Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On 9 June 2017 at 11:01, Ard Biesheuvel wrote: > On 8 June 2017 at 02:37, Kees Cook wrote: >> On Wed, Jun 7, 2017 at 1:54 AM, Ard Biesheuvel >> wrote: >>> On 7 June 2017 at 03:12, Kees Cook

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On 9 June 2017 at 11:01, Ard Biesheuvel wrote: > On 8 June 2017 at 02:37, Kees Cook wrote: >> On Wed, Jun 7, 2017 at 1:54 AM, Ard Biesheuvel >> wrote: >>> On 7 June 2017 at 03:12, Kees Cook wrote: On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: > On Tue, Jun 06, 2017 at

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On 8 June 2017 at 02:37, Kees Cook wrote: > On Wed, Jun 7, 2017 at 1:54 AM, Ard Biesheuvel > wrote: >> On 7 June 2017 at 03:12, Kees Cook wrote: >>> On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On 8 June 2017 at 02:37, Kees Cook wrote: > On Wed, Jun 7, 2017 at 1:54 AM, Ard Biesheuvel > wrote: >> On 7 June 2017 at 03:12, Kees Cook wrote: >>> On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: On Tue, Jun 06, 2017 at 05:13:07PM +, Ard Biesheuvel wrote: > (+ Mark, Matt)

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On Wed, Jun 7, 2017 at 1:54 AM, Ard Biesheuvel wrote: > On 7 June 2017 at 03:12, Kees Cook wrote: >> On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: >>> On Tue, Jun 06, 2017 at 05:13:07PM +, Ard Biesheuvel wrote:

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On Wed, Jun 7, 2017 at 1:54 AM, Ard Biesheuvel wrote: > On 7 June 2017 at 03:12, Kees Cook wrote: >> On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: >>> On Tue, Jun 06, 2017 at 05:13:07PM +, Ard Biesheuvel wrote: (+ Mark, Matt) On 6 June 2017 at 04:52, Kees Cook wrote:

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On Tue, Jun 06, 2017 at 08:12:22PM -0700, Kees Cook wrote: > On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: > > Kees, as an aside, do you want me to patchify the vdso fixup? Or are > > you going to handle that? > > I sent that separately but discovered that my

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On Tue, Jun 06, 2017 at 08:12:22PM -0700, Kees Cook wrote: > On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: > > Kees, as an aside, do you want me to patchify the vdso fixup? Or are > > you going to handle that? > > I sent that separately but discovered that my invocation of git >

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On 7 June 2017 at 03:12, Kees Cook wrote: > On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: >> On Tue, Jun 06, 2017 at 05:13:07PM +, Ard Biesheuvel wrote: >>> (+ Mark, Matt) >>> >>> On 6 June 2017 at 04:52, Kees Cook

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On 7 June 2017 at 03:12, Kees Cook wrote: > On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: >> On Tue, Jun 06, 2017 at 05:13:07PM +, Ard Biesheuvel wrote: >>> (+ Mark, Matt) >>> >>> On 6 June 2017 at 04:52, Kees Cook wrote: >>> > This avoids CONFIG_FORTIFY_SOURCE from being enabled

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: > On Tue, Jun 06, 2017 at 05:13:07PM +, Ard Biesheuvel wrote: >> (+ Mark, Matt) >> >> On 6 June 2017 at 04:52, Kees Cook wrote: >> > This avoids CONFIG_FORTIFY_SOURCE from being enabled during

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On Tue, Jun 6, 2017 at 10:17 AM, Mark Rutland wrote: > On Tue, Jun 06, 2017 at 05:13:07PM +, Ard Biesheuvel wrote: >> (+ Mark, Matt) >> >> On 6 June 2017 at 04:52, Kees Cook wrote: >> > This avoids CONFIG_FORTIFY_SOURCE from being enabled during the EFI stub >> > build, as adding a panic()

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On Tue, Jun 06, 2017 at 05:13:07PM +, Ard Biesheuvel wrote: > (+ Mark, Matt) > > On 6 June 2017 at 04:52, Kees Cook wrote: > > This avoids CONFIG_FORTIFY_SOURCE from being enabled during the EFI stub > > build, as adding a panic() implementation may not work well. This

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

On Tue, Jun 06, 2017 at 05:13:07PM +, Ard Biesheuvel wrote: > (+ Mark, Matt) > > On 6 June 2017 at 04:52, Kees Cook wrote: > > This avoids CONFIG_FORTIFY_SOURCE from being enabled during the EFI stub > > build, as adding a panic() implementation may not work well. This can be > > adjusted in

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

(+ Mark, Matt) On 6 June 2017 at 04:52, Kees Cook wrote: > This avoids CONFIG_FORTIFY_SOURCE from being enabled during the EFI stub > build, as adding a panic() implementation may not work well. This can be > adjusted in the future. > > Suggested-by: Daniel Micay

Re: [PATCH 2/6] efi: Avoid fortify checks in EFI stub

(+ Mark, Matt) On 6 June 2017 at 04:52, Kees Cook wrote: > This avoids CONFIG_FORTIFY_SOURCE from being enabled during the EFI stub > build, as adding a panic() implementation may not work well. This can be > adjusted in the future. > > Suggested-by: Daniel Micay > Signed-off-by: Kees Cook >

[PATCH 2/6] efi: Avoid fortify checks in EFI stub

This avoids CONFIG_FORTIFY_SOURCE from being enabled during the EFI stub build, as adding a panic() implementation may not work well. This can be adjusted in the future. Suggested-by: Daniel Micay Signed-off-by: Kees Cook Cc; Matt Fleming

[PATCH 2/6] efi: Avoid fortify checks in EFI stub

This avoids CONFIG_FORTIFY_SOURCE from being enabled during the EFI stub build, as adding a panic() implementation may not work well. This can be adjusted in the future. Suggested-by: Daniel Micay Signed-off-by: Kees Cook Cc; Matt Fleming Cc: Ard Biesheuvel ---