lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20220312122000.GB28057@worktop.programming.kicks-ass.net>
Date:   Sat, 12 Mar 2022 13:20:00 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     Nathan Chancellor <nathan@...nel.org>
Cc:     x86@...nel.org, Nick Desaulniers <ndesaulniers@...gle.com>,
        linux-kernel@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: [PATCH] x86/ibt: Fix CC_HAS_IBT check for clang

On Fri, Mar 11, 2022 at 12:56:42PM -0700, Nathan Chancellor wrote:
> Commit 41c5ef31ad71 ("x86/ibt: Base IBT bits") added a check for a crash
> in clang. However, this check does not work for two reasons.
> 
> The first reason is that '-pg' is missing from the check, which is
> required for '-mfentry' to do anything.
> 
> The second reason is that cc-option only uses /dev/null as the input
> file, which does not show a problem:
> 
> $ clang --version | head -1
> Ubuntu clang version 12.0.1-8build1
> 
> $ clang -fcf-protection=branch -mfentry -pg -c -x c /dev/null -o /dev/null
> 
> $ echo $?
> 0
> 
> $ echo "void a(void) {}" | clang -fcf-protection=branch -mfentry -pg -c -x c - -o /dev/null
> ...
> 
> $ echo $?
> 139
> 
> Use this test instead so that the check works for older versions of
> clang.
> 
> Fixes: 41c5ef31ad71 ("x86/ibt: Base IBT bits")
> Signed-off-by: Nathan Chancellor <nathan@...nel.org>

Urgh... not pretty, but that's what we gotta live with I suppose.

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ