lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+55aFy+MbU62-x7n27YRyxNG0Kkw1MKWViyAo_xqdpVAOKvAQ@mail.gmail.com>
Date:	Wed, 27 Jul 2016 20:21:50 -0700
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Steven Rostedt <rostedt@...dmis.org>,
	Josh Poimboeuf <jpoimboe@...hat.com>
Cc:	Ingo Molnar <mingo@...hat.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: warning: calling ‘__builtin_return_address’ with a nonzero argument is unsafe

On Wed, Jul 27, 2016 at 6:58 PM, Steven Rostedt <rostedt@...dmis.org> wrote:
> On Wed, 27 Jul 2016 16:00:54 -0700
> Linus Torvalds <torvalds@...ux-foundation.org> wrote:
>>
>> I can just add a
>>
>>   KBUILD_CFLAGS  += $(call cc-disable-warning,frame-address,)
>
> I like this solution.

Ok. Pushed out. As long as people are aware of this, and are hopefully
at least looking for potential alternatives, it's fine.

I've squashed most of the warnings I see in my allmodconfig build.

The remaining ones are mostly objtool warnings (Josh added to cc: I
get both a "objtool: x86 instruction decoder differs from kernel"
warning, and several new "sibling call from callable instruction with
changed frame pointer" warnings).

There's also a couple of really annoying warnings from gcc:

  drivers/sfi/sfi_core.c:175:53: warning: self-comparison always
evaluates to true [-Wtautological-compare]

which is a classic case of compiler people thinking that "comparing
things to itself is stupid", but it comes from using general-case
macros that then sometimes end up having simple uses where one part of
the comparison ends up being trivially true.

Since the "fix" (to avoid a generic macro helper and use special-case
simpler tests) is likely much worse than what the compiler actually
warns about, I suspect I will be just disabling that silly compiler
warning.

People who love being warned about tautological compares, speak up now
about your preferred alternative, or forever hold your peace. I do
*not* want to have stupid warnings show up by default, because then
people will just ignore the real ones when they pop up. That already
happens much too frequently.

                Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ