[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FORTIFY_SOURCE for the kernel



man, 23 01 2006 kl. 07:35 +0100, skrev Arjan van de Ven:

> what a coincidence... this got asked yesterday as well ;)
> The answer was "no because after manual review it's not currently
> bringing additional security; not until gcc can grok that kmalloc is
> like malloc. For a slightly longer answer see yesterdays archives

As I understand it, teaching GCC about kmalloc is not a simple task, so
I gather we will not see this kind of protection scheme implemented any
time soon. Also reading your prior post on the subject it seems that
this kind of implementation is just about zero benefit due to the nature
of the kernel code, if I understand it correctly, even with the
protection enabled and in the fairytale world where GCC knows about
kmalloc we wouldn't be likely to catch many bugs.

So back to the regularly scheduled flamewars

- David



-- 
Obligatory shameless blog plug - The GNOME commentary located at
www.lovesunix.net/blog
 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]