| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202203251511.4F76EAB@keescook>
Date: Fri, 25 Mar 2022 15:29:01 -0700
From: Kees Cook <keescook@...omium.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-kernel@...r.kernel.org, Arnd Bergmann <arnd@...db.de>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
Kees Cook <keescook@...omium.org>,
linux-kbuild@...r.kernel.org,
Masahiro Yamada <masahiroy@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>
Subject: [GIT PULL] array-bounds updates for v5.18-rc1
Hi Linus,
Please pull these array-bounds updates for v5.18-rc1. Like the
FORTIFY_SOURCE tree, I was waiting for all the various other trees with
fixes to get merged. It looks like scsi was the last major tree I was
waiting on. This enables -Warray-bounds and -Wzero-length-bounds, now
that the many bug fixes have landed all over the place in the kernel,
and in GCC itself[1].
Earlier build testing of this series merged against your tree didn't show
any new warnings, but as this option has been a bit of a whack-a-mole
over the last development cycle in -next, it's possible new cases
have appeared. We will remain vigilant. :) A couple fixes[2] for known
corner-case issues currently live in my "pending-fixes" tree which I'm
expecting to send next week if other maintainers still haven't picked
them up.
I'm also expecting we can enable -Wstringop-overflow next cycle, as
there are only a few stragglers[3], but it might even be possible for
this release.
Thanks!
-Kees
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578
[2] https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?h=for-next/pending-fixes&id=2d253138910eec553fc706379914243d71de9b85
[3] https://github.com/KSPP/linux/issues/181
The following changes since commit dfd42facf1e4ada021b939b4e19c935dcdd55566:
Linux 5.17-rc3 (2022-02-06 12:20:50 -0800)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/array-bounds-v5.18-rc1
for you to fetch changes up to 00a4f836eb369723b148e3f250c850a028778832:
Makefile: Enable -Wzero-length-bounds (2022-02-13 16:49:40 -0800)
----------------------------------------------------------------
array-bounds updates for v5.18-rc1
- Enable -Warray-bounds globally
- Enable -Wzero-length-bounds globally
----------------------------------------------------------------
Kees Cook (2):
Makefile: Enable -Warray-bounds
Makefile: Enable -Wzero-length-bounds
Makefile | 2 --
1 file changed, 2 deletions(-)
--
Kees Cook
Powered by blists - more mailing lists