On Wed, Feb 28, 2018 at 6:30 AM, Jinbum Park <jinb.pa...@gmail.com> wrote:
> CONFIG_FORTIFY_SOURCE detects various overflows at compile-time.
> (6974f0c4555e ("include/linux/string.h:
> add the option of fortified string.h functions)
>
> ARCH_HAS_FORTIFY_SOURCE means that the architecture can be built and
> run with CONFIG_FORTIFY_SOURCE.
>
> Since ARM can be built and run with that flag like other architectures,
> select ARCH_HAS_FORTIFY_SOURCE as default.
>
> Signed-off-by: Jinbum Park <jinb.pa...@gmail.com>Acked-by: Kees Cook <keesc...@chromium.org> -Kees > --- > arch/arm/Kconfig | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig > index 7e3d535..3765336 100644 > --- a/arch/arm/Kconfig > +++ b/arch/arm/Kconfig > @@ -7,6 +7,7 @@ config ARM > select ARCH_HAS_DEBUG_VIRTUAL if MMU > select ARCH_HAS_DEVMEM_IS_ALLOWED > select ARCH_HAS_ELF_RANDOMIZE > + select ARCH_HAS_FORTIFY_SOURCE > select ARCH_HAS_SET_MEMORY > select ARCH_HAS_PHYS_TO_DMA > select ARCH_HAS_STRICT_KERNEL_RWX if MMU && !XIP_KERNEL > -- > 1.9.1 > -- Kees Cook Pixel Security
