From: Petr Vandrovec <vandrove@vc.cvut.cz>
To: arjan@pentafluge.infradead.org
Cc: linux-kernel@vger.kernel.org, akpm@osdl.org
Subject: Re: Add "FORTIFY_SOURCE" to the linux kernel
Date: Wed, 25 May 2005 16:18:06 +0200 [thread overview]
Message-ID: <4294891E.4070702@vc.cvut.cz> (raw)
In-Reply-To: <20050525084332.GA16865@pentafluge.infradead.org>
arjan@pentafluge.infradead.org wrote:
> diff -purN linux-2.6.12-rc5/include/asm-ppc/uaccess.h linux-fortify/include/asm-ppc/uaccess.h
> --- linux-2.6.12-rc5/include/asm-ppc/uaccess.h 2005-05-25 10:10:45.000000000 +0200
> +++ linux-fortify/include/asm-ppc/uaccess.h 2005-05-25 10:23:00.000000000 +0200
> @@ -330,8 +330,18 @@ copy_to_user(void __user *to, const void
> return n;
> }
>
> +extern void __chk_fail(void);
> +
> static inline unsigned long __copy_from_user(void *to, const void __user *from, unsigned long size)
> {
> +#ifdef CONFIG_FORTIFY_SOURCE
> + /*
> + * if we know the size of "to" then we can validate that we don't overrun the buffer.
> + * note that if __nbytes is known at compiletime this check is nicely optimized out
> + */
> + if (__bos0 (to) != (size_t) -1 && size > __bos0 (to))
> + __chk_fail();
> +#endif
> return __copy_tofrom_user((__force void __user *)to, from, size);
> }
>
> +EXPORT_SYMBOL_GPL(__chk_fail);
Hello,
how is this going to comply with rule that no existing symbols will be turned
into GPLONLY symbols, as stated by Linus couple of time, and mentioned for example
at http://www.tux.org/lkml/#s1-19 ? To me it looks that no non-GPL module can work
on such kernel anymore, as memcpy/strcpy/... functions now, although themselves non-GPL
accessible (but inline...), depend on GPLONLY symbols. Can you explain this to
me?
And if you think that it is right thing to do, would not it be simpler for
everybody changing module loader so it just refuses to load non-GPL modules ?
Final functionality would be same in both cases...
Thanks,
Petr Vandrovec
next prev parent reply other threads:[~2005-05-25 14:17 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-05-25 8:43 Add "FORTIFY_SOURCE" to the linux kernel arjan
2005-05-25 14:18 ` Petr Vandrovec [this message]
2005-05-25 14:47 ` Arjan van de Ven
2005-05-25 15:40 ` Roman Zippel
2005-05-25 15:56 ` Arjan van de Ven
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4294891E.4070702@vc.cvut.cz \
--to=vandrove@vc.cvut.cz \
--cc=akpm@osdl.org \
--cc=arjan@pentafluge.infradead.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox