Received: by 10.223.185.111 with SMTP id b44csp1510629wrg; Sat, 10 Mar 2018 07:28:31 -0800 (PST) X-Google-Smtp-Source: AG47ELsVuVLGjKbmheWWiIJOKkk7Dy0OYsug6tMFaLA3bLdpuCXAvux8wYL6gZvfyrW1bJRft3o6 X-Received: by 10.101.72.198 with SMTP id o6mr1866917pgs.279.1520695711802; Sat, 10 Mar 2018 07:28:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520695711; cv=none; d=google.com; s=arc-20160816; b=VOY+hoyx+kLhulCDklhCXg/Kcwr8tKBDKCY5ZXeLyQm1i+uwjzgH6rxvs9UQePeGkL iQhkxnD3rf8OINlxbWJhftvThcTU20JFITOamoho3TEFw44maZWHqVakGzNYuN9DVhJf 89D0tQYeKocaHE4n4wF+sGM4iPj0QoWgTpvg91X0/jeJEsNHsrjaNj0KAO7nEEjUO9ER XBkazRZropq7TIJ7HnG72wo8ZvPes/9hAdM7asYnhXzaNCzSj8ek95LTxoWR2n4r9N4h t1WbBCM+5wh/1IFSeTOlLpv709RSm3fZJR8zeXO4CEi224xTmaPUlqEpOVjEAztVS0Wk uCug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:references:in-reply-to:mime-version :dkim-signature:dkim-signature:arc-authentication-results; bh=8rKF7AHpwKbsGKwkgmxtptGn2a2iuOf7Uw9xDM0ldlY=; b=uoEY0e4WWHyBMzHYJwMJO06j5r2Irv3LgPR+mijp99yWcIMkbK4Rfnd4EHLuODcjBN exM2tPUpPnQvm4ROCWlnjx1TQm9L0ptbl/ZPB+9yIGJ5JOG91ykKxmBynBrXpnl4STvZ EwkIaBE7+nGtt+TR9ka0I5cuF+att5CRV7APxl3JTB0X/53pPOPYeA6ANukjsVx+xtre bLA7spmUc3AMKeRPoEIdZKJBioiom2BiD0xR/V3o7qSsdqYX2z95pRk1+tvXdHMJ0py3 9XyycjwFbu6E3bHv+UZnFGP9/2oCSI5sXRYQ0/KCbfTxU+ZPgJJvvWP10e+5SmE+7/DW MQMQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=cqIU67Bv; dkim=fail header.i=@chromium.org header.s=google header.b=A5lGB+an; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n10si2444936pge.342.2018.03.10.07.28.17; Sat, 10 Mar 2018 07:28:31 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=cqIU67Bv; dkim=fail header.i=@chromium.org header.s=google header.b=A5lGB+an; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932303AbeCJP1Y (ORCPT + 99 others); Sat, 10 Mar 2018 10:27:24 -0500 Received: from mail-vk0-f68.google.com ([209.85.213.68]:44535 "EHLO mail-vk0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932127AbeCJP1X (ORCPT ); Sat, 10 Mar 2018 10:27:23 -0500 Received: by mail-vk0-f68.google.com with SMTP id t126so3859600vkb.11 for ; Sat, 10 Mar 2018 07:27:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=8rKF7AHpwKbsGKwkgmxtptGn2a2iuOf7Uw9xDM0ldlY=; b=cqIU67Bvkckp2CDx0Qm9AgApe9N6HoOSIt7Oew9JtD0XsnApSbL/akc8fuUqmJmbwh hMlEnQuWetQ3dAQtduo03X71A72ETT/ZOYkSc5fKk4Z/zWnqMJilHVFCfP0VOXL6B0Kd o64n8bqdORRIQYisqg1Z+yMBEyxsvp961QcxsU9lvEf7bho2PL02Qkf38/Gp1RS0Er85 z5xlUDcGRnihXrJlwjQe0QmXbZ0JR0mmq293X6HYPMuOGxVbaKRNIfgutfMXcp1888Z0 MLhak+s/2MG6ffsZDK3/J4lUVpCBPcoKvEV2Dz6yC67xqI50j8snzfgjBtF1vdnUEddy r6pw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=8rKF7AHpwKbsGKwkgmxtptGn2a2iuOf7Uw9xDM0ldlY=; b=A5lGB+anD0BTGGOo8uH9iAPViRHP5rnNR3O0swb2Wo1oEaOHKID8AXBPgDJ9cvb8TT nUhlsnJ+AF3xbElhE471BzMiujpINNPDCyI35Gw2xbWXJ5i543M/auMc4SK5rx31Vz4R S8GX1vV3lLYLeIGuhGqJKHlXdjeJdDRITY41A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-transfer-encoding; bh=8rKF7AHpwKbsGKwkgmxtptGn2a2iuOf7Uw9xDM0ldlY=; b=GqBUfuhz8w9jfCJcz3tl7ohdHBNyDwHKFPIm9W1K8Tx9eI6CIe49vg7Eom1YIx/3yK I67Mhb/cOa4IXG5SO9HE9yXs6kHwi/rfMmofsIUoA84qH+HzuqU2hX5RLO+cRTYzYEKZ 7a2JbbXUz0LdBzMjIzAQfE5TB9hfhV5ytb5Pv/i1aDqMNL9/leXpGH+Vs4y5sXelgy9c Ah+y2s+IgdV/RoTrfM1bVFnXUWxITPrRw/gB9/SzMVVQI2zzEvw/BfZftH064+6pHvyg 4mr8xDHcz2mPl4dZrdDCRwyP01M0BZKw14X7DNv+ChqqMS82eSeGPmr++7brAHwAAbrJ ol8w== X-Gm-Message-State: AElRT7FKXmGG+fEjsNx3GRD+ofsqZIZ7zIUay4HPpgGm6k+LVBNyN0WP T7V1MEGp2oFHiS7OkVTTg2N1PrQdyWCTvlvmrQ0pv/RL X-Received: by 10.31.152.83 with SMTP id a80mr1472552vke.96.1520695642265; Sat, 10 Mar 2018 07:27:22 -0800 (PST) MIME-Version: 1.0 Received: by 10.31.242.140 with HTTP; Sat, 10 Mar 2018 07:27:21 -0800 (PST) In-Reply-To: <20180310064059.12720-1-jmoreira@suse.de> References: <20180310064059.12720-1-jmoreira@suse.de> From: Kees Cook Date: Sat, 10 Mar 2018 07:27:21 -0800 X-Google-Sender-Auth: sSomdqVV1X1v6dzI0KbaMJRsKWg Message-ID: Subject: Re: [PATCH] vgacon: fix function prototypes To: Joao Moreira , Greg KH Cc: Kernel Hardening , LKML , Daniel Micay Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 9, 2018 at 10:40 PM, Joao Moreira wrote: > It is possible to indirectly invoke functions with prototypes that do not > match those of the respectively used function pointers by using void type= s. > Despite widely used as a feature for relaxing function invocation, this > should be avoided when possible as it may prevent the use of heuristics > such as prototype matching-based Control-Flow Integrity, which can be use= d > to prevent ROP-based attacks. > > Given the above, the current efforts to improve the Linux security, and t= he > upcoming kernel support to compilers with CFI features, fix prototypes in > vgacon console driver. > > Another similar fix can be seen in [1]. > > [1] https://android-review.googlesource.com/c/kernel/common/+/602010 > > Signed-off-by: Jo=C3=A3o Moreira Whoops, I missed this one. :) Thanks! Greg, do you need this resent directly to you? Acked-by: Kees Cook -Kees > --- > drivers/video/console/vgacon.c | 18 +++++++++++++----- > 1 file changed, 13 insertions(+), 5 deletions(-) > > diff --git a/drivers/video/console/vgacon.c b/drivers/video/console/vgaco= n.c > index a17ba1465815..f00b630f6839 100644 > --- a/drivers/video/console/vgacon.c > +++ b/drivers/video/console/vgacon.c > @@ -1407,21 +1407,29 @@ static bool vgacon_scroll(struct vc_data *c, unsi= gned int t, unsigned int b, > * The console `switch' structure for the VGA based console > */ > > -static int vgacon_dummy(struct vc_data *c) > +static int vgacon_clear(struct vc_data *c) > { > return 0; > } > > -#define DUMMY (void *) vgacon_dummy > +static void vgacon_putc(struct vc_data *c, int a, int b, int d) > +{ > + return; > +} > + > +static void vgacon_putcs(struct vc_data *c, ushort *s, int a, int b, int= d) > +{ > + return; > +} > > const struct consw vga_con =3D { > .owner =3D THIS_MODULE, > .con_startup =3D vgacon_startup, > .con_init =3D vgacon_init, > .con_deinit =3D vgacon_deinit, > - .con_clear =3D DUMMY, > - .con_putc =3D DUMMY, > - .con_putcs =3D DUMMY, > + .con_clear =3D vgacon_clear, > + .con_putc =3D vgacon_putc, > + .con_putcs =3D vgacon_putcs, > .con_cursor =3D vgacon_cursor, > .con_scroll =3D vgacon_scroll, > .con_switch =3D vgacon_switch, > -- > 2.13.6 > --=20 Kees Cook Pixel Security