[PATCH] fortify: Avoid panic() in favor of BUG()

From: Kees Cook
Date: Mon Jun 26 2017 - 19:51:38 EST

Next message: Wei Yang: "Re: linux-next: build warning after merge of the akpm tree"
Previous message: Gustavo A. R. Silva: "[PATCH] dvb-frontends: mb86a16: remove useless variables in signal_det()"
Next in thread: kbuild test robot: "Re: [PATCH] fortify: Avoid panic() in favor of BUG()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Since detection of a given fortify failure is sufficient to stop the
memory corruption from happening, it doesn't make sense to unconditionally
bring down the entire system. Instead, use BUG() which will stop the bad
thread of kernel execution (and only optionally panic the system).

Cc: Daniel Micay <danielmicay@xxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
lib/string.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/string.c b/lib/string.c
index a6ee1955a701..ebbb99c775bd 100644
--- a/lib/string.c
+++ b/lib/string.c
@@ -981,6 +981,7 @@ EXPORT_SYMBOL(strreplace);

void fortify_panic(const char *name)
{
- panic("detected buffer overflow in %s", name);
+ pr_emerg("detected buffer overflow in %s\n", name);
+ BUG();
}
EXPORT_SYMBOL(fortify_panic);
--
2.7.4

--
Kees Cook
Pixel Security

Next message: Wei Yang: "Re: linux-next: build warning after merge of the akpm tree"
Previous message: Gustavo A. R. Silva: "[PATCH] dvb-frontends: mb86a16: remove useless variables in signal_det()"
Next in thread: kbuild test robot: "Re: [PATCH] fortify: Avoid panic() in favor of BUG()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]