From: Nathan Chancellor <nathan@kernel.org>
To: Will Deacon <will@kernel.org>, linux-kernel@vger.kernel.org
Cc: linux-security-module@vger.kernel.org,
Kees Cook <keescook@chromium.org>,
Nick Desaulniers <ndesaulniers@google.com>,
"Gustavo A . R . Silva" <gustavoars@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: Re: [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
Date: Tue, 14 Sep 2021 08:58:12 -0700 [thread overview]
Message-ID: <01f572ab-bea2-f246-2f77-2f119056db84@kernel.org> (raw)
In-Reply-To: <20210914102837.6172-1-will@kernel.org>
On 9/14/2021 3:28 AM, Will Deacon wrote:
> CC_HAS_AUTO_VAR_INIT_ZERO requires a supported set of compiler options
> distinct from those needed by CC_HAS_AUTO_VAR_INIT_PATTERN, Fix up
> the Kconfig dependency for INIT_STACK_ALL_ZERO to test for the former
> instead of the latter, as these are the options passed by the top-level
> Makefile.
>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Nathan Chancellor <nathan@kernel.org>
> Cc: Nick Desaulniers <ndesaulniers@google.com>
> Cc: Gustavo A. R. Silva <gustavoars@kernel.org>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Fixes: dcb7c0b9461c ("hardening: Clarify Kconfig text for auto-var-init")
> Signed-off-by: Will Deacon <will@kernel.org>
Reviewed-by: Nathan Chancellor <nathan@kernel.org>
One comment below.
> ---
>
> I just noticed this while reading the code and I suspect it doesn't really
> matter in practice.
>
> security/Kconfig.hardening | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening
> index 90cbaff86e13..341e2fdcba94 100644
> --- a/security/Kconfig.hardening
> +++ b/security/Kconfig.hardening
> @@ -29,7 +29,7 @@ choice
> prompt "Initialize kernel stack variables at function entry"
> default GCC_PLUGIN_STRUCTLEAK_BYREF_ALL if COMPILE_TEST && GCC_PLUGINS
> default INIT_STACK_ALL_PATTERN if COMPILE_TEST && CC_HAS_AUTO_VAR_INIT_PATTERN
> - default INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_PATTERN
> + default INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
> default INIT_STACK_NONE
> help
> This option enables initialization of stack variables at
>
While I think this change is correct in and of itself,
CONFIG_INIT_STACK_ALL_ZERO is broken with GCC 12.x, as
CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO won't be set even though GCC now
supports -ftrivial-auto-var-init=zero because GCC does not implement the
-enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
flag for obvious reasons ;) the cc-option call probably needs to be
adjusted.
Cheers,
Nathan
next prev parent reply other threads:[~2021-09-14 15:58 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-14 10:28 [PATCH] hardening: Default to INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO Will Deacon
2021-09-14 15:58 ` Nathan Chancellor [this message]
2021-09-14 17:21 ` Kees Cook
2021-09-14 18:53 ` Nick Desaulniers
2021-09-14 19:09 ` Kees Cook
2021-09-14 19:14 ` Kees Cook
2021-09-14 19:22 ` Nick Desaulniers
2021-09-14 19:36 ` Nathan Chancellor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=01f572ab-bea2-f246-2f77-2f119056db84@kernel.org \
--to=nathan@kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=gustavoars@kernel.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=ndesaulniers@google.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.