Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2024-12-29 17:22:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

hardening fix for v6.13-rc4

Browse Source 
- FORTIFY: Silence GCC value range warnings due to warning-only bounds checks
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQRSPkdeREjth1dHnSE2KwveOeQkuwUCZ2DGsgAKCRA2KwveOeQk
 uz9HAP4xx8yjVeXu8tnQCe6usJ0MU36imK6Yw0auEcErrhD7MAD/UGojymCEjO9T
 sgwF0X9DVh3L2wJ+AKEyUOT/iN3ZQgo=
 =HElM
 -----END PGP SIGNATURE-----

Merge tag 'hardening-v6.13-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull hardening fix from Kees Cook:
 "Silence a GCC value-range warning that is being ironically triggered
  by bounds checking"

* tag 'hardening-v6.13-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  fortify: Hide run-time copy size from value range tracking
This commit is contained in:
Linus Torvalds 2024-12-17 08:45:40 -08:00
commit 1f13c38a85
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
include/linux/fortify-string.h
View File

@ -616,6 +616,12 @@ __FORTIFY_INLINE bool fortify_memcpy_chk(__kernel_size_t size,
return false;
}
/*
* To work around what seems to be an optimizer bug, the macro arguments
* need to have const copies or the values end up changed by the time they
* reach fortify_warn_once(). See commit 6f7630b1b5bc ("fortify: Capture
* __bos() results in const temp vars") for more details.
*/
#define __fortify_memcpy_chk(p, q, size, p_size, q_size, \
p_size_field, q_size_field, op) ({ \
const size_t __fortify_size = (size_t)(size); \
@ -623,6 +629,8 @@ __FORTIFY_INLINE bool fortify_memcpy_chk(__kernel_size_t size,
const size_t __q_size = (q_size); \
const size_t __p_size_field = (p_size_field); \
const size_t __q_size_field = (q_size_field); \
/* Keep a mutable version of the size for the final copy. */ \
size_t __copy_size = __fortify_size; \
fortify_warn_once(fortify_memcpy_chk(__fortify_size, __p_size, \
__q_size, __p_size_field, \
__q_size_field, FORTIFY_FUNC_ ##op), \
@ -630,7 +638,11 @@ __FORTIFY_INLINE bool fortify_memcpy_chk(__kernel_size_t size,
__fortify_size, \
"field \"" #p "\" at " FILE_LINE, \
__p_size_field); \
__underlying_##op(p, q, __fortify_size); \
/* Hide only the run-time size from value range tracking to */ \
/* silence compile-time false positive bounds warnings. */ \
if (!__builtin_constant_p(__copy_size)) \
OPTIMIZER_HIDE_VAR(__copy_size); \
__underlying_##op(p, q, __copy_size); \
})
/*