Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 22 May 2017 11:32:32 +1000
From: Daniel Axtens <>
Cc: Daniel Axtens <>,
	Kees Cook <>,
	Daniel Micay <>
Subject: [PATCH 1/2] powerpc: Don't fortify prom_init

prom_init is a bit special; in theory it should be able to be
linked separately to the kernel. To keep this from getting too
complex, the symbols that prom_init.c uses are checked.

Fortification adds symbols, and it gets quite messy as it includes
things like panic(). So just don't fortify prom_init.c for now.

Cc: Kees Cook <>
Cc: Daniel Micay <>
Signed-off-by: Daniel Axtens <>


This will need to go in before the main fortify support, but it
doesn't make any sense in the absence of fortify. I think it would
make most sense for Kees to queue this up with the main fortify patch,
with an Ack from mpe?

 arch/powerpc/kernel/prom_init.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/powerpc/kernel/prom_init.c b/arch/powerpc/kernel/prom_init.c
index dd8a04f3053a..613f79f03877 100644
--- a/arch/powerpc/kernel/prom_init.c
+++ b/arch/powerpc/kernel/prom_init.c
@@ -15,6 +15,9 @@
 #undef DEBUG_PROM
+/* we cannot use FORTIFY as it brings in new symbols */
+#define __NO_FORTIFY
 #include <stdarg.h>
 #include <linux/kernel.h>
 #include <linux/string.h>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.