Re: [PATCH v2] kexec_file: Adjust declaration of kexec_purgatory
Kees Cook writes:
> Defining kexec_purgatory as a zero-length char array upsets compile
> time size checking. Since this is built on a per-arch basis, define
> it as an unsized char array (like is done for other similar things,
> e.g. linker sections). This silences the warning generated by the future
> CONFIG_FORTIFY_SOURCE, which did not like the memcmp() of a "0 byte"
> array. This drops the __weak and uses an extern instead, since both
> users define kexec_purgatory.
Acked-by: "Eric W. Biederman"
> Cc: Daniel Micay
> Signed-off-by: Kees Cook
> ---
> v2: use extern instead of __weak void *; ebiederm
> ---
> kernel/kexec_file.c | 7 ---
> kernel/kexec_internal.h | 2 ++
> 2 files changed, 2 insertions(+), 7 deletions(-)
>
> diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
> index b118735fea9d..7a147a7add2e 100644
> --- a/kernel/kexec_file.c
> +++ b/kernel/kexec_file.c
> @@ -26,13 +26,6 @@
> #include
> #include "kexec_internal.h"
>
> -/*
> - * Declare these symbols weak so that if architecture provides a purgatory,
> - * these will be overridden.
> - */
> -char __weak kexec_purgatory[0];
> -size_t __weak kexec_purgatory_size = 0;
> -
> static int kexec_calculate_store_digests(struct kimage *image);
>
> /* Architectures can provide this probe function */
> diff --git a/kernel/kexec_internal.h b/kernel/kexec_internal.h
> index 799a8a452187..50dfcb039a41 100644
> --- a/kernel/kexec_internal.h
> +++ b/kernel/kexec_internal.h
> @@ -17,6 +17,8 @@ extern struct mutex kexec_mutex;
> #ifdef CONFIG_KEXEC_FILE
> #include
> void kimage_file_post_load_cleanup(struct kimage *image);
> +extern char kexec_purgatory[];
> +extern size_t kexec_purgatory_size;
> #else /* CONFIG_KEXEC_FILE */
> static inline void kimage_file_post_load_cleanup(struct kimage *image) { }
> #endif /* CONFIG_KEXEC_FILE */
> --
> 2.7.4
[PATCH v2] kexec_file: Adjust declaration of kexec_purgatory
Defining kexec_purgatory as a zero-length char array upsets compile
time size checking. Since this is built on a per-arch basis, define
it as an unsized char array (like is done for other similar things,
e.g. linker sections). This silences the warning generated by the future
CONFIG_FORTIFY_SOURCE, which did not like the memcmp() of a "0 byte"
array. This drops the __weak and uses an extern instead, since both
users define kexec_purgatory.
Cc: Daniel Micay
Signed-off-by: Kees Cook
---
v2: use extern instead of __weak void *; ebiederm
---
kernel/kexec_file.c | 7 ---
kernel/kexec_internal.h | 2 ++
2 files changed, 2 insertions(+), 7 deletions(-)
diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
index b118735fea9d..7a147a7add2e 100644
--- a/kernel/kexec_file.c
+++ b/kernel/kexec_file.c
@@ -26,13 +26,6 @@
#include
#include "kexec_internal.h"
-/*
- * Declare these symbols weak so that if architecture provides a purgatory,
- * these will be overridden.
- */
-char __weak kexec_purgatory[0];
-size_t __weak kexec_purgatory_size = 0;
-
static int kexec_calculate_store_digests(struct kimage *image);
/* Architectures can provide this probe function */
diff --git a/kernel/kexec_internal.h b/kernel/kexec_internal.h
index 799a8a452187..50dfcb039a41 100644
--- a/kernel/kexec_internal.h
+++ b/kernel/kexec_internal.h
@@ -17,6 +17,8 @@ extern struct mutex kexec_mutex;
#ifdef CONFIG_KEXEC_FILE
#include
void kimage_file_post_load_cleanup(struct kimage *image);
+extern char kexec_purgatory[];
+extern size_t kexec_purgatory_size;
#else /* CONFIG_KEXEC_FILE */
static inline void kimage_file_post_load_cleanup(struct kimage *image) { }
#endif /* CONFIG_KEXEC_FILE */
--
2.7.4
--
Kees Cook
Pixel Security
