| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202109061013.E4730B3B42@keescook>
Date: Mon, 6 Sep 2021 10:19:11 -0700
From: Kees Cook <keescook@...omium.org>
To: Mark Brown <broonie@...nel.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Arnd Bergmann <arnd@...db.de>, Daniel Vetter <daniel@...ll.ch>,
Dan Williams <dan.j.williams@...el.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
Keith Packard <keithp@...thp.com>,
Nathan Chancellor <nathan@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>,
linux-hardening@...r.kernel.org
Subject: Re: [GIT PULL] overflow updates for v5.15-rc1
On Mon, Sep 06, 2021 at 12:43:50PM +0100, Mark Brown wrote:
> If you're looking for coverage on this stuff it's also good to check
> with clang as well, it's sufficiently different that it often triggers
> extra stuff [...]
Yup, I tested across multiple GCC and Clang versions, which is
why the failures came as such a surprise. And specifically, these
overflow changes have been designed with Clang in mind (as well as GCC
obviously). (i.e. see the patch[0] in this series, and the last patch[1]
in the coming series.)
-Kees
[0] https://lore.kernel.org/lkml/20210822075122.864511-17-keescook@chromium.org/
[1] https://lore.kernel.org/lkml/20210818060533.3569517-64-keescook@chromium.org/
--
Kees Cook
Powered by blists - more mailing lists