lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 28 Jan 2021 14:52:07 -0600
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     Masahiro Yamada <masahiroy@...nel.org>,
        Michal Marek <michal.lkml@...kovi.net>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Kees Cook <keescook@...omium.org>,
        linux-hardening@...r.kernel.org,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Justin Forbes <jforbes@...hat.com>,
        Ondrej Mosnacek <omosnace@...hat.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Christoph Hellwig <hch@...radead.org>,
        Miroslav Benes <mbenes@...e.cz>,
        David Laight <David.Laight@...lab.com>,
        Jessica Yu <jeyu@...nel.org>
Subject: Re: [PATCH RFC] kbuild: Prevent compiler mismatch with external
 modules

On Thu, Jan 28, 2021 at 12:24:45PM -0800, Linus Torvalds wrote:
> On Thu, Jan 28, 2021 at 12:08 PM Josh Poimboeuf <jpoimboe@...hat.com> wrote:
> >
> > Add a check for compiler mismatch, but only check the major version.
> 
> I think this is wrong for multiple reasons.
> 
> The most fundamental reason is that it's pointless and doesn't
> actually do what you claim it does.
> 
> Just doing a "make oldconfig" will reset the CONFIG_xyz_VERSION to
> whatever is installed, and now your check doesn't actually do
> anything, since you're not actually checking what the kernel was
> compiled with!

Huh?  Why would you do a "make oldconfig" on a distro-released kernel
before building an OOT module?

Usually you build an OOT module against /lib/modules/$(uname -r)/build,
and the .config isn't even writable.

> So I think that check is pointless and entirely misleading. It doesn't
> do what you want it to do, and what you claim it does.

It's not a magic bullet, but doesn't it catch the vast majority of use
cases?  Which makes it a lot better than what we have now (nothing).

> I'm not convinced about the whole magic vs minor argument either. The
> whole "new compiler features" thing is a red herring - even if you do
> have new compiler features, that in itself has very little to do with
> whether the resulting object files are compatible or not.

Hm?  Are you saying the check is too strict, since GCC9 binaries _might_
be compatible with GCC10?

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ