Re: [PATCH] ARM: kprobes: Fix false positive with FORTIFY_SOURCE

From: Masami Hiramatsu
Date: Mon Oct 22 2018 - 21:06:13 EST


On Mon, 22 Oct 2018 02:30:23 -0700
Kees Cook <keescook@xxxxxxxxxxxx> wrote:

> The arm compiler internally interprets an inline assembly label
> as an unsigned long value, not a pointer. As a result, under
> CONFIG_FORTIFY_SOURCE, the size of the array pointed to by an address
> of a label is 4 bytes, which was tripping the runtime checks. Instead,
> we can just cast the label (as done with the size calculations earlier)
> to avoid the problem.
>
> Reported-by: William Cohen <wcohen@xxxxxxxxxx>
> Fixes: 6974f0c4555e ("include/linux/string.h: add the option of fortified string.h functions")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

Good catch! This looks good to me.

Acked-by: Masami Hiramatsu <mhiramat@xxxxxxxxxx>

Thank you,


> ---
> arch/arm/probes/kprobes/opt-arm.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/arm/probes/kprobes/opt-arm.c b/arch/arm/probes/kprobes/opt-arm.c
> index b2aa9b32bff2..2c118a6ab358 100644
> --- a/arch/arm/probes/kprobes/opt-arm.c
> +++ b/arch/arm/probes/kprobes/opt-arm.c
> @@ -247,7 +247,7 @@ int arch_prepare_optimized_kprobe(struct optimized_kprobe *op, struct kprobe *or
> }
>
> /* Copy arch-dep-instance from template. */
> - memcpy(code, &optprobe_template_entry,
> + memcpy(code, (unsigned char *)optprobe_template_entry,
> TMPL_END_IDX * sizeof(kprobe_opcode_t));
>
> /* Adjust buffer according to instruction. */
> --
> 2.17.1
>
>
> --
> Kees Cook
> Pixel Security


--
Masami Hiramatsu <mhiramat@xxxxxxxxxx>