| Message ID | 20210822075122.864511-16-keescook@chromium.org (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | Prepare for better FORTIFY_SOURCE | expand |
On Sun, Aug 22, 2021 at 12:57 AM Kees Cook <keescook@chromium.org> wrote: > > When commit a28a6e860c6c ("string.h: move fortified functions definitions > in a dedicated header.") moved the fortify-specific code, some helpers > were left behind. Move the remaining fortify-specific helpers into > fortify-string.h so they're together where they're used. This requires > that any FORTIFY helper function prototypes be conditionally built to > avoid "no prototype" warnings. Additionally removes unused helpers. > > Acked-by: Francis Laniel <laniel_francis@privacyrequired.com> > Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> > --- > include/linux/fortify-string.h | 7 +++++++ > include/linux/string.h | 9 --------- > lib/string_helpers.c | 2 ++ > 3 files changed, 9 insertions(+), 9 deletions(-) > > diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h > index c1be37437e77..7e67d02764db 100644 > --- a/include/linux/fortify-string.h > +++ b/include/linux/fortify-string.h > @@ -2,6 +2,13 @@ > #ifndef _LINUX_FORTIFY_STRING_H_ > #define _LINUX_FORTIFY_STRING_H_ > > +#define __FORTIFY_INLINE extern __always_inline __attribute__((gnu_inline)) > +#define __RENAME(x) __asm__(#x) > + > +void fortify_panic(const char *name) __noreturn __cold; > +void __read_overflow(void) __compiletime_error("detected read beyond size of object (1st parameter)"); > +void __read_overflow2(void) __compiletime_error("detected read beyond size of object (2nd parameter)"); > +void __write_overflow(void) __compiletime_error("detected write beyond size of object (1st parameter)"); > > #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) > extern void *__underlying_memchr(const void *p, int c, __kernel_size_t size) __RENAME(memchr); > diff --git a/include/linux/string.h b/include/linux/string.h > index b48d2d28e0b1..9473f81b9db2 100644 > --- a/include/linux/string.h > +++ b/include/linux/string.h > @@ -249,15 +249,6 @@ static inline const char *kbasename(const char *path) > return tail ? tail + 1 : path; > } > > -#define __FORTIFY_INLINE extern __always_inline __attribute__((gnu_inline)) > -#define __RENAME(x) __asm__(#x) > - > -void fortify_panic(const char *name) __noreturn __cold; > -void __read_overflow(void) __compiletime_error("detected read beyond size of object passed as 1st parameter"); > -void __read_overflow2(void) __compiletime_error("detected read beyond size of object passed as 2nd parameter"); > -void __read_overflow3(void) __compiletime_error("detected read beyond size of object passed as 3rd parameter"); > -void __write_overflow(void) __compiletime_error("detected write beyond size of object passed as 1st parameter"); > - > #if !defined(__NO_FORTIFY) && defined(__OPTIMIZE__) && defined(CONFIG_FORTIFY_SOURCE) > #include <linux/fortify-string.h> > #endif > diff --git a/lib/string_helpers.c b/lib/string_helpers.c > index e9433caab217..1274f45ffaf4 100644 > --- a/lib/string_helpers.c > +++ b/lib/string_helpers.c > @@ -879,9 +879,11 @@ char *strreplace(char *s, char old, char new) > } > EXPORT_SYMBOL(strreplace); > > +#ifdef CONFIG_FORTIFY_SOURCE > void fortify_panic(const char *name) > { > pr_emerg("detected buffer overflow in %s\n", name); > BUG(); > } > EXPORT_SYMBOL(fortify_panic); > +#endif /* CONFIG_FORTIFY_SOURCE */ > -- > 2.30.2 > > -- > You received this message because you are subscribed to the Google Groups "Clang Built Linux" group. > To unsubscribe from this group and stop receiving emails from it, send an email to clang-built-linux+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msgid/clang-built-linux/20210822075122.864511-16-keescook%40chromium.org.
diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h index c1be37437e77..7e67d02764db 100644 --- a/include/linux/fortify-string.h +++ b/include/linux/fortify-string.h @@ -2,6 +2,13 @@ #ifndef _LINUX_FORTIFY_STRING_H_ #define _LINUX_FORTIFY_STRING_H_ +#define __FORTIFY_INLINE extern __always_inline __attribute__((gnu_inline)) +#define __RENAME(x) __asm__(#x) + +void fortify_panic(const char *name) __noreturn __cold; +void __read_overflow(void) __compiletime_error("detected read beyond size of object (1st parameter)"); +void __read_overflow2(void) __compiletime_error("detected read beyond size of object (2nd parameter)"); +void __write_overflow(void) __compiletime_error("detected write beyond size of object (1st parameter)"); #if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS) extern void *__underlying_memchr(const void *p, int c, __kernel_size_t size) __RENAME(memchr); diff --git a/include/linux/string.h b/include/linux/string.h index b48d2d28e0b1..9473f81b9db2 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -249,15 +249,6 @@ static inline const char *kbasename(const char *path) return tail ? tail + 1 : path; } -#define __FORTIFY_INLINE extern __always_inline __attribute__((gnu_inline)) -#define __RENAME(x) __asm__(#x) - -void fortify_panic(const char *name) __noreturn __cold; -void __read_overflow(void) __compiletime_error("detected read beyond size of object passed as 1st parameter"); -void __read_overflow2(void) __compiletime_error("detected read beyond size of object passed as 2nd parameter"); -void __read_overflow3(void) __compiletime_error("detected read beyond size of object passed as 3rd parameter"); -void __write_overflow(void) __compiletime_error("detected write beyond size of object passed as 1st parameter"); - #if !defined(__NO_FORTIFY) && defined(__OPTIMIZE__) && defined(CONFIG_FORTIFY_SOURCE) #include <linux/fortify-string.h> #endif diff --git a/lib/string_helpers.c b/lib/string_helpers.c index e9433caab217..1274f45ffaf4 100644 --- a/lib/string_helpers.c +++ b/lib/string_helpers.c @@ -879,9 +879,11 @@ char *strreplace(char *s, char old, char new) } EXPORT_SYMBOL(strreplace); +#ifdef CONFIG_FORTIFY_SOURCE void fortify_panic(const char *name) { pr_emerg("detected buffer overflow in %s\n", name); BUG(); } EXPORT_SYMBOL(fortify_panic); +#endif /* CONFIG_FORTIFY_SOURCE */
When commit a28a6e860c6c ("string.h: move fortified functions definitions in a dedicated header.") moved the fortify-specific code, some helpers were left behind. Move the remaining fortify-specific helpers into fortify-string.h so they're together where they're used. This requires that any FORTIFY helper function prototypes be conditionally built to avoid "no prototype" warnings. Additionally removes unused helpers. Acked-by: Francis Laniel <laniel_francis@privacyrequired.com> Signed-off-by: Kees Cook <keescook@chromium.org> --- include/linux/fortify-string.h | 7 +++++++ include/linux/string.h | 9 --------- lib/string_helpers.c | 2 ++ 3 files changed, 9 insertions(+), 9 deletions(-)