lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CABVgOSkx0xNkyva3UtmxVQM=rZyoRNDiytpzCkNG8era+mXMnA@mail.gmail.com>
Date:   Thu, 10 Feb 2022 09:37:25 +0800
From:   David Gow <davidgow@...gle.com>
To:     Kees Cook <keescook@...omium.org>
Cc:     Jeff Dike <jdike@...toit.com>, Richard Weinberger <richard@....at>,
        Anton Ivanov <anton.ivanov@...bridgegreys.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "open list:KERNEL SELFTEST FRAMEWORK" 
        <linux-kselftest@...r.kernel.org>,
        KUnit Development <kunit-dev@...glegroups.com>,
        linux-um <linux-um@...ts.infradead.org>,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH] um: Enable FORTIFY_SOURCE

On Thu, Feb 10, 2022 at 8:32 AM Kees Cook <keescook@...omium.org> wrote:
>
> Enable FORTIFY_SOURCE so running Kunit tests can test fortified
> functions.
>
> Signed-off-by: Kees Cook <keescook@...omium.org>
> ---

Thanks -- I was successfully able to run KUnit tests with
FORTIFY_SOURCE with this, and added some errors which it caught.

It might be worth noting that FORTIFY_SOURCE isn't enabled by default
under KUnit with this patch, though it's possible to use it with
./tools/testing/kunit/kunit.py run --kconfig_add CONFIG_FORTIFY_SOURCE=y

Tested-by: David Gow <davidgow@...gle.com>

Cheers,
-- David

>  arch/um/Kconfig              | 1 +
>  arch/um/os-Linux/user_syms.c | 1 +
>  2 files changed, 2 insertions(+)
>
> diff --git a/arch/um/Kconfig b/arch/um/Kconfig
> index 4d398b80aea8..746e661395d7 100644
> --- a/arch/um/Kconfig
> +++ b/arch/um/Kconfig
> @@ -9,6 +9,7 @@ config UML
>         select ARCH_HAS_KCOV
>         select ARCH_HAS_STRNCPY_FROM_USER
>         select ARCH_HAS_STRNLEN_USER
> +       select ARCH_HAS_FORTIFY_SOURCE
>         select ARCH_NO_PREEMPT
>         select HAVE_ARCH_AUDITSYSCALL
>         select HAVE_ARCH_SECCOMP_FILTER
> diff --git a/arch/um/os-Linux/user_syms.c b/arch/um/os-Linux/user_syms.c
> index 715594fe5719..d9845b5219ce 100644
> --- a/arch/um/os-Linux/user_syms.c
> +++ b/arch/um/os-Linux/user_syms.c
> @@ -1,4 +1,5 @@
>  // SPDX-License-Identifier: GPL-2.0
> +#define __NO_FORTIFY
>  #include <linux/types.h>
>  #include <linux/module.h>
>
> --
> 2.30.2
>

Download attachment "smime.p7s" of type "application/pkcs7-signature" (4003 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ