linux/arch/powerpc
Daniel Axtens c69a48cdb3 powerpc: make feature-fixup tests fortify-safe
Testing the fortified string functions[1] would cause a kernel panic on
boot in test_feature_fixups() due to a buffer overflow in memcmp.

This boils down to things like this:

  extern unsigned int ftr_fixup_test1;
  extern unsigned int ftr_fixup_test1_orig;

  check(memcmp(&ftr_fixup_test1, &ftr_fixup_test1_orig, size) == 0);

We know that these are asm labels so it is safe to read up to 'size'
bytes at those addresses.

However, because we have passed the address of a single unsigned int to
memcmp, the compiler believes the underlying object is in fact a single
unsigned int.  So if size > sizeof(unsigned int), there will be a panic
at runtime.

We can fix this by changing the types: instead of calling the asm labels
unsigned ints, call them unsigned int[]s.  Therefore the size isn't
incorrectly determined at compile time and we get a regular unsafe
memcmp and no panic.

[1] http://openwall.com/lists/kernel-hardening/2017/05/09/2

Link: http://lkml.kernel.org/r/1497903987-21002-7-git-send-email-keescook@chromium.org
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
Suggested-by: Michael Ellerman <mpe@ellerman.id.au>
Tested-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Reviewed-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Daniel Micay <danielmicay@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-07-12 16:26:03 -07:00
..
boot powerpc updates for 4.13 2017-07-07 13:55:45 -07:00
configs powerpc/44x/fsp2: Add defconfig for FSP2 board 2017-05-30 14:59:51 +10:00
crypto Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2017-05-02 15:53:46 -07:00
include powerpc/64s: implement arch-specific hardlockup watchdog 2017-07-12 16:26:02 -07:00
kernel powerpc: don't fortify prom_init 2017-07-12 16:26:03 -07:00
kvm powerpc updates for 4.13 2017-07-07 13:55:45 -07:00
lib powerpc: make feature-fixup tests fortify-safe 2017-07-12 16:26:03 -07:00
math-emu Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
mm powerpc updates for 4.13 2017-07-07 13:55:45 -07:00
net bpf: Add jited_len to struct bpf_prog 2017-06-06 15:41:24 -04:00
oprofile ktime: Cleanup ktime_set() usage 2016-12-25 17:21:22 +01:00
perf Merge branch 'fixes' into next 2017-07-03 23:05:43 +10:00
platforms powerpc updates for 4.13 2017-07-07 13:55:45 -07:00
purgatory kexec, x86/purgatory: Unbreak it and clean it up 2017-03-10 20:55:09 +01:00
sysdev powerpc updates for 4.13 2017-07-07 13:55:45 -07:00
tools powerpc/64: Tool to check head sections location sanity 2017-05-30 14:59:51 +10:00
xmon powerpc/xmon: Add patch_instruction() support for xmon 2017-07-03 23:12:19 +10:00
Kconfig powerpc/64s: implement arch-specific hardlockup watchdog 2017-07-12 16:26:02 -07:00
Kconfig.debug powerpc/xmon: Enable disassembly files (compilation changes) 2017-02-15 20:02:42 +11:00
Makefile powerpc: Link warning for orphan sections 2017-05-30 14:59:51 +10:00
Makefile.postlink powerpc/64: Tool to check head sections location sanity 2017-05-30 14:59:51 +10:00