| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5jKZYEK7Asy4KwtfVVxHLFbpeqpWWEOM-60h7h4gj3JZrw@mail.gmail.com>
Date: Thu, 20 Sep 2018 12:52:57 -0700
From: Kees Cook <keescook@...omium.org>
To: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
LKML <linux-kernel@...r.kernel.org>,
Andreas Dilger <adilger.kernel@...ger.ca>,
Masahiro Yamada <yamada.masahiro@...ionext.com>,
Michal Marek <michal.lkml@...kovi.net>,
Steven Rostedt <rostedt@...dmis.org>,
Mauro Carvalho Chehab <mchehab+samsung@...nel.org>,
Olof Johansson <olof@...m.net>,
Konstantin Ryabitsev <konstantin@...uxfoundation.org>,
"David S . Miller" <davem@...emloft.net>,
Andrey Ryabinin <aryabinin@...tuozzo.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...nel.org>,
Paul Lawrence <paullawrence@...gle.com>,
Sandipan Das <sandipan@...ux.vnet.ibm.com>,
Andrey Konovalov <andreyknvl@...gle.com>,
David Woodhouse <dwmw2@...radead.org>,
Will Deacon <will.deacon@....com>,
Philippe Ombredanne <pombredanne@...b.com>,
Paul Burton <paul.burton@...s.com>,
David Rientjes <rientjes@...gle.com>, Willy Tarreau <w@....eu>,
Martin Sebor <msebor@...il.com>,
Christopher Li <sparse@...isli.org>,
Jonathan Corbet <corbet@....net>,
"Theodore Ts'o" <tytso@....edu>,
Geert Uytterhoeven <geert@...ux-m68k.org>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
Joe Perches <joe@...ches.com>, Arnd Bergmann <arnd@...db.de>,
Dominique Martinet <asmadeus@...ewreck.org>,
Stefan Agner <stefan@...er.ch>,
Luc Van Oostenryck <luc.vanoostenryck@...il.com>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
"open list:DOCUMENTATION" <linux-doc@...r.kernel.org>,
Ext4 Developers List <linux-ext4@...r.kernel.org>,
Sparse Mailing-list <linux-sparse@...r.kernel.org>,
linux-kbuild <linux-kbuild@...r.kernel.org>
Subject: Re: [PATCH v5 13/15] Compiler Attributes: enable -Wstringop-truncation
on W=1 (gcc >= 8)
On Thu, Sep 20, 2018 at 10:22 AM, Miguel Ojeda
<miguel.ojeda.sandonis@...il.com> wrote:
> Commit 217c3e019675 ("disable stringop truncation warnings for now")
> disabled -Wstringop-truncation since it was too noisy.
>
> Having __nonstring available allows us to let GCC know that a string
> is not meant to be NUL-terminated, which helps suppressing some
> -Wstringop-truncation warnings.
>
> Note that using __nonstring actually triggers other warnings
> (-Wstringop-overflow, which is on by default) which may be real
> problems. Therefore, cleaning up -Wstringop-truncation warnings
> also buys us the ability to uncover further potential problems.
>
> To encourage the use of __nonstring, we put the warning back at W=1.
> In the future, if we end up with a fairly warning-free tree,
> we might want to enable it by default.
>
> Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
Yessss. :)
Reviewed-by: Kees Cook <keescook@...omium.org>
-Kees
> ---
> scripts/Makefile.extrawarn | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn
> index 8d5357053f86..b8f36f5f43f2 100644
> --- a/scripts/Makefile.extrawarn
> +++ b/scripts/Makefile.extrawarn
> @@ -29,6 +29,7 @@ warning-1 += $(call cc-option, -Wmissing-include-dirs)
> warning-1 += $(call cc-option, -Wunused-but-set-variable)
> warning-1 += $(call cc-option, -Wunused-const-variable)
> warning-1 += $(call cc-option, -Wpacked-not-aligned)
> +warning-1 += $(call cc-option, -Wstringop-truncation)
> warning-1 += $(call cc-disable-warning, missing-field-initializers)
> warning-1 += $(call cc-disable-warning, sign-compare)
>
> --
> 2.17.1
>
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists