Re: Add "FORTIFY_SOURCE" to the linux kernel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[email protected] wrote:

diff -purN linux-2.6.12-rc5/include/asm-ppc/uaccess.h linux-fortify/include/asm-ppc/uaccess.h
--- linux-2.6.12-rc5/include/asm-ppc/uaccess.h	2005-05-25 10:10:45.000000000 +0200
+++ linux-fortify/include/asm-ppc/uaccess.h	2005-05-25 10:23:00.000000000 +0200
@@ -330,8 +330,18 @@ copy_to_user(void __user *to, const void
 	return n;
 }
+extern void __chk_fail(void);
+
 static inline unsigned long __copy_from_user(void *to, const void __user *from, unsigned long size)
 {
+#ifdef CONFIG_FORTIFY_SOURCE
+ /* + * if we know the size of "to" then we can validate that we don't overrun the buffer.
+	 * note that if __nbytes is known at compiletime this check is nicely optimized out
+         */
+	if (__bos0 (to) != (size_t) -1 && size > __bos0 (to))
+		__chk_fail();
+#endif
 	return __copy_tofrom_user((__force void __user *)to, from, size);
 }
+EXPORT_SYMBOL_GPL(__chk_fail);

Hello,
  how is this going to comply with rule that no existing symbols will be turned
into GPLONLY symbols, as stated by Linus couple of time, and mentioned for example
at http://www.tux.org/lkml/#s1-19 ?  To me it looks that no non-GPL module can work
on such kernel anymore, as memcpy/strcpy/... functions now, although themselves non-GPL
accessible (but inline...), depend on GPLONLY symbols.  Can you explain this to
me?

  And if you think that it is right thing to do, would not it be simpler for
everybody changing module loader so it just refuses to load non-GPL modules ?
Final functionality would be same in both cases...
							Thanks,
								Petr Vandrovec

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux