[PATCH] um: Enable FORTIFY_SOURCE

David Gow davidgow at google.com
Wed Feb 9 17:37:25 PST 2022


On Thu, Feb 10, 2022 at 8:32 AM Kees Cook <keescook at chromium.org> wrote:
>
> Enable FORTIFY_SOURCE so running Kunit tests can test fortified
> functions.
>
> Signed-off-by: Kees Cook <keescook at chromium.org>
> ---

Thanks -- I was successfully able to run KUnit tests with
FORTIFY_SOURCE with this, and added some errors which it caught.

It might be worth noting that FORTIFY_SOURCE isn't enabled by default
under KUnit with this patch, though it's possible to use it with
./tools/testing/kunit/kunit.py run --kconfig_add CONFIG_FORTIFY_SOURCE=y

Tested-by: David Gow <davidgow at google.com>

Cheers,
-- David

>  arch/um/Kconfig              | 1 +
>  arch/um/os-Linux/user_syms.c | 1 +
>  2 files changed, 2 insertions(+)
>
> diff --git a/arch/um/Kconfig b/arch/um/Kconfig
> index 4d398b80aea8..746e661395d7 100644
> --- a/arch/um/Kconfig
> +++ b/arch/um/Kconfig
> @@ -9,6 +9,7 @@ config UML
>         select ARCH_HAS_KCOV
>         select ARCH_HAS_STRNCPY_FROM_USER
>         select ARCH_HAS_STRNLEN_USER
> +       select ARCH_HAS_FORTIFY_SOURCE
>         select ARCH_NO_PREEMPT
>         select HAVE_ARCH_AUDITSYSCALL
>         select HAVE_ARCH_SECCOMP_FILTER
> diff --git a/arch/um/os-Linux/user_syms.c b/arch/um/os-Linux/user_syms.c
> index 715594fe5719..d9845b5219ce 100644
> --- a/arch/um/os-Linux/user_syms.c
> +++ b/arch/um/os-Linux/user_syms.c
> @@ -1,4 +1,5 @@
>  // SPDX-License-Identifier: GPL-2.0
> +#define __NO_FORTIFY
>  #include <linux/types.h>
>  #include <linux/module.h>
>
> --
> 2.30.2
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4003 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.infradead.org/pipermail/linux-um/attachments/20220210/b1d10f99/attachment.p7s>


More information about the linux-um mailing list