lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 1 Feb 2018 12:46:02 +0100
From:   Arnd Bergmann <arnd@...db.de>
To:     Geert Uytterhoeven <geert@...ux-m68k.org>
Cc:     Herbert Xu <herbert@...dor.apana.org.au>,
        "David S . Miller" <davem@...emloft.net>,
        Christopher Li <sparse@...isli.org>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Tom Lendacky <thomas.lendacky@....com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" 
        <linux-crypto@...r.kernel.org>, linux-sparse@...r.kernel.org,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 2/3] compiler-gcc.h: __nostackprotector needs gcc-4.4 and up

On Thu, Feb 1, 2018 at 11:21 AM, Geert Uytterhoeven
<geert@...ux-m68k.org> wrote:
> Gcc versions before 4.4 do not recognize the __optimize__ compiler
> attribute:
>
>     warning: ‘__optimize__’ attribute directive ignored
>
> Fixes: 7375ae3a0b79ea07 ("compiler-gcc.h: Introduce __nostackprotector function attribute")
> Signed-off-by: Geert Uytterhoeven <geert@...ux-m68k.org>
> ---
> Can anyone please verify this?
> Apparently __nostackprotector is used on x86 only, which is usually
> served by modern compilers.

I've checked that __optimize("no-stack-protector") is accepted by exactly those
compilers that your 40400 version check tests for, across all architectures, so
that's fine.

However,  looking at commit 91cfc88c66bf ("x86: Use __nostackprotect for
sme_encrypt_kernel"), I suspect that gcc-4.1 through 4.3 will now cause
a runtime failure in sme_encrypt_kernel() without a compile-time warning.

I would leave __nostackprotector unchanged here, so we at least get
a warning for functions that need to disable the stack protector to work
correctly.

We might want to add an #ifdef CONFIG_CC_STACKPROTECTOR around
the __nostackprotector definition, so that we only warn if stackprotector
is globally enabled.

       Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ