From: Nick Desaulniers <ndesaulniers@google.com>
To: Kees Cook <keescook@chromium.org>
Cc: Miguel Ojeda <ojeda@kernel.org>,
Nathan Chancellor <nathan@kernel.org>,
George Burgess IV <gbiv@google.com>,
llvm@lists.linux.dev, linux-kernel@vger.kernel.org,
linux-hardening@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH 4/4 v5] fortify: Add Clang support
Date: Wed, 2 Feb 2022 13:22:09 -0800 [thread overview]
Message-ID: <CAKwvOdm1O+cKn5C86C2cB7hUCupv+Mf0w1d1pcaUNniYvc5jEw@mail.gmail.com> (raw)
In-Reply-To: <20220202003033.704951-5-keescook@chromium.org>
On Tue, Feb 1, 2022 at 4:30 PM Kees Cook <keescook@chromium.org> wrote:
>
> --- a/security/Kconfig
> +++ b/security/Kconfig
> @@ -179,7 +179,7 @@ config FORTIFY_SOURCE
> depends on ARCH_HAS_FORTIFY_SOURCE
> # https://bugs.llvm.org/show_bug.cgi?id=50322
> # https://bugs.llvm.org/show_bug.cgi?id=41459
> - depends on !CC_IS_CLANG
> + depends on !CC_IS_CLANG || CLANG_VERSION >= 130000
Are these comments still relevant, and is the clang version still correct?
In https://lore.kernel.org/llvm/CANiq72n1d7ouKNi+pbsy7chsg0DfCXxez27qqtS9XE1n3m5=8Q@mail.gmail.com/
Miguel notes that diagnose_as only exists in clang-14+. If this
series relies on diagnose_as, then should this version check be for
clang-14+ rather than clang-13+?
https://bugs.llvm.org/show_bug.cgi?id=50322 is still open, but doesn't
signify why there's a version check. It makes sense if there's no
version check, but I'm not sure it's still relevant to this Kconfig
option after your series.
https://bugs.llvm.org/show_bug.cgi?id=41459 was fixed in clang-13, but
it was also backported to the clang 12.0.1 release. Is it still
relevant if we're gated on diagnose_as from clang-14?
Perhaps a single comment, about the diagnose_as attribute or a link to
https://reviews.llvm.org/rGbc5f2d12cadce765620efc56a1ca815221db47af or
whatever, and updating the version check to be against clang-14 would
be more precise?
--
Thanks,
~Nick Desaulniers
next prev parent reply other threads:[~2022-02-02 21:22 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-02 0:30 [PATCH 0/4 v5] fortify: Add Clang support Kees Cook
2022-02-02 0:30 ` [PATCH 1/4] Compiler Attributes: Add Clang's __pass_object_size Kees Cook
2022-02-02 1:11 ` Miguel Ojeda
2022-02-02 1:13 ` Miguel Ojeda
2022-02-02 21:09 ` Kees Cook
2022-02-02 21:19 ` Miguel Ojeda
2022-02-02 0:30 ` [PATCH 2/4] Compiler Attributes: Add __overloadable Kees Cook
2022-02-02 0:30 ` [PATCH 3/4] Compiler Attributes: Add __diagnose_as Kees Cook
2022-02-02 0:30 ` [PATCH 4/4 v5] fortify: Add Clang support Kees Cook
2022-02-02 21:22 ` Nick Desaulniers [this message]
2022-02-03 3:15 ` Kees Cook
2022-02-02 21:27 ` Nick Desaulniers
2022-02-03 3:18 ` Kees Cook
2022-02-03 22:13 ` Nick Desaulniers
2022-02-03 22:28 ` Miguel Ojeda
2022-02-04 0:28 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKwvOdm1O+cKn5C86C2cB7hUCupv+Mf0w1d1pcaUNniYvc5jEw@mail.gmail.com \
--to=ndesaulniers@google.com \
--cc=gbiv@google.com \
--cc=keescook@chromium.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=nathan@kernel.org \
--cc=ojeda@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).