On Wed, Jun 7, 2017 at 1:54 AM, Ard Biesheuvel <[email protected]> wrote: > On 7 June 2017 at 03:12, Kees Cook <[email protected]> wrote: >> On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland <[email protected]> wrote: >>> On Tue, Jun 06, 2017 at 05:13:07PM +0000, Ard Biesheuvel wrote: >>>> (+ Mark, Matt) >>>> >>>> On 6 June 2017 at 04:52, Kees Cook <[email protected]> wrote: >>>> > This avoids CONFIG_FORTIFY_SOURCE from being enabled during the EFI stub >>>> > build, as adding a panic() implementation may not work well. This can be >>>> > adjusted in the future. >>>> > >>>> > Suggested-by: Daniel Micay <[email protected]> >>>> > Signed-off-by: Kees Cook <[email protected]> >>>> > Cc; Matt Fleming <[email protected]> >>>> > Cc: Ard Biesheuvel <[email protected]> > [...] >>>> >>>> Reviewed-by: Ard Biesheuvel <[email protected]> >>>> >>>> This is unlikely to conflict with anything going through the EFI tree, >>>> so feel free to queue it elsewhere. >> >> If it can go through the EFI tree, that'd be great. Less for akpm to >> wrangle. :) >> > > That is fine, but I'd prefer not to take a single patch out of > context. Do you have a link to the entire series? I was only cc'ed on > this patch (In the future, please cc me on the entire series in cases > such as these.)
This is to fix stuff noticed by the CONFIG_FORTIFY_SOURCE feature, now in -mm: https://marc.info/?l=linux-kernel&m=149579258121273&w=2 I was originally preparing it along with various fixes in my KSPP tree, but akpm took it into -mm instead, and asked that I send out the remaining fixes that hadn't been picked up yet. The thread with my sending starts here: https://www.mail-archive.com/[email protected]/msg1413683.html Hopefully that helps! -Kees -- Kees Cook Pixel Security
