From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Kees Cook <keescook@chromium.org>,
Nick Desaulniers <ndesaulniers@google.com>,
Nathan Chancellor <nathan@kernel.org>
Subject: [PATCH 5.10 01/21] fortify: Explicitly disable Clang support
Date: Fri, 19 Nov 2021 18:37:36 +0100 [thread overview]
Message-ID: <20211119171443.942886211@linuxfoundation.org> (raw)
In-Reply-To: <20211119171443.892729043@linuxfoundation.org>
From: Kees Cook <keescook@chromium.org>
commit a52f8a59aef46b59753e583bf4b28fccb069ce64 upstream.
Clang has never correctly compiled the FORTIFY_SOURCE defenses due to
a couple bugs:
Eliding inlines with matching __builtin_* names
https://bugs.llvm.org/show_bug.cgi?id=50322
Incorrect __builtin_constant_p() of some globals
https://bugs.llvm.org/show_bug.cgi?id=41459
In the process of making improvements to the FORTIFY_SOURCE defenses, the
first (silent) bug (coincidentally) becomes worked around, but exposes
the latter which breaks the build. As such, Clang must not be used with
CONFIG_FORTIFY_SOURCE until at least latter bug is fixed (in Clang 13),
and the fortify routines have been rearranged.
Update the Kconfig to reflect the reality of the current situation.
Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Nick Desaulniers <ndesaulniers@google.com>
Link: https://lore.kernel.org/lkml/CAKwvOd=A+ueGV2ihdy5GtgR2fQbcXjjAtVxv3=cPjffpebZB7A@mail.gmail.com
Cc: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
security/Kconfig | 3 +++
1 file changed, 3 insertions(+)
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -191,6 +191,9 @@ config HARDENED_USERCOPY_PAGESPAN
config FORTIFY_SOURCE
bool "Harden common str/mem functions against buffer overflows"
depends on ARCH_HAS_FORTIFY_SOURCE
+ # https://bugs.llvm.org/show_bug.cgi?id=50322
+ # https://bugs.llvm.org/show_bug.cgi?id=41459
+ depends on !CC_IS_CLANG
help
Detect overflows of buffers in common string and memory functions
where the compiler can determine and validate the buffer sizes.
next prev parent reply other threads:[~2021-11-19 17:38 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-19 17:37 [PATCH 5.10 00/21] 5.10.81-rc1 review Greg Kroah-Hartman
2021-11-19 17:37 ` Greg Kroah-Hartman [this message]
2021-11-19 17:37 ` [PATCH 5.10 02/21] block: Add a helper to validate the block size Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 03/21] loop: Use blk_validate_block_size() to validate " Greg Kroah-Hartman
2021-11-19 21:45 ` Pavel Machek
2021-11-20 7:39 ` Greg Kroah-Hartman
2021-11-21 16:59 ` Pavel Machek
2021-11-19 17:37 ` [PATCH 5.10 04/21] bootconfig: init: Fix memblock leak in xbc_make_cmdline() Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 05/21] net: stmmac: add clocks management for gmac driver Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 06/21] net: stmmac: platform: fix build error with !CONFIG_PM_SLEEP Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 07/21] net: stmmac: fix missing unlock on error in stmmac_suspend() Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 08/21] net: stmmac: fix system hang if change mac address after interface ifdown Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 09/21] net: stmmac: fix issue where clk is being unprepared twice Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 10/21] net: stmmac: dwmac-rk: fix unbalanced pm_runtime_enable warnings Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 11/21] arm64: vdso32: suppress error message for make mrproper Greg Kroah-Hartman
2021-11-19 21:47 ` Pavel Machek
2021-11-19 22:24 ` Nick Desaulniers
2021-11-19 22:30 ` Nick Desaulniers
2021-11-21 7:48 ` Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 12/21] x86/iopl: Fake iopl(3) CLI/STI usage Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 13/21] parisc/entry: fix trace test in syscall exit path Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 14/21] PCI/MSI: Destroy sysfs before freeing entries Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 15/21] PCI/MSI: Deal with devices lying about their MSI mask capability Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 16/21] PCI: Add MSI masking quirk for Nvidia ION AHCI Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 17/21] erofs: remove the occupied parameter from z_erofs_pagevec_enqueue() Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 18/21] erofs: fix unsafe pagevec reuse of hooked pclusters Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 19/21] scripts/lld-version.sh: Rewrite based on upstream ld-version.sh Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 20/21] perf/core: Avoid put_page() when GUP fails Greg Kroah-Hartman
2021-11-19 17:37 ` [PATCH 5.10 21/21] thermal: Fix NULL pointer dereferences in of_thermal_ functions Greg Kroah-Hartman
2021-11-19 18:46 ` [PATCH 5.10 00/21] 5.10.81-rc1 review Florian Fainelli
2021-11-19 19:46 ` Fox Chen
2021-11-20 0:49 ` Shuah Khan
2021-11-20 7:28 ` Pavel Machek
2021-11-20 15:21 ` Sudip Mukherjee
2021-11-20 15:27 ` Daniel Díaz
2021-11-20 16:06 ` Naresh Kamboju
2021-11-21 7:49 ` Greg Kroah-Hartman
2021-11-20 16:52 ` Guenter Roeck
2021-11-22 2:48 ` Samuel Zou
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211119171443.942886211@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).