Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp5018205imd; Tue, 30 Oct 2018 10:41:16 -0700 (PDT) X-Google-Smtp-Source: AJdET5dkpmqwqC2WJH2xzshWaUSaSPt9lepSTR/0Iz+7Miz/gPruGzTx9rK7Z6nLAGTiyJoUC0+A X-Received: by 2002:a17:902:2cc1:: with SMTP id n59-v6mr19132783plb.144.1540921276390; Tue, 30 Oct 2018 10:41:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540921276; cv=none; d=google.com; s=arc-20160816; b=t+LgZQp5mY93EgevkdBA9EAlrGhnfNQK6FvLFXCUgZFmQdiLxx9frVpXA/zhr4gBKk QqZUAf4rNbsm54Jy7u3Et+S6QCe8cZLN5UKJkS+lZPXiFiMow41Nx1SY9Q2mGmu082eb W/etaMUIXoO777w7jygQ6NL+Ontv9WC3FqWdVZRJF765eXl2Az0WK5MyxWxS6ZbuBfb7 59Z9VGv97X6nyHZed4ermQ2RDRWHm7ACKabqB9umc70q6Jp+c5n4ZQU2ze1qh46LLRUZ S60ZwM5SqasxdPe0xhKHdteUQOIqtxaU/JSOFzQ7UDsRLOwKblQq8iVdN1R6IMfzp1KY 9tpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=ORpDs4XqRmTrTL9drfTw03Lr0ctataDDKdx/z7+G4Wk=; b=paNW2pl+iGlE9UPDFdhSRrc3ifefL+uWESgbH1XL33Vj4L2jBDpUYzVDoPu2X57x6a S9LAeA+pw7X7ogdfwaUvkhoBoRaXuQNUXWxBJfISyRaL+5wdb8dUDGiumbhR1GZCgyL0 QdawJXvcCtcxzOKS5WGl+ZkW15T6KErNQ3UpiaxI1ClSnQorz9orr1jJiVASoTv0Rua7 /UpOhoOHdL1Fe0jIRjaNXbglSJcZHj062zYOqJJtzCUbJcBeniGxAZqIqfZutHxbhIA7 bNaWjL+y5nJ0racJSctgbM+0IEDCe+DRF4TdxgraTt1DHD3TZx+bTIHKiuH/OG5Re6iM ZQ5g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v33-v6si22764147pga.450.2018.10.30.10.40.58; Tue, 30 Oct 2018 10:41:16 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727880AbeJaCew (ORCPT + 99 others); Tue, 30 Oct 2018 22:34:52 -0400 Received: from mx1.redhat.com ([209.132.183.28]:58794 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727621AbeJaCew (ORCPT ); Tue, 30 Oct 2018 22:34:52 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DDFD6307D96B; Tue, 30 Oct 2018 17:40:27 +0000 (UTC) Received: from [10.13.129.51] (dhcp129-51.rdu.redhat.com [10.13.129.51]) by smtp.corp.redhat.com (Postfix) with ESMTP id 79366177A9; Tue, 30 Oct 2018 17:40:27 +0000 (UTC) Subject: Re: [PATCH] ARM: kprobes: Fix false positive with FORTIFY_SOURCE To: Kees Cook , Russell King Cc: Laura Abbott , linux-kernel@vger.kernel.org, Masami Hiramatsu , linux-arm-kernel@lists.infradead.org References: <20181022093023.GA8920@beast> From: William Cohen Message-ID: Date: Tue, 30 Oct 2018 13:40:27 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1 MIME-Version: 1.0 In-Reply-To: <20181022093023.GA8920@beast> Content-Type: text/plain; charset=utf-8 Content-Language: en-MW Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]); Tue, 30 Oct 2018 17:40:28 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 10/22/18 5:30 AM, Kees Cook wrote: > The arm compiler internally interprets an inline assembly label > as an unsigned long value, not a pointer. As a result, under > CONFIG_FORTIFY_SOURCE, the size of the array pointed to by an address > of a label is 4 bytes, which was tripping the runtime checks. Instead, > we can just cast the label (as done with the size calculations earlier) > to avoid the problem. > > Reported-by: William Cohen > Fixes: 6974f0c4555e ("include/linux/string.h: add the option of fortified string.h functions") > Cc: stable@vger.kernel.org > Signed-off-by: Kees Cook > --- > arch/arm/probes/kprobes/opt-arm.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/arm/probes/kprobes/opt-arm.c b/arch/arm/probes/kprobes/opt-arm.c > index b2aa9b32bff2..2c118a6ab358 100644 > --- a/arch/arm/probes/kprobes/opt-arm.c > +++ b/arch/arm/probes/kprobes/opt-arm.c > @@ -247,7 +247,7 @@ int arch_prepare_optimized_kprobe(struct optimized_kprobe *op, struct kprobe *or > } > > /* Copy arch-dep-instance from template. */ > - memcpy(code, &optprobe_template_entry, > + memcpy(code, (unsigned char *)optprobe_template_entry, > TMPL_END_IDX * sizeof(kprobe_opcode_t)); > > /* Adjust buffer according to instruction. */ > The patch fixes the issue for kretprobes. It looks good to me. Thanks, -Will