CNB: fortify: Provide a memcpy trap door for sharp corners
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2139493
Build Info: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=49547918
Tested: Sanity only
Conflicts:
-- Skipped part for drivers/net/ethernet/mellanox/mlx5/core/en_tx.c
-- Context conflict because 2 patches are already backported
Upstream commit(s):
cfecea6ead5f1 lib/string: Move helper functions out of string.c
c430f60036af4 fortify: Move remaining fortify helpers into fortify-string.h
a52f8a59aef46 fortify: Explicitly disable Clang support
072af0c638dc8 fortify: Fix dropped strcpy() compile-time write overflow check
369cd2165d7be fortify: Prepare to improve strnlen() and strlen() warnings
3009f891bb9f3 fortify: Allow strlen() and strnlen() to pass compile-time known lengths
be58f7103700a fortify: Add compile-time FORTIFY_SOURCE tests
95cadae320be4 fortify: strlen: Avoid shadowing previous locals
5c4e0a21fae87 string: uninline memcpy_and_pad
418e0a3551bbe lib/string_helpers: Introduce kasprintf_strarray()
f0202b8ca48ce Compiler Attributes: Add __pass_object_size for Clang
f68f2ff91512c fortify: Detect struct member overflows in memcpy() at compile-time
938a000e3f9be fortify: Detect struct member overflows in memmove() at compile-time
28e77cc1c0686 fortify: Detect struct member overflows in memset() at compile-time
f361143141362 fortify: Replace open-coded __gnu_inline attribute
818ab43fc56ad fortify: Update compile-time tests for Clang 14
d694dbaefd6fa Compiler Attributes: Add __overloadable for Clang
92df138a8d663 Compiler Attributes: Add __diagnose_as for Clang
0a2b782a00f33 fortify: Make pointer arguments const
92df138a8d663 fortify: Use __diagnose_as() for better diagnostic coverage
67ebc3ab44623 fortify: Make sure strlen() may still be used as a constant expression
281d0c962752f fortify: Add Clang support
43213daed6d6c fortify: Provide a memcpy trap door for sharp corners
dfbafa70bde26 string: Introduce strtomem() and strtomem_pad()
d07c0acb4f41c fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL
62776e4378ae9 mips: boot/compressed: use __NO_FORTIFY
66cb2a36a96f6 kunit/memcpy: Avoid pathological compile-time string size
Documentation/process/deprecated.rst | 11 +-
MAINTAINERS | 9 +
arch/arm/boot/compressed/string.c | 1 +
arch/mips/boot/compressed/decompress.c | 1 +
arch/s390/lib/string.c | 3 +
arch/x86/boot/compressed/misc.c | 3 +-
arch/x86/boot/compressed/misc.h | 2 +
arch/x86/boot/compressed/pgtable_64.c | 2 +
arch/x86/lib/memcpy_32.c | 1 +
arch/x86/lib/string_32.c | 1 +
include/linux/compiler_attributes.h | 39 ++
include/linux/fortify-string.h | 356 ++++++++++++++----
include/linux/string.h | 71 ++--
include/linux/string_helpers.h | 1 +
lib/.gitignore | 2 +
lib/Makefile | 34 ++
lib/memcpy_kunit.c | 59 ++-
lib/string.c | 210 +----------
lib/string_helpers.c | 254 +++++++++++++
lib/test_fortify/read_overflow-memchr.c | 5 +
lib/test_fortify/read_overflow-memchr_inv.c | 5 +
lib/test_fortify/read_overflow-memcmp.c | 5 +
lib/test_fortify/read_overflow-memscan.c | 5 +
lib/test_fortify/read_overflow2-memcmp.c | 5 +
lib/test_fortify/read_overflow2-memcpy.c | 5 +
lib/test_fortify/read_overflow2-memmove.c | 5 +
.../read_overflow2_field-memcpy.c | 5 +
.../read_overflow2_field-memmove.c | 5 +
lib/test_fortify/test_fortify.h | 35 ++
lib/test_fortify/write_overflow-memcpy.c | 5 +
lib/test_fortify/write_overflow-memmove.c | 5 +
lib/test_fortify/write_overflow-memset.c | 5 +
lib/test_fortify/write_overflow-strcpy-lit.c | 5 +
lib/test_fortify/write_overflow-strcpy.c | 5 +
lib/test_fortify/write_overflow-strlcpy-src.c | 5 +
lib/test_fortify/write_overflow-strlcpy.c | 5 +
lib/test_fortify/write_overflow-strncpy-src.c | 5 +
lib/test_fortify/write_overflow-strncpy.c | 5 +
lib/test_fortify/write_overflow-strscpy.c | 5 +
.../write_overflow_field-memcpy.c | 5 +
.../write_overflow_field-memmove.c | 5 +
.../write_overflow_field-memset.c | 5 +
scripts/test_fortify.sh | 66 ++++
security/Kconfig | 4 +
44 files changed, 972 insertions(+), 303 deletions(-)
create mode 100644 lib/test_fortify/read_overflow-memchr.c
create mode 100644 lib/test_fortify/read_overflow-memchr_inv.c
create mode 100644 lib/test_fortify/read_overflow-memcmp.c
create mode 100644 lib/test_fortify/read_overflow-memscan.c
create mode 100644 lib/test_fortify/read_overflow2-memcmp.c
create mode 100644 lib/test_fortify/read_overflow2-memcpy.c
create mode 100644 lib/test_fortify/read_overflow2-memmove.c
create mode 100644 lib/test_fortify/read_overflow2_field-memcpy.c
create mode 100644 lib/test_fortify/read_overflow2_field-memmove.c
create mode 100644 lib/test_fortify/test_fortify.h
create mode 100644 lib/test_fortify/write_overflow-memcpy.c
create mode 100644 lib/test_fortify/write_overflow-memmove.c
create mode 100644 lib/test_fortify/write_overflow-memset.c
create mode 100644 lib/test_fortify/write_overflow-strcpy-lit.c
create mode 100644 lib/test_fortify/write_overflow-strcpy.c
create mode 100644 lib/test_fortify/write_overflow-strlcpy-src.c
create mode 100644 lib/test_fortify/write_overflow-strlcpy.c
create mode 100644 lib/test_fortify/write_overflow-strncpy-src.c
create mode 100644 lib/test_fortify/write_overflow-strncpy.c
create mode 100644 lib/test_fortify/write_overflow-strscpy.c
create mode 100644 lib/test_fortify/write_overflow_field-memcpy.c
create mode 100644 lib/test_fortify/write_overflow_field-memmove.c
create mode 100644 lib/test_fortify/write_overflow_field-memset.c
create mode 100644 scripts/test_fortify.sh
Signed-off-by: Josef Oskera joskera@redhat.com
Edited by Josef Oškera