lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sun, 30 Jul 2006 22:06:36 -0400
From:	Valdis.Kletnieks@...edu
To:	Adrian Bunk <bunk@...sta.de>
Cc:	Andi Kleen <ak@...e.de>, Arjan van de Ven <arjan@...ux.intel.com>,
	linux-kernel@...r.kernel.org, akpm@...l.org
Subject: Re: [patch 2/5] Add the Kconfig option for the stackprotector feature

On Sun, 30 Jul 2006 18:49:38 +0200, Adrian Bunk said:
> On Sun, Jul 30, 2006 at 12:14:51PM -0400, Valdis.Kletnieks@...edu wrote:
> > On Sat, 29 Jul 2006 21:19:38 +0200, Adrian Bunk said:
> > 
> > > That was never true in Arjan's patches.
> > > 
> > > The only change is from a gcc version check to a feature check.
> > > 
> > > In both cases, a gcc 4.1 without the appropriate patch applied will 
> > > result in this option not being set.
> > 
> > What do you get if you have a gcc 4.1.1. that has the stack protector option
> > (so a feature check works), but not the fix for gcc PR 28281?
> 
> This is handled correctly in both cases.
> 
> Please read the patches in this thread for more information.

Patches? I read the *patches*. :)  What I missed was this:

http://marc.theaimsgroup.com/?l=linux-kernel&m=115412601229175&w=2

was the only thing I found (over in the 5/5 thread) that remotely looked
like an actual workable test, and all Arjan said was:

> the following line is enough actually:

> echo "int foo(void) { char X[200]; return 3; }" | gcc -S -xc -c -O0 -mcmodel=kernel \ -fstack-protector - -o - | grep -q "%gs"

> echo $? (eg return value) gives 0 for the "works" case, "1" for the
> "wrong gcc" case...

I admit missing that one, because it wasn't actually a patch, but a commentary
I managed to not read and digest in detail (in particular, it wasn't at all
clear that his one-liner would DTRT re: PR28281...)


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ