kernel/arch/arm/boot/compressed/misc.c, branch linux-6.19.y

fortify: Improve buffer overflow reporting

2024-02-29T21:38:02Z

Improve the reporting of buffer overflows under CONFIG_FORTIFY_SOURCE to help accelerate debugging efforts. The calculations are all just sitting in registers anyway, so pass them along to the function to be reported. For example, before: detected buffer overflow in memcpy and after: memcpy: detected buffer overflow: 4096 byte read of buffer size 1 Link: https://lore.kernel.org/r/20230407192717.636137-10-keescook@chromium.org Signed-off-by: Kees Cook

fortify: Split reporting and avoid passing string pointer

2024-02-29T21:38:02Z

In preparation for KUnit testing and further improvements in fortify failure reporting, split out the report and encode the function and access failure (read or write overflow) into a single u8 argument. This mainly ends up saving a tiny bit of space in the data segment. For a defconfig with FORTIFY_SOURCE enabled: $ size gcc/vmlinux.before gcc/vmlinux.after text data bss dec hex filename 26132309 9760658 2195460 38088427 2452eeb gcc/vmlinux.before 26132386 9748382 2195460 38076228 244ff44 gcc/vmlinux.after Reviewed-by: Alexander Lobakin Signed-off-by: Kees Cook

ARM: 9311/1: decompressor: move function prototypes to misc.h

2023-06-19T08:35:57Z

A number of prototypes are missing for the decompressor, some of them are in the .c files that contain the callers, but are invisible at the function definition: arch/arm/boot/compressed/misc.c:129:17: error: no previous prototype for '__div0' [-Werror=missing-prototypes] arch/arm/boot/compressed/misc.c:138:1: error: no previous prototype for 'decompress_kernel' [-Werror=missing-prototypes] arch/arm/boot/compressed/misc.c:163:6: error: no previous prototype for 'fortify_panic' [-Werror=missing-prototypes] arch/arm/boot/compressed/decompress.c:63:5: error: no previous prototype for 'do_decompress' [-Werror=missing-prototypes] arch/arm/boot/compressed/fdt_check_mem_start.c:63:10: error: no previous prototype for 'fdt_check_mem_start' [-Werror=missing-prototypes] Move these all to misc.h so they are visible by the callee as well. Reviewed-by: Kees Cook Signed-off-by: Arnd Bergmann Signed-off-by: Russell King (Oracle)

ARM: 9243/1: riscpc: Unbreak the build

2022-09-22T07:29:03Z

This patch fixes the following build error: In file included from ./include/linux/io.h:13, from ./arch/arm/mach-rpc/include/mach/uncompress.h:9, from arch/arm/boot/compressed/misc.c:31: ./arch/arm/include/asm/io.h:85:22: error: conflicting types for ‘__raw_writeb’ 85 | #define __raw_writeb __raw_writeb | ^~~~~~~~~~~~ ./arch/arm/include/asm/io.h:86:20: note: in expansion of macro ‘__raw_writeb’ 86 | static inline void __raw_writeb(u8 val, volatile void __iomem *addr) | ^~~~~~~~~~~~ In file included from arch/arm/boot/compressed/misc.c:26: arch/arm/boot/compressed/misc-ep93xx.h:13:20: note: previous definition of ‘__raw_writeb’ was here 13 | static inline void __raw_writeb(unsigned char value, unsigned int ptr) | ^~~~~~~~~~~~ To: Russell King Cc: Arnd Bergmann Cc: linux-arm-kernel@lists.infradead.org Fixes: 0361c7e504b1 ("ARM: ep93xx: multiplatform support") Signed-off-by: Bart Van Assche Signed-off-by: Russell King (Oracle)

ARM: ep93xx: multiplatform support

2022-04-04T08:22:37Z

With the clock support and the interrupts out of the way, ep93xx can be compiled into the same kernel image as the other ARMv4/v5 platforms. The last obstacle are the two workarounds for broken boot loaders that require us to re-initialize the ethernet controller and/or the watchdog on certain machines. Move this code into the decompressor sources directly, checking for each possibly affected machine individually. Signed-off-by: Arnd Bergmann

ARM: decompressor: disable stack protector

2021-12-03T14:11:24Z

Enabling the stack protector in the decompressor is of dubious value, given that it uses a fixed value for the canary, cannot print any output unless CONFIG_DEBUG_LL is enabled (which relies on board specific build time settings), and is already disabled for a good chunk of the code (libfdt). So let's just disable it in the decompressor. This will make it easier in the future to manage the command line options that would need to be removed again in this context for the TLS register based stack protector. Signed-off-by: Ard Biesheuvel

Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm

2018-04-09T16:19:30Z

Pull ARM updates from Russell King: "A number of core ARM changes: - Refactoring linker script by Nicolas Pitre - Enable source fortification - Add support for Cortex R8" * 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: ARM: decompressor: fix warning introduced in fortify patch ARM: 8751/1: Add support for Cortex-R8 processor ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE ARM: simplify and fix linker script for TCM ARM: linker script: factor out TCM bits ARM: linker script: factor out vectors and stubs ARM: linker script: factor out unwinding table sections ARM: linker script: factor out stuff for the .text section ARM: linker script: factor out stuff for the DISCARD section ARM: linker script: factor out some common definitions between XIP and non-XIP

zboot: fix stack protector in compressed boot phase

2018-04-06T04:36:21Z

Calling __stack_chk_guard_setup() in decompress_kernel() is too late that stack checking always fails for decompress_kernel() itself. So remove __stack_chk_guard_setup() and initialize __stack_chk_guard before we call decompress_kernel(). Original code comes from ARM but also used for MIPS and SH, so fix them together. If without this fix, compressed booting of these archs will fail because stack checking is enabled by default (>=4.16). Link: http://lkml.kernel.org/r/1522226933-29317-1-git-send-email-chenhc@lemote.com Fixes: 8779657d29c0 ("stackprotector: Introduce CONFIG_CC_STACKPROTECTOR_STRONG") Signed-off-by: Huacai Chen Acked-by: James Hogan Acked-by: Kees Cook Acked-by: Rich Felker Cc: Ralf Baechle Cc: Russell King Cc: Yoshinori Sato Cc: Ingo Molnar Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

ARM: decompressor: fix warning introduced in fortify patch

2018-04-05T22:56:40Z

Commit ee333554fed5 ("ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE") introduced a new warning: arch/arm/boot/compressed/misc.c: In function 'fortify_panic': arch/arm/boot/compressed/misc.c:167:1: error: 'noreturn' function does return [-Werror] The simple solution would be to make 'error' a noreturn function, but this causes a prototype mismatch as the function is prototyped in several .c files. So, move the function prototype to a new header. There are also a couple of variables that are also declared in several locations. Clean this up while we are here. Signed-off-by: Russell King

ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE

2018-03-28T20:30:58Z

CONFIG_FORTIFY_SOURCE detects various overflows at compile-time. (6974f0c4555e ("include/linux/string.h: add the option of fortified string.h functions) ARCH_HAS_FORTIFY_SOURCE means that the architecture can be built and run with CONFIG_FORTIFY_SOURCE. Since ARM can be built and run with that flag like other architectures, select ARCH_HAS_FORTIFY_SOURCE as default. Acked-by: Kees Cook Signed-off-by: Jinbum Park Signed-off-by: Russell King