projects / kconfig-hardened-check.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c0fc9e8) | patch
Improve the check of DEBUG_NOTIFIERS feature
authorAlexander Popov <alex.popov@linux.com>
Tue, 16 Jan 2024 20:31:11 +0000 (23:31 +0300)
committerAlexander Popov <alex.popov@linux.com>
Tue, 16 Jan 2024 20:31:11 +0000 (23:31 +0300)
commitcd5bb8a0364e6a28b2d03a8ac0d7520194a9f07a
tree57183085699ee14508be0bd3229c86afb9dbfc7dtree | snapshot (zip tar.gz)
parentc0fc9e89d7a21dfd734bc6c3b946f835493502cacommit | diff
Improve the check of DEBUG_NOTIFIERS feature

This is what DEBUG_NOTIFIERS performs (see kernel/notifier.c):

```
#ifdef CONFIG_DEBUG_NOTIFIERS
if (unlikely(!func_ptr_is_kernel_text(nb->notifier_call))) {
WARN(1, "Invalid notifier called!");
nb = next_nb;
continue;
}
#endif
```

CFI can do the same better.

Thanks to @thestinger for the idea.

Refers to #99.
kernel_hardening_checker/checks.py diff | blob | history
kconfig-hardened-check