Hosts the 0x221E linux distro kernel. https://universe.0xinfinity.dev/distro/kernel/atom?h=linux-rolling-stable 2024-02-29T21:38:02Z 2024-02-29T21:38:02Z Kees Cook keescook@chromium.org 2023-04-07T19:27:16Z urn:sha1:3d965b33e40d973b450cb0212913f039476c16f4 Improve the reporting of buffer overflows under CONFIG_FORTIFY_SOURCE to help accelerate debugging efforts. The calculations are all just sitting in registers anyway, so pass them along to the function to be reported. For example, before: detected buffer overflow in memcpy and after: memcpy: detected buffer overflow: 4096 byte read of buffer size 1 Link: https://lore.kernel.org/r/20230407192717.636137-10-keescook@chromium.org Signed-off-by: Kees Cook <keescook@chromium.org> 2024-02-29T21:38:02Z Kees Cook keescook@chromium.org 2023-04-07T19:27:13Z urn:sha1:475ddf1fce1ec4826c8dda40ec59f7f83a7aadb8 In preparation for KUnit testing and further improvements in fortify failure reporting, split out the report and encode the function and access failure (read or write overflow) into a single u8 argument. This mainly ends up saving a tiny bit of space in the data segment. For a defconfig with FORTIFY_SOURCE enabled: $ size gcc/vmlinux.before gcc/vmlinux.after text data bss dec hex filename 26132309 9760658 2195460 38088427 2452eeb gcc/vmlinux.before 26132386 9748382 2195460 38076228 244ff44 gcc/vmlinux.after Reviewed-by: Alexander Lobakin <aleksander.lobakin@intel.com> Signed-off-by: Kees Cook <keescook@chromium.org> 2023-06-19T08:35:57Z Arnd Bergmann arnd@arndb.de 2023-06-02T18:29:01Z urn:sha1:9d1f3aa63c65f8fefe050d91b3f599e8e320eeb0 A number of prototypes are missing for the decompressor, some of them are in the .c files that contain the callers, but are invisible at the function definition: arch/arm/boot/compressed/misc.c:129:17: error: no previous prototype for '__div0' [-Werror=missing-prototypes] arch/arm/boot/compressed/misc.c:138:1: error: no previous prototype for 'decompress_kernel' [-Werror=missing-prototypes] arch/arm/boot/compressed/misc.c:163:6: error: no previous prototype for 'fortify_panic' [-Werror=missing-prototypes] arch/arm/boot/compressed/decompress.c:63:5: error: no previous prototype for 'do_decompress' [-Werror=missing-prototypes] arch/arm/boot/compressed/fdt_check_mem_start.c:63:10: error: no previous prototype for 'fdt_check_mem_start' [-Werror=missing-prototypes] Move these all to misc.h so they are visible by the callee as well. Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> 2018-04-05T22:56:40Z Russell King rmk+kernel@armlinux.org.uk 2018-03-29T10:59:17Z urn:sha1:5f8d561fb019a3ebe073c019bf5f797f5b06c55e Commit ee333554fed5 ("ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE") introduced a new warning: arch/arm/boot/compressed/misc.c: In function 'fortify_panic': arch/arm/boot/compressed/misc.c:167:1: error: 'noreturn' function does return [-Werror] The simple solution would be to make 'error' a noreturn function, but this causes a prototype mismatch as the function is prototyped in several .c files. So, move the function prototype to a new header. There are also a couple of variables that are also declared in several locations. Clean this up while we are here. Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>