From: Kees Cook <kees@kernel.org>
To: Paul Moore <paul@paul-moore.com>
Cc: Yafang Shao <laoar.shao@gmail.com>, linux-hardening@vger.kernel.org
Subject: Re: Fwd: [linux-next:master 4380/4439] include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter)
Date: Thu, 17 Oct 2024 11:00:11 -0700 [thread overview]
Message-ID: <202410171059.C2C395030@keescook> (raw)
In-Reply-To: <202410170946.C3D7594@keescook>
On Thu, Oct 17, 2024 at 09:48:18AM -0700, Kees Cook wrote:
> On Thu, Oct 17, 2024 at 09:23:25AM -0700, Kees Cook wrote:
> > On Thu, Oct 17, 2024 at 09:07:13AM -0700, Kees Cook wrote:
> > > Something in the .config is causing the error. (!?) I will start a
> > > CONFIG bisect...
> >
> > Well, I did a code bisect first, and it reported this which makes _no_
> > sense:
> > 8afd8c8faa24 ("lsm: remove lsm_prop scaffolding")
> >
> > O_o
>
> Looks like a GCC inlining bug. If I query the size of the destination
> buffer before calling strscpy the warning magically vanishes. :|
>
> Lovely. I will see if I can construct a work-around.
I am extremely bothered that this fixes it:
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index bc052b4b5a1d..891f4294361d 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2728,8 +2728,8 @@ void __audit_ptrace(struct task_struct *t)
context->target_auid = audit_get_loginuid(t);
context->target_uid = task_uid(t);
context->target_sessionid = audit_get_sessionid(t);
- security_task_getlsmprop_obj(t, &context->target_ref);
strscpy(context->target_comm, t->comm);
+ security_task_getlsmprop_obj(t, &context->target_ref);
}
/**
@@ -2755,8 +2755,8 @@ int audit_signal_info_syscall(struct task_struct *t)
ctx->target_auid = audit_get_loginuid(t);
ctx->target_uid = t_uid;
ctx->target_sessionid = audit_get_sessionid(t);
- security_task_getlsmprop_obj(t, &ctx->target_ref);
strscpy(ctx->target_comm, t->comm);
+ security_task_getlsmprop_obj(t, &ctx->target_ref);
return 0;
}
I will continue trying to figure out why GCC is getting confused here,
but in the meantime, perhaps this is a viable workaround?
--
Kees Cook
next prev parent reply other threads:[~2024-10-17 18:00 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-17 6:28 [linux-next:master 4380/4439] include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) kernel test robot
2024-10-17 14:48 ` Fwd: " Paul Moore
2024-10-17 16:07 ` Kees Cook
2024-10-17 16:23 ` Kees Cook
2024-10-17 16:48 ` Kees Cook
2024-10-17 18:00 ` Kees Cook [this message]
2024-10-21 3:48 ` Yafang Shao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202410171059.C2C395030@keescook \
--to=kees@kernel.org \
--cc=laoar.shao@gmail.com \
--cc=linux-hardening@vger.kernel.org \
--cc=paul@paul-moore.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.