lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 21 Feb 2017 21:07:59 -0800
From:   Kees Cook <>
To:     Linus Torvalds <>
Cc:     Linux Kernel Mailing List <>,
        Emese Revfy <>
Subject: Re: [GIT PULL] gcc-plugins updates for v4.11-rc1

On Tue, Feb 21, 2017 at 6:34 PM, Linus Torvalds
<> wrote:
> On Tue, Feb 21, 2017 at 12:16 PM, Kees Cook <> wrote:
>> Please pull these gcc-plugins changes for v4.11-rc1. This includes two new
>> plugins for the upstream kernel: structleak and initify. The structleak
>> plugin performs forced initialization of certain structures to avoid
>> possible information exposures to userspace. The initify plugin performs
>> analysis to find functions and strings that can be marked as __init or
>> __exit to reduce the runtime size of the kernel.
> I pulled this, but then looked at the patch, and decided to unpull it.

Hrm, I will send a pull for just the infrastructure and structleak
changes, since those are independent from the initify changes.

> The crazy "__nocapture()" annotations are too ugly to live, and make
> no sense. They are basically random noise to some very core header
> files. And the "__unverified_nocapture()" ones are worse.

Is it the naming, or something else? I tried to document them as
clearly as I could... the initify plugin needs to figure out if a
string is being retained by a function to decide if it can safely be
moved into the .init section.

> I'm not sure how to fix this issue.

I'm open to ideas. :) Initify certainly has more annotations than most
of the pending plugins, but there needs to be a way to mark things for
plugin consumption.


Kees Cook
Pixel Security

Powered by blists - more mailing lists