2 files changed, 17 insertions, 1 deletions
diff --git a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug
index d105f29bb6bb..1bd2e36f1538 100644
--- a/arch/x86/Kconfig.debug
+++ b/arch/x86/Kconfig.debug
@@ -287,4 +287,18 @@ config OPTIMIZE_INLINING
          If unsure, say N.
+config DEBUG_STRICT_USER_COPY_CHECKS
+        bool "Strict copy size checks"
+        depends on DEBUG_KERNEL
+        ---help---
+          Enabling this option turns a certain set of sanity checks for user
+          copy operations into compile time failures.
+          The copy_from_user() etc checks are there to help test if there
+          are sufficient security checks on the length argument of
+          the copy operation, by having gcc prove that the argument is
+          within bounds.
+          If unsure, or if you run an older (pre 4.4) gcc, say N.
 endmenu
diff --git a/arch/x86/include/asm/uaccess_32.h b/arch/x86/include/asm/uaccess_32.h
index 952f9e793c3e..0c9825e97f36 100644
--- a/arch/x86/include/asm/uaccess_32.h
+++ b/arch/x86/include/asm/uaccess_32.h
@@ -193,7 +193,9 @@ unsigned long __must_check _copy_from_user(void *to,
 extern void copy_from_user_overflow(void)
-#ifdef CONFIG_DEBUG_STACKOVERFLOW
+#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
+        __compiletime_error("copy_from_user() buffer size is not provably correct")
+#else
        __compiletime_warning("copy_from_user() buffer size is not provably correct")
 #endif
 ;

diff --git a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug index d105f29bb6bb..1bd2e36f1538 100644 --- a/arch/x86/Kconfig.debug +++ b/arch/x86/Kconfig.debug
@@ -287,4 +287,18 @@ config OPTIMIZE_INLINING
287		287
288	If unsure, say N.	288	If unsure, say N.
289		289
		290	config DEBUG_STRICT_USER_COPY_CHECKS
		291	bool "Strict copy size checks"
		292	depends on DEBUG_KERNEL
		293	---help---
		294	Enabling this option turns a certain set of sanity checks for user
		295	copy operations into compile time failures.
		296
		297	The copy_from_user() etc checks are there to help test if there
		298	are sufficient security checks on the length argument of
		299	the copy operation, by having gcc prove that the argument is
		300	within bounds.
		301
		302	If unsure, or if you run an older (pre 4.4) gcc, say N.
		303
290	endmenu	304	endmenu


diff --git a/arch/x86/include/asm/uaccess_32.h b/arch/x86/include/asm/uaccess_32.h index 952f9e793c3e..0c9825e97f36 100644 --- a/arch/x86/include/asm/uaccess_32.h +++ b/arch/x86/include/asm/uaccess_32.h
@@ -193,7 +193,9 @@ unsigned long __must_check _copy_from_user(void *to,
193		193
194		194
195	extern void copy_from_user_overflow(void)	195	extern void copy_from_user_overflow(void)
196	#ifdef CONFIG_DEBUG_STACKOVERFLOW	196	#ifdef CONFIG_DEBUG_STRICT_USER_COPY_CHECKS
		197	__compiletime_error("copy_from_user() buffer size is not provably correct")
		198	#else
197	__compiletime_warning("copy_from_user() buffer size is not provably correct")	199	__compiletime_warning("copy_from_user() buffer size is not provably correct")
198	#endif	200	#endif
199	;	201	;