| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200819191654.1130563-2-ndesaulniers@google.com>
Date: Wed, 19 Aug 2020 12:16:50 -0700
From: Nick Desaulniers <ndesaulniers@...gle.com>
To: Masahiro Yamada <masahiroy@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>
Cc: Michal Marek <michal.lkml@...kovi.net>,
linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org,
Kees Cook <keescook@...omium.org>,
Tony Luck <tony.luck@...el.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
Michael Ellerman <mpe@...erman.id.au>,
Joe Perches <joe@...ches.com>,
Joel Fernandes <joel@...lfernandes.org>,
Daniel Axtens <dja@...ens.net>,
Arvind Sankar <nivedita@...m.mit.edu>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Alexandru Ardelean <alexandru.ardelean@...log.com>,
Yury Norov <yury.norov@...il.com>, x86@...nel.org,
"H . Peter Anvin" <hpa@...or.com>,
Ard Biesheuvel <ardb@...nel.org>,
"Paul E . McKenney" <paulmck@...nel.org>,
Daniel Kiper <daniel.kiper@...cle.com>,
Bruce Ashfield <bruce.ashfield@...il.com>,
Marco Elver <elver@...gle.com>,
Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@...il.com>,
Andi Kleen <ak@...e.de>,
Linus Torvalds <torvalds@...ux-foundation.org>,
"Dávid Bolvanský" <david.bolvansky@...il.com>,
Eli Friedman <efriedma@...cinc.com>,
Nick Desaulniers <ndesaulniers@...gle.com>,
stable@...r.kernel.org, Sami Tolvanen <samitolvanen@...gle.com>
Subject: [PATCH v2 1/5] Makefile: add -fno-builtin-stpcpy
LLVM implemented a recent "libcall optimization" that lowers calls to
`sprintf(dest, "%s", str)` where the return value is used to
`stpcpy(dest, str) - dest`. This generally avoids the machinery involved
in parsing format strings. This optimization was introduced into
clang-12. Because the kernel does not provide an implementation of
stpcpy, we observe linkage failures for almost all targets when building
with ToT clang.
The interface is unsafe as it does not perform any bounds checking.
Disable this "libcall optimization" via `-fno-builtin-stpcpy`.
Cc: stable@...r.kernel.org # 4.4
Link: https://bugs.llvm.org/show_bug.cgi?id=47162
Link: https://github.com/ClangBuiltLinux/linux/issues/1126
Link: https://reviews.llvm.org/D85963
Reported-by: Sami Tolvanen <samitolvanen@...gle.com>
Suggested-by: Dávid Bolvanský <david.bolvansky@...il.com>
Suggested-by: Kees Cook <keescook@...omium.org>
Reviewed-by: Kees Cook <keescook@...omium.org>
Signed-off-by: Nick Desaulniers <ndesaulniers@...gle.com>
---
Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/Makefile b/Makefile
index 9cac6fde3479..e523dc8d30e0 100644
--- a/Makefile
+++ b/Makefile
@@ -578,6 +578,7 @@ ifneq ($(LLVM_IAS),1)
CLANG_FLAGS += -no-integrated-as
endif
CLANG_FLAGS += -Werror=unknown-warning-option
+CLANG_FLAGS += -fno-builtin-stpcpy
KBUILD_CFLAGS += $(CLANG_FLAGS)
KBUILD_AFLAGS += $(CLANG_FLAGS)
export CLANG_FLAGS
--
2.28.0.297.g1956fa8f8d-goog
Powered by blists - more mailing lists