FORTIFY_SOURCE for the kernel

David Nielsen gnomeuser at
Mon Jan 23 12:02:09 UTC 2006

man, 23 01 2006 kl. 07:35 +0100, skrev Arjan van de Ven:

> what a coincidence... this got asked yesterday as well ;)
> The answer was "no because after manual review it's not currently
> bringing additional security; not until gcc can grok that kmalloc is
> like malloc. For a slightly longer answer see yesterdays archives

As I understand it, teaching GCC about kmalloc is not a simple task, so
I gather we will not see this kind of protection scheme implemented any
time soon. Also reading your prior post on the subject it seems that
this kind of implementation is just about zero benefit due to the nature
of the kernel code, if I understand it correctly, even with the
protection enabled and in the fairytale world where GCC knows about
kmalloc we wouldn't be likely to catch many bugs.

So back to the regularly scheduled flamewars

- David

Obligatory shameless blog plug - The GNOME commentary located at

More information about the fedora-devel-list mailing list