From: Arnd Bergmann <arnd@kernel.org>
To: Kees Cook <kees@kernel.org>,
Alexander Potapenko <glider@google.com>,
Andrew Morton <akpm@linux-foundation.org>
Cc: Arnd Bergmann <arnd@arndb.de>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
David Laight <david.laight.linux@gmail.com>,
linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH] KMSAN: fix memset() when using fortify-source, again
Date: Thu, 18 Jun 2026 16:29:43 +0200 [thread overview]
Message-ID: <20260618142951.1739694-1-arnd@kernel.org> (raw)
From: Arnd Bergmann <arnd@arndb.de>
Both kmsan and fortify-source replace the memset function. When both
are enabled at the same time, the kmsan version gets used, which triggers
a warning about fortify-source being nonfunctional:
warning: unsafe memset() usage lacked '__write_overflow' symbol in /home/arnd/arm-soc/lib/test_fortify/write_overflow-memset.c
warning: unsafe memset() usage lacked '__write_overflow_field' symbol in /home/arnd/arm-soc/lib/test_fortify/write_overflow_field-memset.c
Commit 78a498c3a227 already tried to address this, but this seems
to only have worked for memcpy() and memmove() but not memset(),
which is still lacking the macro definition when KMSAN is enabled.
Remove the incorrect #ifndef check around the memset() macro.
Fixes: ff901d80fff6 ("x86: kmsan: use __msan_ string functions where possible.")
Fixes: 78a498c3a227 ("x86: fortify: kmsan: fix KMSAN fortify builds")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
The patch passes randconfig builds on x86/arm/arm64/s390 for me,
but please double-check all the corner cases, as it's still
possible that the #ifndef is required to work around a runtime
issue that I did not test.
---
include/linux/fortify-string.h | 2 --
1 file changed, 2 deletions(-)
diff --git a/include/linux/fortify-string.h b/include/linux/fortify-string.h
index 5541c75ab852..5eddaefc61bd 100644
--- a/include/linux/fortify-string.h
+++ b/include/linux/fortify-string.h
@@ -506,10 +506,8 @@ __FORTIFY_INLINE bool fortify_memset_chk(__kernel_size_t size,
* __struct_size() vs __member_size() must be captured here to avoid
* evaluating argument side-effects further into the macro layers.
*/
-#ifndef CONFIG_KMSAN
#define memset(p, c, s) __fortify_memset_chk(p, c, s, \
__struct_size(p), __member_size(p))
-#endif
/*
* To make sure the compiler can enforce protection against buffer overflows,
--
2.39.5
reply other threads:[~2026-06-18 14:29 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260618142951.1739694-1-arnd@kernel.org \
--to=arnd@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=david.laight.linux@gmail.com \
--cc=glider@google.com \
--cc=gustavoars@kernel.org \
--cc=kees@kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.