lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Thu, 18 Feb 2016 09:54:38 -0800
From:	Kees Cook <keescook@...omium.org>
To:	Michal Marek <mmarek@...e.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	LKML <linux-kernel@...r.kernel.org>,
	linux-kbuild <linux-kbuild@...r.kernel.org>
Subject: Re: [PATCH] kbuild: disable Android-specific compiler features

On Thu, Feb 18, 2016 at 1:36 AM, Michal Marek <mmarek@...e.com> wrote:
> Dne 18.2.2016 v 00:03 Kees Cook napsal(a):
>> On Fri, Feb 5, 2016 at 4:44 PM, Kees Cook <keescook@...omium.org> wrote:
>>> The Android compilers enable some non-standard features by default. While
>>> most Android build systems inject the needed "-mno-android" option via
>>> KCFLAGS, it happens too late (at least on x86_64), since KBUILD_CFLAGS
>>> gains KCFLAGS after running (and failing) many cc-option tests. (For
>>> example, the stack-protector tests happen after arch-specific
>>> KBUILD_CFLAGS are added but before the external KCFLAGS are added.) As
>>> such, we should notice this option and immediately turn it on as the
>>> first cc-option test we run.
>>>
>>> Signed-off-by: Kees Cook <keescook@...omium.org>
>>
>> Michal, is this okay? I'd like to get it into -next soon if possible.
>
> Is there a way to detect these compilers and are there some canonical
> versions of these? I do not think it's a good idea to add workaround for
> each random gcc fork.

It's detectable by -mno-android being a valid option. It's not a
random gcc fork, as it's part of the Android SDK gcc prebuilts that
all Android vendors and hobbiests use to build their kernels.

-Kees

-- 
Kees Cook
Chrome OS & Brillo Security

Powered by blists - more mailing lists