lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 18 Apr 2008 00:28:58 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Ingo Molnar <mingo@...e.hu>
Cc:	Arjan van de Ven <arjan@...radead.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Pekka Enberg <penberg@...helsinki.fi>,
	linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org,
	linux-mm@...ck.org, James Morris <jmorris@...ei.org>,
	Stephen Smalley <sds@...ho.nsa.gov>
Subject: Re: 2.6.25-mm1: not looking good

On Fri, 18 Apr 2008 09:19:45 +0200 Ingo Molnar <mingo@...e.hu> wrote:

> 
> * Andrew Morton <akpm@...ux-foundation.org> wrote:
> 
> > On Thu, 17 Apr 2008 22:49:08 -0700 Arjan van de Ven <arjan@...radead.org> wrote:
> > 
> > > On Thu, 17 Apr 2008 16:03:31 -0700
> > > Andrew Morton <akpm@...ux-foundation.org> wrote:
> > > 
> > > > 
> > > > I repulled all the trees an hour or two ago, installed everything on
> > > > an 8-way x86_64 box and:
> > > > 
> > > > 
> > > > stack-protector:
> > > > 
> > > > Testing -fstack-protector-all feature
> > > > No -fstack-protector-stack-frame!
> > > > -fstack-protector-all test failed
> > > 
> > > do you have a stack-protector capable GCC? I guess not.
> > > 
> > > This is a catch-22. You do not have stack-protector. Should we make that 
> > > a silent failure? or do you want to know that you don't have a security
> > > feature you thought you had.... complaining seems to be the right thing to do imo.
> > 
> > A #warning sounds more appropriate.
> 
> this warning is telling the user that the security feature that got 
> enabled in the .config is completely, 100% not working due to using a
> stack-protector-incapable GCC.

I doubt if anyone will care much.

> it's analogous as if there was a bug in gcc that made SELinux totally 
> ineffective in some mitigate-exploit-damage scenarios.

Not really.  In the selinux case we don't know that it'll break at compile
time.  

> No harm done on a 
> perfectly bug-free system - but once a bug happens that SELinux should 
> have mitigated, the breakage becomes real. Having a prominent warning is 
> the _minimum_.
> 
> having a build failure would be nice too because this is a build 
> environment problem. (not a build warning - warnings can easily be 
> missed because on a typical kernel build there's so many false positives 
> that get emitted by various other warning mechanisms) Arjan?
> 

Yeah, #error would work too.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ