From: Kees Cook <keescook@xxxxxxxxxxxx> Date: Thu, 2 Mar 2023 14:49:50 -0800 > Under CONFIG_FORTIFY_SOURCE, memcpy() will check the size of destination > and source buffers. Defining kernel_headers_data as "char" would trip > this check. Since these addresses are treated as byte arrays, define > them as arrays (as done everywhere else). Yet another array-as-one-char, I wonder how many are still here... > > This was seen with: > > $ cat /sys/kernel/kheaders.tar.xz >> /dev/null > > detected buffer overflow in memcpy > kernel BUG at lib/string_helpers.c:1027! > ... > RIP: 0010:fortify_panic+0xf/0x20 > [...] > Call Trace: > <TASK> > ikheaders_read+0x45/0x50 [kheaders] > kernfs_fop_read_iter+0x1a4/0x2f0 > ... > > Reported-by: Jakub Kicinski <kuba@xxxxxxxxxx> > Link: https://lore.kernel.org/bpf/20230302112130.6e402a98@xxxxxxxxxx/ > Tested-by: Jakub Kicinski <kuba@xxxxxxxxxx> > Fixes: 43d8ce9d65a5 ("Provide in-kernel headers to make extending kernel easier") > Cc: Joel Fernandes (Google) <joel@xxxxxxxxxxxxxxxxx> > Cc: stable@xxxxxxxxxxxxxxx > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> Reviewed-by: Alexander Lobakin <aleksander.lobakin@xxxxxxxxx> > --- > kernel/kheaders.c | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) [...] Thanks, Olek
