Re: [PATCH] fortify: Provide a memcpy trap door for sharp corners

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11 May 09:24, Jakub Kicinski wrote:
On Tue, 10 May 2022 19:53:01 -0700 Kees Cook wrote:
As we continue to narrow the scope of what the FORTIFY memcpy() will
accept and build alternative APIs that give the compiler appropriate
visibility into more complex memcpy scenarios, there is a need for
"unfortified" memcpy use in rare cases where combinations of compiler
behaviors, source code layout, etc, result in cases where the stricter
memcpy checks need to be bypassed until appropriate solutions can be
developed (i.e. fix compiler bugs, code refactoring, new API, etc). The
intention is for this to be used only if there's no other reasonable
solution, for its use to include a justification that can be used
to assess future solutions, and for it to be temporary.

Example usage included, based on analysis and discussion from:
https://lore.kernel.org/netdev/CANn89iLS_2cshtuXPyNUGDPaic=sJiYfvTb_wNLgWrZRyBxZ_g@xxxxxxxxxxxxxx

Saeed, ack for taking this in directly? Or do you prefer to take this
plus Eric's last BIG TCP patch via your tree?

Please take both, I asked Eric a question on the BIG TCP patch, but I
won't block the series.

Thanks!




[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Photo]     [Yosemite News]     [Yosemite Photos]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux