Re: [PATCH v2 07/10] fortify: Split reporting and avoid passing string pointer

[Alexander Lobakin]

From: Kees Cook <keescook@xxxxxxxxxxxx>
Date: Fri,  7 Apr 2023 12:27:13 -0700

> In preparation for KUnit testing and further improvements in fortify
> failure reporting, split out the report and encode the function and
> access failure (read or write overflow) into a single u8 argument. This
> mainly ends up saving some space in the data segment. For a defconfig
> with FORTIFY_SOURCE enabled:

[...]

> diff --git a/lib/string_helpers.c b/lib/string_helpers.c
> index 230020a2e076..96d502e1e578 100644
> --- a/lib/string_helpers.c
> +++ b/lib/string_helpers.c
> @@ -1021,10 +1021,27 @@ EXPORT_SYMBOL(__read_overflow2_field);
>  void __write_overflow_field(size_t avail, size_t wanted) { }
>  EXPORT_SYMBOL(__write_overflow_field);
>  
> -void fortify_panic(const char *name)
> +#define MAKE_FORTIFY_FUNC_NAME(func)	[MAKE_FORTIFY_FUNC(func)] = #func
> +
> +static const char * const fortify_func_name[] = {
> +	EACH_FORTIFY_FUNC(MAKE_FORTIFY_FUNC_NAME)
> +};
> +
> +void __fortify_report(const u8 reason)
> +{
> +	const u8 func = FORTIFY_REASON_FUNC(reason);
> +	const bool write = FORTIFY_REASON_DIR(reason);

Nano-nit: RCT style here :s

> +	const char *name;
> +
> +	name = fortify_func_name[min_t(u8, func, FORTIFY_FUNC_UNKNOWN)];
> +	WARN(1, "%s: detected buffer %s overflow\n", name, str_read_write(!write));
> +}
> +EXPORT_SYMBOL(__fortify_report);
> +
> +void __fortify_panic(const u8 reason)
>  {
> -	pr_emerg("detected buffer overflow in %s\n", name);
> +	__fortify_report(reason);
>  	BUG();
>  }
> -EXPORT_SYMBOL(fortify_panic);
> +EXPORT_SYMBOL(__fortify_panic);
>  #endif /* CONFIG_FORTIFY_SOURCE */

[...]

There's also a small build warning issue. Apart from that, I like how it
does look now, thanks!

Reviewed-by: Alexander Lobakin <aleksander.lobakin@xxxxxxxxx>

Thanks,
Olek