Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'hardening-v6.13-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull hardening fix from Kees Cook:
"Silence a GCC value-range warning that is being ironically triggered
by bounds checking"
* tag 'hardening-v6.13-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
fortify: Hide run-time copy size from value range tracking
+13
-1
+13
-1
include/linux/fortify-string.h
+13
-1
include/linux/fortify-string.h
···
616
616
return false;
617
617
}
618
618
619
+
/*
620
+
* To work around what seems to be an optimizer bug, the macro arguments
621
+
* need to have const copies or the values end up changed by the time they
622
+
* reach fortify_warn_once(). See commit 6f7630b1b5bc ("fortify: Capture
623
+
* __bos() results in const temp vars") for more details.
624
+
*/
619
625
#define __fortify_memcpy_chk(p, q, size, p_size, q_size, \
620
626
p_size_field, q_size_field, op) ({ \
621
627
const size_t __fortify_size = (size_t)(size); \
···
629
623
const size_t __q_size = (q_size); \
630
624
const size_t __p_size_field = (p_size_field); \
631
625
const size_t __q_size_field = (q_size_field); \
626
+
/* Keep a mutable version of the size for the final copy. */ \
627
+
size_t __copy_size = __fortify_size; \
632
628
fortify_warn_once(fortify_memcpy_chk(__fortify_size, __p_size, \
633
629
__q_size, __p_size_field, \
634
630
__q_size_field, FORTIFY_FUNC_ ##op), \
···
638
630
__fortify_size, \
639
631
"field \"" #p "\" at " FILE_LINE, \
640
632
__p_size_field); \
641
-
__underlying_##op(p, q, __fortify_size); \
633
+
/* Hide only the run-time size from value range tracking to */ \
634
+
/* silence compile-time false positive bounds warnings. */ \
635
+
if (!__builtin_constant_p(__copy_size)) \
636
+
OPTIMIZER_HIDE_VAR(__copy_size); \
637
+
__underlying_##op(p, q, __copy_size); \
642
638
})
643
639
644
640
/*