Improve FORTIFY_SOURCE to detect intra-object overflows

[kees]

Right now, CONFIG_FORTIFY_SOURCE uses __builtin_object_size(member, 0), which returns the size of the larger structure (inter-object bounds checking). In the case of:

struct thing {
    char first[16];
    int middle;
    int final;
};
...
struct thing instance;
...
strcpy(instance->first, ...);

CONFIG_FORTIFY_SOURCE will check that the write does not go past the end of instance, but it will allow an overflow beyond the end of first into middle and final.

Fixing this will likely require several steps:

• Use __builtin_object_size(member, 1) to gain intra-object bounds checking for str*() family functions. A patch for this already exists. Landed in commit 6a39e62 (v5.11)
• Implement a WARN-style version of FORTIFY_SOURCE so new breakage doesn't kill the kernel. Landed in commit f68f2ff (v5.18)
• Before doing __builtin_object_size(member, 1) for mem*() family functions, there are several cases in the kernel where copies are intentionally targeting the address of a structure member but intentionally write across multiple structure members. For example, with the above structure memcpy(&instance->middle, src, sizeof(int) * 2). So many patches landed for these fixes.
• Warn at compile time about known-buffer-size overflows for mem*() family functions. Landed in commit f68f2ff (v5.18)
• Warn at runtime about known-buffer-size overflows for mem*() family functions.
• Abort at runtime about known-buffer-size overflows for mem*() family functions.