ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE
authorJinbum Park <jinb.park7@gmail.com>
Tue, 6 Mar 2018 00:39:24 +0000 (01:39 +0100)
committerRussell King <rmk+kernel@armlinux.org.uk>
Wed, 28 Mar 2018 20:30:58 +0000 (21:30 +0100)
CONFIG_FORTIFY_SOURCE detects various overflows at compile-time.
(6974f0c4555e ("include/linux/string.h:
add the option of fortified string.h functions)

ARCH_HAS_FORTIFY_SOURCE means that the architecture can be built and
run with CONFIG_FORTIFY_SOURCE.

Since ARM can be built and run with that flag like other architectures,
select ARCH_HAS_FORTIFY_SOURCE as default.

Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jinbum Park <jinb.park7@gmail.com>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
arch/arm/Kconfig
arch/arm/boot/compressed/misc.c

index 7e3d535..3765336 100644 (file)
@@ -7,6 +7,7 @@ config ARM
        select ARCH_HAS_DEBUG_VIRTUAL if MMU
        select ARCH_HAS_DEVMEM_IS_ALLOWED
        select ARCH_HAS_ELF_RANDOMIZE
+       select ARCH_HAS_FORTIFY_SOURCE
        select ARCH_HAS_SET_MEMORY
        select ARCH_HAS_PHYS_TO_DMA
        select ARCH_HAS_STRICT_KERNEL_RWX if MMU && !XIP_KERNEL
index 16a8a80..4a247ac 100644 (file)
@@ -167,3 +167,8 @@ decompress_kernel(unsigned long output_start, unsigned long free_mem_ptr_p,
        else
                putstr(" done, booting the kernel.\n");
 }
+
+void fortify_panic(const char *name)
+{
+       error("detected buffer overflow");
+}