lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Wed, 13 Feb 2019 17:03:45 +1100
From:   Stephen Rothwell <sfr@...b.auug.org.au>
To:     Andrew Morton <akpm@...ux-foundation.org>,
        Kees Cook <keescook@...gle.com>
Cc:     Linux Next Mailing List <linux-next@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Andrey Ryabinin <aryabinin@...tuozzo.com>
Subject: linux-next: manual merge of the akpm-current tree with the kspp
 tree

Hi Andrew,

Today's linux-next merge of the akpm-current tree got a conflict in:

  scripts/gcc-plugins/Kconfig

between commit:

  9219e54be983 ("gcc-plugins: structleak: Generalize to all variable types")

from the kspp tree and commit:

  7fabedf42152 ("kasan: remove use after scope bugs detection.")

from the akpm-current tree.

I fixed it up (see below) and can carry the fix as necessary. This
is now fixed as far as linux-next is concerned, but any non trivial
conflicts should be mentioned to your upstream maintainer when your tree
is submitted for merging.  You may also want to consider cooperating
with the maintainer of the conflicting tree to minimise any particularly
complex conflicts.

-- 
Cheers,
Stephen Rothwell

diff --cc scripts/gcc-plugins/Kconfig
index d0cc92e48f6f,d9fd9988ef27..000000000000
--- a/scripts/gcc-plugins/Kconfig
+++ b/scripts/gcc-plugins/Kconfig
@@@ -67,22 -67,13 +67,18 @@@ config GCC_PLUGIN_LATENT_ENTROP
  	   * https://pax.grsecurity.net/
  
  config GCC_PLUGIN_STRUCTLEAK
 -	bool "Force initialization of variables containing userspace addresses"
 +	bool "Zero initialize stack variables"
- 	# Currently STRUCTLEAK inserts initialization out of live scope of
- 	# variables from KASAN point of view. This leads to KASAN false
- 	# positive reports. Prohibit this combination for now.
- 	depends on !KASAN_EXTRA
  	help
 -	  This plugin zero-initializes any structures containing a
 -	  __user attribute. This can prevent some classes of information
 -	  exposures.
 -
 -	  This plugin was ported from grsecurity/PaX. More information at:
 +	  While the kernel is built with warnings enabled for any missed
 +	  stack variable initializations, this warning is silenced for
 +	  anything passed by reference to another function, under the
 +	  occasionally misguided assumption that the function will do
 +	  the initialization. As this regularly leads to exploitable
 +	  flaws, this plugin is available to identify and zero-initialize
 +	  such variables, depending on the chosen level of coverage.
 +
 +	  This plugin was originally ported from grsecurity/PaX. More
 +	  information at:
  	   * https://grsecurity.net/
  	   * https://pax.grsecurity.net/
  

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ