Re: [PATCH] kernel/panic: Do not append newline to the stack protector panic string
From: Kees Cook
Date: Mon Oct 08 2018 - 17:57:55 EST
On Mon, Oct 8, 2018 at 1:29 PM, Borislav Petkov <bp@xxxxxxxxx> wrote:
> From: Borislav Petkov <bp@xxxxxxx>
>
> ... because panic() itself already does this. Otherwise you have
> line-broken trailer:
>
> [ 1.836965] ---[ end Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: pgd_alloc+0x29e/0x2a0
> [ 1.836965] ]---
>
> Signed-off-by: Borislav Petkov <bp@xxxxxxx>
> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx>
> Cc: "Steven Rostedt (VMware)" <rostedt@xxxxxxxxxxx>
Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
Andrew, can you take this?
-Kees
> ---
> kernel/panic.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/panic.c b/kernel/panic.c
> index 8b2e002d52eb..837a94b7024d 100644
> --- a/kernel/panic.c
> +++ b/kernel/panic.c
> @@ -631,7 +631,7 @@ device_initcall(register_warn_debugfs);
> */
> __visible void __stack_chk_fail(void)
> {
> - panic("stack-protector: Kernel stack is corrupted in: %pB\n",
> + panic("stack-protector: Kernel stack is corrupted in: %pB",
> __builtin_return_address(0));
> }
> EXPORT_SYMBOL(__stack_chk_fail);
> --
> 2.19.0.271.gfe8321ec057f
>
--
Kees Cook
Pixel Security