lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Aug 2020 09:34:08 +0200 From: Greg KH <gregkh@...uxfoundation.org> To: Ard Biesheuvel <ardb@...nel.org> Cc: Nick Desaulniers <ndesaulniers@...gle.com>, Masahiro Yamada <masahiroy@...nel.org>, Andrew Morton <akpm@...ux-foundation.org>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Michal Marek <michal.lkml@...kovi.net>, linux-kbuild@...r.kernel.org, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Kees Cook <keescook@...omium.org>, Tony Luck <tony.luck@...el.com>, Dmitry Vyukov <dvyukov@...gle.com>, Michael Ellerman <mpe@...erman.id.au>, Joe Perches <joe@...ches.com>, Joel Fernandes <joel@...lfernandes.org>, Daniel Axtens <dja@...ens.net>, Arvind Sankar <nivedita@...m.mit.edu>, Andy Shevchenko <andriy.shevchenko@...ux.intel.com>, Alexandru Ardelean <alexandru.ardelean@...log.com>, Yury Norov <yury.norov@...il.com>, X86 ML <x86@...nel.org>, "H . Peter Anvin" <hpa@...or.com>, "Paul E . McKenney" <paulmck@...nel.org>, Daniel Kiper <daniel.kiper@...cle.com>, Bruce Ashfield <bruce.ashfield@...il.com>, Marco Elver <elver@...gle.com>, Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@...il.com>, Andi Kleen <ak@...e.de>, Linus Torvalds <torvalds@...ux-foundation.org>, Dávid Bolvanský <david.bolvansky@...il.com>, Eli Friedman <efriedma@...cinc.com>, "# 3.4.x" <stable@...r.kernel.org>, Sami Tolvanen <samitolvanen@...gle.com> Subject: Re: [PATCH 1/4] Makefile: add -fno-builtin-stpcpy On Tue, Aug 18, 2020 at 09:29:39AM +0200, Ard Biesheuvel wrote: > On Tue, 18 Aug 2020 at 09:25, Greg KH <gregkh@...uxfoundation.org> wrote: > > > > On Tue, Aug 18, 2020 at 09:10:01AM +0200, Ard Biesheuvel wrote: > > > On Tue, 18 Aug 2020 at 00:02, Nick Desaulniers <ndesaulniers@...gle.com> wrote: > > > > > > > > LLVM implemented a recent "libcall optimization" that lowers calls to > > > > `sprintf(dest, "%s", str)` where the return value is used to > > > > `stpcpy(dest, str) - dest`. This generally avoids the machinery involved > > > > in parsing format strings. This optimization was introduced into > > > > clang-12. Because the kernel does not provide an implementation of > > > > stpcpy, we observe linkage failures for almost all targets when building > > > > with ToT clang. > > > > > > > > The interface is unsafe as it does not perform any bounds checking. > > > > Disable this "libcall optimization" via `-fno-builtin-stpcpy`. > > > > > > > > Unlike > > > > commit 5f074f3e192f ("lib/string.c: implement a basic bcmp") > > > > which cited failures with `-fno-builtin-*` flags being retained in LLVM > > > > LTO, that bug seems to have been fixed by > > > > https://reviews.llvm.org/D71193, so the above sha can now be reverted in > > > > favor of `-fno-builtin-bcmp`. > > > > > > > > Cc: stable@...r.kernel.org # 4.4 > > > > > > Why does a fix for Clang-12 have to be backported all the way to v4.4? > > > How does that meet the requirements for stable patches? > > > > Because people like to build older kernels with new compliler versions. > > > > And those "people" include me, who doesn't want to keep around old > > compilers just because my distro moved to the latest one... > > > > We've been doing this for the past 4+ years, for new versions of gcc, > > keeping 4.4.y building properly with the bleeding edge of that compiler, > > why is clang any different here? > > > > Fair enough. I am just struggling to match stable-kernel-rules.rst > with the actual practices - perhaps it is time to update that > document? The rules are tiny and simple for 99% of the issues involved. Stuff like "add patches to fix build failures and warnings for newer compiler versions" are so rare (they only happen every 2 years or so), it's not worth it. thanks, greg k-h
Powered by blists - more mailing lists