lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 6 Sep 2021 10:19:11 -0700
From:   Kees Cook <>
To:     Mark Brown <>
Cc:     Linus Torvalds <>,
        Linux Kernel Mailing List <>,
        Arnd Bergmann <>, Daniel Vetter <>,
        Dan Williams <>,
        Rasmus Villemoes <>,
        Greg Kroah-Hartman <>,
        "Gustavo A. R. Silva" <>,
        Keith Packard <>,
        Nathan Chancellor <>,
        Nick Desaulniers <>,
Subject: Re: [GIT PULL] overflow updates for v5.15-rc1

On Mon, Sep 06, 2021 at 12:43:50PM +0100, Mark Brown wrote:
> If you're looking for coverage on this stuff it's also good to check
> with clang as well, it's sufficiently different that it often triggers
> extra stuff [...]

Yup, I tested across multiple GCC and Clang versions, which is
why the failures came as such a surprise. And specifically, these
overflow changes have been designed with Clang in mind (as well as GCC
obviously). (i.e. see the patch[0] in this series, and the last patch[1]
in the coming series.)



Kees Cook

Powered by blists - more mailing lists