Re: [PATCH 6/9] fortify: Split reporting and avoid passing string pointer
From: Andy Shevchenko
Date: Thu Apr 06 2023 - 06:21:37 EST
On Thu, Apr 6, 2023 at 3:02 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> In preparation for KUnit testing and further improvements in fortify
> failure reporting, split out the report and encode the function and
> access failure (read or write overflow) into a single int argument. This
> mainly ends up saving some space in the data segment. For a defconfig
> with FORTIFY_SOURCE enabled:
>
> $ size gcc/vmlinux.before gcc/vmlinux.after
> text data bss dec hex filename
> 26132309 9760658 2195460 38088427 2452eeb gcc/vmlinux.before
> 26132386 9748382 2195460 38076228 244ff44 gcc/vmlinux.after
...
> + const char *name;
> + const bool write = !!(reason & 0x1);
Perhaps define that as
FORTIFY_READ_WRITE BIT(0)
FORTIFY_FUNC_SHIFT 1
const bool write = reason & FORTIFY_READ_WRITE; // and note no need for !! part
switch (reason >> FORTIFY_FUNC_SHIFT) {
> + switch (reason >> 1) {
> + case FORTIFY_FUNC_strncpy:
> + name = "strncpy";
> + break;
> + case FORTIFY_FUNC_strnlen:
> + name = "strnlen";
> + break;
> + case FORTIFY_FUNC_strlen:
> + name = "strlen";
> + break;
> + case FORTIFY_FUNC_strlcpy:
> + name = "strlcpy";
> + break;
> + case FORTIFY_FUNC_strscpy:
> + name = "strscpy";
> + break;
> + case FORTIFY_FUNC_strlcat:
> + name = "strlcat";
> + break;
> + case FORTIFY_FUNC_strcat:
> + name = "strcat";
> + break;
> + case FORTIFY_FUNC_strncat:
> + name = "strncat";
> + break;
> + case FORTIFY_FUNC_memset:
> + name = "memset";
> + break;
> + case FORTIFY_FUNC_memcpy:
> + name = "memcpy";
> + break;
> + case FORTIFY_FUNC_memmove:
> + name = "memmove";
> + break;
> + case FORTIFY_FUNC_memscan:
> + name = "memscan";
> + break;
> + case FORTIFY_FUNC_memcmp:
> + name = "memcmp";
> + break;
> + case FORTIFY_FUNC_memchr:
> + name = "memchr";
> + break;
> + case FORTIFY_FUNC_memchr_inv:
> + name = "memchr_inv";
> + break;
> + case FORTIFY_FUNC_kmemdup:
> + name = "kmemdup";
> + break;
> + case FORTIFY_FUNC_strcpy:
> + name = "strcpy";
> + break;
> + default:
> + name = "unknown";
> + }
...
> + WARN(1, "%s: detected buffer %s overflow\n", name, write ? "write" : "read");
Using str_read_write() ?
Dunno if it's already there or needs to be added. I have some patches
to move those str_*() to string_choices.h. We can also prepend yours
with those.
--
With Best Regards,
Andy Shevchenko