ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE

jinb-park · Russell King · commit ee333554fed5 · 2018-03-28T21:30:58.000+01:00
CONFIG_FORTIFY_SOURCE detects various overflows at compile-time. (6974f0c ("include/linux/string.h: add the option of fortified string.h functions) ARCH_HAS_FORTIFY_SOURCE means that the architecture can be built and run with CONFIG_FORTIFY_SOURCE. Since ARM can be built and run with that flag like other architectures, select ARCH_HAS_FORTIFY_SOURCE as default. Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Jinbum Park <jinb.park7@gmail.com> Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
@@ -7,6 +7,7 @@ config ARM
 	select ARCH_HAS_DEBUG_VIRTUAL if MMU
 	select ARCH_HAS_DEVMEM_IS_ALLOWED
 	select ARCH_HAS_ELF_RANDOMIZE
+	select ARCH_HAS_FORTIFY_SOURCE
 	select ARCH_HAS_SET_MEMORY
 	select ARCH_HAS_PHYS_TO_DMA
 	select ARCH_HAS_STRICT_KERNEL_RWX if MMU && !XIP_KERNEL
diff --git a/arch/arm/boot/compressed/misc.c b/arch/arm/boot/compressed/misc.c
@@ -167,3 +167,8 @@ decompress_kernel(unsigned long output_start, unsigned long free_mem_ptr_p,
 	else
 		putstr(" done, booting the kernel.\n");
 }
+
+void fortify_panic(const char *name)
+{
+	error("detected buffer overflow");
+}

Original file line number	Diff line number	Diff line change
`@@ -167,3 +167,8 @@ decompress_kernel(unsigned long output_start, unsigned long free_mem_ptr_p,`
`167`	`167`	`else`
`168`	`168`	`putstr(" done, booting the kernel.\n");`
`169`	`169`	`}`
	`170`	`+`
	`171`	`+void fortify_panic(const char *name)`
	`172`	`+{`
	`173`	`+ error("detected buffer overflow");`
	`174`	`+}`