lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <46d20fac2dc15d842ebf23c62372ecdb892d7efd.camel@perches.com> Date: Tue, 26 Jun 2018 13:21:35 -0700 From: Joe Perches <joe@...ches.com> To: Kees Cook <keescook@...omium.org>, linux-kernel@...r.kernel.org Cc: "Gustavo A. R. Silva" <gustavo@...eddedor.com>, Masahiro Yamada <yamada.masahiro@...ionext.com>, Michal Marek <michal.lkml@...kovi.net>, Andrew Morton <akpm@...ux-foundation.org>, Palmer Dabbelt <palmer@...belt.com>, Matt Redfearn <matt.redfearn@...s.com>, Sebastian Andrzej Siewior <bigeasy@...utronix.de>, David Airlie <airlied@...ux.ie>, linux-kbuild@...r.kernel.org, intel-gfx@...ts.freedesktop.org, dri-devel@...ts.freedesktop.org, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: [RFC][PATCH] Makefile: globally enable VLA warning On Tue, 2018-06-26 at 10:40 -0700, Kees Cook wrote: > This is the patch I've got prepared now that fixes for all VLAs have been > sent to maintainers (some are still under review/adjustment, but there > aren't any unexplored cases left). My intention would be to have this land > at the end of the next merge window after all the pending VLA patches > have landed. I just wanted to get any feedback here, since it touches > a couple areas in the process and I didn't want anyone to be surprised. :) [] > diff --git a/Makefile b/Makefile [] > @@ -778,6 +778,9 @@ NOSTDINC_FLAGS += -nostdinc -isystem $(shell $(CC) -print-file-name=include) > # warn about C99 declaration after statement > KBUILD_CFLAGS += $(call cc-option,-Wdeclaration-after-statement,) > > +# VLAs should not be used anywhere in the kernel > +KBUILD_CFLAGS += $(call cc-option,-Wvla) I'd probably spell out what a VLA is here. # VLAs (Variable Length Arrays) should not be used anywhere in the kernel Beyond that, seems sensible, thanks.
Powered by blists - more mailing lists