| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGG=3QWVM9tTRoGws0X+Jq+m7Fte2JeQC+jUL=EZ5hqGzSY6hg@mail.gmail.com>
Date: Tue, 1 Jul 2025 10:38:36 -0700
From: Bill Wendling <morbo@...gle.com>
To: Kees Cook <kees@...nel.org>
Cc: Jann Horn <jannh@...gle.com>, Jannik Glückert <jannik.glueckert@...il.com>,
Nathan Chancellor <nathan@...nel.org>, linux-hardening@...r.kernel.org,
Nick Desaulniers <nick.desaulniers+lkml@...il.com>, Justin Stitt <justinstitt@...gle.com>,
linux-kernel@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: [PATCH] kunit/fortify: Add back "volatile" for sizeof() constants
On Tue, Jul 1, 2025 at 9:27 AM Kees Cook <kees@...nel.org> wrote:
> On Tue, Jul 01, 2025 at 03:41:35PM +0200, Jann Horn wrote:
> > On Sun, Jun 29, 2025 at 1:40 AM Kees Cook <kees@...nel.org> wrote:
> > > It seems the Clang can see through OPTIMIZER_HIDE_VAR when the constant
> > > is coming from sizeof.
> >
> > Wait, what? That sounds extremely implausible/broken to me.
> >
Agreed. 'sizeof' should be calculated by the front-end.
> > https://godbolt.org/z/ndeP5chcb also suggests that clang does not
> > generally "see through OPTIMIZER_HIDE_VAR when the constant is coming
> > from sizeof".
>
> I agree -- something is very unstable about this case, and it's been
> very frustrating to pin down.
>
> > Do you have a minimal reproducer of what you're talking about?
>
> I have not had the time to minimize it, no.
>
OPTIMIZER_HIDE_VAR doesn't have a 'volatile' on it. Could that be it?
As a side note, the current definition:
__asm__ ("" : "=r" (var) : "0" (var))
seems like
__asm__ ("" : "+r" (var))
with extra steps.
-bw
Powered by blists - more mailing lists