FORTIFY_SOURCE for the kernel
David Nielsen
gnomeuser at gmail.com
Mon Jan 23 12:02:09 UTC 2006
man, 23 01 2006 kl. 07:35 +0100, skrev Arjan van de Ven:
> what a coincidence... this got asked yesterday as well ;)
> The answer was "no because after manual review it's not currently
> bringing additional security; not until gcc can grok that kmalloc is
> like malloc. For a slightly longer answer see yesterdays archives
As I understand it, teaching GCC about kmalloc is not a simple task, so
I gather we will not see this kind of protection scheme implemented any
time soon. Also reading your prior post on the subject it seems that
this kind of implementation is just about zero benefit due to the nature
of the kernel code, if I understand it correctly, even with the
protection enabled and in the fairytale world where GCC knows about
kmalloc we wouldn't be likely to catch many bugs.
So back to the regularly scheduled flamewars
- David
--
Obligatory shameless blog plug - The GNOME commentary located at
www.lovesunix.net/blog
More information about the fedora-devel-list
mailing list