lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Feb 2016 09:54:38 -0800 From: Kees Cook <keescook@...omium.org> To: Michal Marek <mmarek@...e.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, LKML <linux-kernel@...r.kernel.org>, linux-kbuild <linux-kbuild@...r.kernel.org> Subject: Re: [PATCH] kbuild: disable Android-specific compiler features On Thu, Feb 18, 2016 at 1:36 AM, Michal Marek <mmarek@...e.com> wrote: > Dne 18.2.2016 v 00:03 Kees Cook napsal(a): >> On Fri, Feb 5, 2016 at 4:44 PM, Kees Cook <keescook@...omium.org> wrote: >>> The Android compilers enable some non-standard features by default. While >>> most Android build systems inject the needed "-mno-android" option via >>> KCFLAGS, it happens too late (at least on x86_64), since KBUILD_CFLAGS >>> gains KCFLAGS after running (and failing) many cc-option tests. (For >>> example, the stack-protector tests happen after arch-specific >>> KBUILD_CFLAGS are added but before the external KCFLAGS are added.) As >>> such, we should notice this option and immediately turn it on as the >>> first cc-option test we run. >>> >>> Signed-off-by: Kees Cook <keescook@...omium.org> >> >> Michal, is this okay? I'd like to get it into -next soon if possible. > > Is there a way to detect these compilers and are there some canonical > versions of these? I do not think it's a good idea to add workaround for > each random gcc fork. It's detectable by -mno-android being a valid option. It's not a random gcc fork, as it's part of the Android SDK gcc prebuilts that all Android vendors and hobbiests use to build their kernels. -Kees -- Kees Cook Chrome OS & Brillo Security
Powered by blists - more mailing lists