Received: by 10.223.185.116 with SMTP id b49csp2594001wrg;
        Mon, 5 Mar 2018 05:44:15 -0800 (PST)
X-Google-Smtp-Source: AG47ELvsiTJKwzhkTlFrK1AKVKW3JruJlB4kGEp+cEvfiIIRzlwhErPFoNSWsNL+XIIyYXIZSN98
X-Received: by 2002:a17:902:c03:: with SMTP id 3-v6mr13089376pls.407.1520257455409;
        Mon, 05 Mar 2018 05:44:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1520257455; cv=none;
        d=google.com; s=arc-20160816;
        b=kqJqAMkTklaVBMGQdJwe+TcisJAFDdPIStsbEjXs4F0BlNFJnBLpkYSz241LHiESqu
         OxGpQYjwkpgIoj8twEWYomsR07vnDJqgZjJzOfdnixbbQcAPPNOdiORCPS9VWHf2ORf4
         zL+1Ri7mKu+6JflfqsqZYyh5eDrjsmztNjCLvGOJ6MEf04IGlNJ3tXaIctrjEGMA+3U+
         A+3CR6X9dVb+pR9ObMk/4UOocJvXqSyM43hQ3+oIzQeBltaMhBcjRkdqqhRQw9DW+uee
         CLVabR9dDbbvpI1vNl5g3wPuqPZGvF2bMK8FOQf6dw7pK1ChVwN6HfrfW/RDPKjlikcV
         DqYQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:content-disposition
         :mime-version:message-id:subject:cc:to:from:date:dkim-signature
         :arc-authentication-results;
        bh=VS5Cvod2yup69YZ8TkrWuwx4G0+ROdocQ7MzaK//5/M=;
        b=dOss5FiWEIn0+MHLMXq0vwXHyQZjqzfx+mQx+LmFZe0yNLJzV1VTESyk6/b4TeCso5
         kSAYveocf915YCbmONuPIGh/6cRifxAlqy4DUVn+5KE9vos3kP4TjoFacUXsucyD8ogB
         B9vj+N0KB7kd8c0/U/Fb2rdTtEy9WhnFAARWWl8DWzSf1XCK0wee2Ba+FFJhb5r/PWgl
         9QO41R7aeX0JZmvLIGvjxpjP54+7bU5NGsws0Xcj+jbbwROcRDKcfcNeTtrblR/ESQ3D
         5zZvEvzbdebeV+OqD35HIoibMOen2vkSCKQW+EuHDu/1BMKb/wGZcq/tJf3OE1nQ9NUO
         1KGQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=Mqnedi5d;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id ay2-v6si9212805plb.749.2018.03.05.05.44.00;
        Mon, 05 Mar 2018 05:44:15 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=Mqnedi5d;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S933971AbeCELSc (ORCPT <rfc822;testajctc@gmail.com> + 99 others);
        Mon, 5 Mar 2018 06:18:32 -0500
Received: from mail-pf0-f195.google.com ([209.85.192.195]:41447 "EHLO
        mail-pf0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S933027AbeCELSb (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 5 Mar 2018 06:18:31 -0500
Received: by mail-pf0-f195.google.com with SMTP id f80so7046172pfa.8
        for <linux-kernel@vger.kernel.org>; Mon, 05 Mar 2018 03:18:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:cc:subject:message-id:mime-version:content-disposition
         :user-agent;
        bh=VS5Cvod2yup69YZ8TkrWuwx4G0+ROdocQ7MzaK//5/M=;
        b=Mqnedi5d74w3vhGLwtVkaHVaPV/rizriFgnHONg7l1EItxWeXUxHF0TwGrqg7uqQA0
         KWRMe2OrhxxBIiKwnh/rZbysLhht4Gi73NzQwhJVJY9OuDHqN64eBHWN2NQtImwJMwuU
         TYMUzl8v65LH00zlBCqBrzrFUu7VKPM1ZGuY0ta32k8hwcRl5RmX3UUNZv4/i+zMasSp
         pMV8A90aZVAzZnOZ8NVZyKNHm2Xum3JUaDKrFyXZKo4qFIK5disUhyUtakM1rUQoqg8m
         7aTXgyHVeKCj6STcKu+kYQYdnXp1ztc2kuxTgrTSW2XjMToeT0s/K7IY0WLmFsJkot3u
         1cSw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version
         :content-disposition:user-agent;
        bh=VS5Cvod2yup69YZ8TkrWuwx4G0+ROdocQ7MzaK//5/M=;
        b=gWiglC7TIS8laCJZykIAFuFIBOoA0GIO6cbLa35SqTToIW87a7mFpYW1EDUafl42et
         QItzQd4IkxXWeyXm9z8KLPRCulaX6KCxU2QmtQRrv0/rEsfnToB0SDzLcUauOow3B7d5
         DZXNTvUAEc89jeVif0wvxzmaM9qkXpAtJKAyMaObbHSQCmgSN2so6VPIfSZIERa1X4QX
         66EPiwO3xR9gfv9Dr10zhnIzZcbr16CEC2zxLUkfPMJHBovmHzhAUMyt+g0fD5V3xQIE
         GqCj+CXqVwFcFncFavkJK1ZokboNnNm5kFh29vO6dhiaZ6pYXe5pxKP1Q6p+9Vq5m3Dk
         ZZbw==
X-Gm-Message-State: APf1xPAnC1V27MXXNTl/vvnwjJ2gdIVGVZawbtL6hcYWFCZjnd3bcecU
        iiqcXLTLxvXFhFR/1ddJN0A=
X-Received: by 10.99.179.77 with SMTP id x13mr11042502pgt.148.1520248711052;
        Mon, 05 Mar 2018 03:18:31 -0800 (PST)
Received: from pjb1027-Latitude-E5410 ([58.227.15.43])
        by smtp.gmail.com with ESMTPSA id i12sm363103pgr.9.2018.03.05.03.18.27
        (version=TLS1_2 cipher=AES128-SHA bits=128/128);
        Mon, 05 Mar 2018 03:18:30 -0800 (PST)
Date:   Mon, 5 Mar 2018 20:18:24 +0900
From:   Jinbum Park <jinb.park7@gmail.com>
To:     linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        kernel-hardening@lists.openwall.com
Cc:     gregkh@linuxfoundation.org, tglx@linutronix.de,
        kstewart@linuxfoundation.org, luto@amacapital.net,
        dsafonov@virtuozzo.com, keescook@chromium.org, will.deacon@arm.com,
        mark.rutland@arm.com, danielmicay@gmail.com, arnd@arndb.de,
        catalin.marinas@arm.com
Subject: [PATCH v2 2/2] arm: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE
Message-ID: <20180305111824.GA4216@pjb1027-Latitude-E5410>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

CONFIG_FORTIFY_SOURCE detects various overflows at compile-time.
(6974f0c4555e ("include/linux/string.h:
add the option of fortified string.h functions)

ARCH_HAS_FORTIFY_SOURCE means that the architecture can be built and
run with CONFIG_FORTIFY_SOURCE.

Since ARM can be built and run with that flag like other architectures,
select ARCH_HAS_FORTIFY_SOURCE as default.

Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jinbum Park <jinb.park7@gmail.com>
---
v2: Add fortify_panic() in arch/arm/boot/compressed/misc.c,
    Because there will be a build error if without that function.
---
 arch/arm/Kconfig                | 1 +
 arch/arm/boot/compressed/misc.c | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 7e3d535..3765336 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -7,6 +7,7 @@ config ARM
 	select ARCH_HAS_DEBUG_VIRTUAL if MMU
 	select ARCH_HAS_DEVMEM_IS_ALLOWED
 	select ARCH_HAS_ELF_RANDOMIZE
+	select ARCH_HAS_FORTIFY_SOURCE
 	select ARCH_HAS_SET_MEMORY
 	select ARCH_HAS_PHYS_TO_DMA
 	select ARCH_HAS_STRICT_KERNEL_RWX if MMU && !XIP_KERNEL
diff --git a/arch/arm/boot/compressed/misc.c b/arch/arm/boot/compressed/misc.c
index 16a8a80..4a247ac 100644
--- a/arch/arm/boot/compressed/misc.c
+++ b/arch/arm/boot/compressed/misc.c
@@ -167,3 +167,8 @@ void __stack_chk_fail(void)
 	else
 		putstr(" done, booting the kernel.\n");
 }
+
+void fortify_panic(const char *name)
+{
+	error("detected buffer overflow");
+}
-- 
1.9.1