efi: avoid fortify checks in EFI stub · tjh.dev/kernel@3e2c044

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

efi: avoid fortify checks in EFI stub

This avoids CONFIG_FORTIFY_SOURCE from being enabled during the EFI stub
build, as adding a panic() implementation may not work well. This can
be adjusted in the future.

Link: http://lkml.kernel.org/r/1497903987-21002-2-git-send-email-keescook@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Suggested-by: Daniel Micay <danielmicay@gmail.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Kees Cook and committed by

Linus Torvalds 8 years ago 3e2c044a 2104180a

1 changed file

expand all

drivers

firmware

efi

libstub

Makefile

drivers/firmware/efi/libstub/Makefile

··· 17 17 cflags-$(CONFIG_EFI_ARMSTUB) += -I$(srctree)/scripts/dtc/libfdt 18 18 19 19 KBUILD_CFLAGS := $(cflags-y) -DDISABLE_BRANCH_PROFILING \ 20 + -D__NO_FORTIFY \ 20 21 $(call cc-option,-ffreestanding) \ 21 22 $(call cc-option,-fno-stack-protector) 22 23