lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Mar 2023 15:56:16 -0700 From: Nick Desaulniers <ndesaulniers@...gle.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>, Kees Cook <keescook@...omium.org>, Jens Axboe <axboe@...nel.dk>, Nathan Chancellor <nathan@...nel.org>, "linux-block@...r.kernel.org" <linux-block@...r.kernel.org>, clang-built-linux <llvm@...ts.linux.dev>, linux-hardening@...r.kernel.org Subject: Re: [GIT PULL] Block fixes for 6.3-rc3 On Fri, Mar 17, 2023 at 2:00 PM Linus Torvalds <torvalds@...ux-foundation.org> wrote: > > On Fri, Mar 17, 2023 at 1:51 PM Linus Torvalds > <torvalds@...ux-foundation.org> wrote: > > > > but I would *really* like clang to be fixed to not silently generate > > code that does insane things and would be basically impossible to > > debug if it ever triggers. > > Side note: the key word here is "silently". > > If clang notices that it generates crazy code, a warning at build-time > would be preferable to the "oh, we noticed the crazy code generation > because we do sanity checking that just happened to catch it". That's fair. I have something hacked up locally that can spot the fallthough from m5mols_set_fmt() as objtool did. With some polish, we can likely ship that as a compiler warning. Then we can have these checks regardless of objtool arch support. First I need to teach LLVM that __stack_chk_fail is noreturn, though I've only verified that thus far in glibc, musl, and bionic; I still need to check that's the case for the BSDs' libcs. -- Thanks, ~Nick Desaulniers
Powered by blists - more mailing lists