Re: [PATCH 7/7] include/linux/string.h: add the option of fortified string.h functions

From: Geert Uytterhoeven
Date: Sun Sep 10 2017 - 07:08:11 EST

Hi Kees, Daniel,

On Mon, Jun 19, 2017 at 10:26 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> From: Daniel Micay <danielmicay@xxxxxxxxx>
> This adds support for compiling with a rough equivalent to the glibc
> _FORTIFY_SOURCE=1 feature, providing compile-time and runtime buffer
> overflow checks for string.h functions when the compiler determines the
> size of the source or destination buffer at compile-time. Unlike glibc,
> it covers buffer reads in addition to writes.


> Link:
> Signed-off-by: Daniel Micay <danielmicay@xxxxxxxxx>
> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: Mark Rutland <mark.rutland@xxxxxxx>
> Cc: Daniel Axtens <dja@xxxxxxxxxx>
> Cc: Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx>
> Cc: Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>
> Cc: Chris Metcalf <cmetcalf@xxxxxxxxxx>
> Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Cc: "H. Peter Anvin" <hpa@xxxxxxxxx>
> Cc: Ingo Molnar <mingo@xxxxxxx>
> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> [kees: move from -mm, add ARCH_HAS_FORTIFY_SOURCE, tweak Kconfig help]
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

This is now commit 6974f0c4555e285a upstream.

> --- a/include/linux/string.h
> +++ b/include/linux/string.h
> @@ -187,4 +187,204 @@ static inline const char *kbasename(const char *path)
> return tail ? tail + 1 : path;
> }
> +#define __FORTIFY_INLINE extern __always_inline __attribute__((gnu_inline))

With gcc-4.1.2, I now get zillions of:

include/linux/string.h:439: warning: âgnu_inlineâ attribute
directive ignored

This attribute seems to be supported as of gcc 4.2?



Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds