Date: Mon, 22 May 2017 11:32:32 +1000 From: Daniel Axtens <dja@...ens.net> To: kernel-hardening@...ts.openwall.com, linuxppc-dev@...ts.ozlabs.org Cc: Daniel Axtens <dja@...ens.net>, Kees Cook <keescook@...omium.org>, Daniel Micay <danielmicay@...il.com> Subject: [PATCH 1/2] powerpc: Don't fortify prom_init prom_init is a bit special; in theory it should be able to be linked separately to the kernel. To keep this from getting too complex, the symbols that prom_init.c uses are checked. Fortification adds symbols, and it gets quite messy as it includes things like panic(). So just don't fortify prom_init.c for now. Cc: Kees Cook <keescook@...omium.org> Cc: Daniel Micay <danielmicay@...il.com> Signed-off-by: Daniel Axtens <dja@...ens.net> --- This will need to go in before the main fortify support, but it doesn't make any sense in the absence of fortify. I think it would make most sense for Kees to queue this up with the main fortify patch, with an Ack from mpe? --- arch/powerpc/kernel/prom_init.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/powerpc/kernel/prom_init.c b/arch/powerpc/kernel/prom_init.c index dd8a04f3053a..613f79f03877 100644 --- a/arch/powerpc/kernel/prom_init.c +++ b/arch/powerpc/kernel/prom_init.c @@ -15,6 +15,9 @@ #undef DEBUG_PROM +/* we cannot use FORTIFY as it brings in new symbols */ +#define __NO_FORTIFY + #include <stdarg.h> #include <linux/kernel.h> #include <linux/string.h> -- 2.11.0
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.