[Maverick] request: CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
Kees Cook
kees at ubuntu.com
Thu Jul 15 22:35:43 UTC 2010
Hi!
Could we enable this test, just to be safer during compiles? It won't
affect run-time, it just forces the build to be safer, IIUC:
arch/x86/include/asm/uaccess_32.h:
extern void copy_from_user_overflow(void)
#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
__compiletime_error("copy_from_user() buffer size is not provably correct")
#else
__compiletime_warning("copy_from_user() buffer size is not provably correct")
#endif
static inline unsigned long __must_check copy_from_user(void *to,
const void __user *from,
unsigned long n)
{
int sz = __compiletime_object_size(to);
if (likely(sz == -1 || sz >= n))
n = _copy_from_user(to, from, n);
else
copy_from_user_overflow();
return n;
}
--
Kees Cook
Ubuntu Security Team
More information about the kernel-team
mailing list