqA1+1OC9fXKYoBj72AFJx0FuMrHzlYK4PhW4cHaNsOjQ
	qef1g1/GFzhyCXZCS3ZNYvzxkQ==
X-Google-Smtp-Source: 
 AG47ELuyQJykPPp4OHWuZbYYO3hWXSmg4n1lenpFYYjGGa4cwOPMCxiUibVctIkA2rXzoc09FgJlbw==
X-Received: by 10.99.179.77 with SMTP id x13mr11042502pgt.148.1520248711052;
	Mon, 05 Mar 2018 03:18:31 -0800 (PST)
Received: from pjb1027-Latitude-E5410 ([58.227.15.43])
	by smtp.gmail.com with ESMTPSA id
	i12sm363103pgr.9.2018.03.05.03.18.27
	(version=TLS1_2 cipher=AES128-SHA bits=128/128);
	Mon, 05 Mar 2018 03:18:30 -0800 (PST)
Date: Mon, 5 Mar 2018 20:18:24 +0900
From: Jinbum Park <jinb.park7@gmail.com>
To: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
	kernel-hardening@lists.openwall.com
Subject: [PATCH v2 2/2] arm: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE
Message-ID: <20180305111824.GA4216@pjb1027-Latitude-E5410>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20180305_031842_482215_88B351DD 
X-CRM114-Status: GOOD (  12.33  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
	<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Cc: kstewart@linuxfoundation.org, mark.rutland@arm.com,
	catalin.marinas@arm.com,
	keescook@chromium.org, arnd@arndb.de, gregkh@linuxfoundation.org,
	will.deacon@arm.com, luto@amacapital.net, danielmicay@gmail.com,
	dsafonov@virtuozzo.com, tglx@linutronix.de
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org
X-Virus-Scanned: ClamAV using ClamSMTP

CONFIG_FORTIFY_SOURCE detects various overflows at compile-time.
(6974f0c4555e ("include/linux/string.h:
add the option of fortified string.h functions)

ARCH_HAS_FORTIFY_SOURCE means that the architecture can be built and
run with CONFIG_FORTIFY_SOURCE.

Since ARM can be built and run with that flag like other architectures,
select ARCH_HAS_FORTIFY_SOURCE as default.

Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jinbum Park <jinb.park7@gmail.com>
---
v2: Add fortify_panic() in arch/arm/boot/compressed/misc.c,
    Because there will be a build error if without that function.
---
 arch/arm/Kconfig                | 1 +
 arch/arm/boot/compressed/misc.c | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 7e3d535..3765336 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -7,6 +7,7 @@ config ARM
 	select ARCH_HAS_DEBUG_VIRTUAL if MMU
 	select ARCH_HAS_DEVMEM_IS_ALLOWED
 	select ARCH_HAS_ELF_RANDOMIZE
+	select ARCH_HAS_FORTIFY_SOURCE
 	select ARCH_HAS_SET_MEMORY
 	select ARCH_HAS_PHYS_TO_DMA
 	select ARCH_HAS_STRICT_KERNEL_RWX if MMU && !XIP_KERNEL
diff --git a/arch/arm/boot/compressed/misc.c b/arch/arm/boot/compressed/misc.c
index 16a8a80..4a247ac 100644
--- a/arch/arm/boot/compressed/misc.c
+++ b/arch/arm/boot/compressed/misc.c
@@ -167,3 +167,8 @@ void __stack_chk_fail(void)
 	else
 		putstr(" done, booting the kernel.\n");
 }
+
+void fortify_panic(const char *name)
+{
+	error("detected buffer overflow");
+}