ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE

CONFIG_FORTIFY_SOURCE detects various overflows at compile-time.
(6974f0c4555e ("include/linux/string.h:
add the option of fortified string.h functions)

ARCH_HAS_FORTIFY_SOURCE means that the architecture can be built and
run with CONFIG_FORTIFY_SOURCE.

Since ARM can be built and run with that flag like other architectures,
select ARCH_HAS_FORTIFY_SOURCE as default.

Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jinbum Park <jinb.park7@gmail.com>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 7e3d535..3765336 100644 (file)
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -7,6 +7,7 @@ config ARM
        select ARCH_HAS_DEBUG_VIRTUAL if MMU
        select ARCH_HAS_DEVMEM_IS_ALLOWED
        select ARCH_HAS_ELF_RANDOMIZE
+       select ARCH_HAS_FORTIFY_SOURCE
        select ARCH_HAS_SET_MEMORY
        select ARCH_HAS_PHYS_TO_DMA
        select ARCH_HAS_STRICT_KERNEL_RWX if MMU && !XIP_KERNEL

diff --git a/arch/arm/boot/compressed/misc.c b/arch/arm/boot/compressed/misc.c
index 16a8a80..4a247ac 100644 (file)
--- a/arch/arm/boot/compressed/misc.c
+++ b/arch/arm/boot/compressed/misc.c
@@ -167,3 +167,8 @@ decompress_kernel(unsigned long output_start, unsigned long free_mem_ptr_p,
        else
                putstr(" done, booting the kernel.\n");
 }
+
+void fortify_panic(const char *name)
+{
+       error("detected buffer overflow");
+}