lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1937a2ee168.28a7.85c95baa4474aabc7814e68940a78392@paul-moore.com>
Date: Fri, 29 Nov 2024 18:08:33 -0500
From: Paul Moore <paul@...l-moore.com>
To: Steven Rostedt <rostedt@...dmis.org>
CC: Yafang Shao <laoar.shao@...il.com>, Kees Cook <keescook@...omium.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Masami Hiramatsu <mhiramat@...nel.org>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, Thomas Gleixner <tglx@...utronix.de>, Sebastian Andrzej Siewior <bigeasy@...utronix.de>, Miguel Ojeda <ojeda@...nel.org>, Alice Ryhl <aliceryhl@...gle.com>, <rust-for-linux@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>, Justin Stitt <justinstitt@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [GIT PULL] tracing: More updates for 6.13

On November 29, 2024 8:26:51 AM Steven Rostedt <rostedt@...dmis.org> wrote:
> On Fri, 29 Nov 2024 08:14:56 -0500
> Paul Moore <paul@...l-moore.com> wrote:
>
>>> The issue appears to be a known GCC bug, though the root cause remains
>>> unclear at this time.
>>>
>>> A potential workaround has been proposed, which you can find here:
>>> https://lore.kernel.org/linux-hardening/202410171059.C2C395030@keescook/
>>>
>>> However, it seems that the patch has not yet been accepted into the mainline.
>>
>> I didn't pull that into the audit tree because it isn't a real patch.
>> Looking at it again on my phone before today's holiday stuff kicks off, I
>> don't have a problem with the workaround, but i do need to see it as a
>> proper patch with a commit description, sign off, etc. before I can merge it.
>
> Yeah, from the comment I was expecting to see a proper patch.

So was I :). To be perfectly honest I was really expecting this to get 
sorted with some compiler flag, workaround, etc. If we have to fix it by 
hacking around it in the audit code that's okay (the hack looks pretty 
minor) but it's not still a kludge.

>
>> For anyone who is going to put together a patch, please make it clear that
>> it is a compiler bug and provide the associated bug report links.
>
> If it matters, with that patch applied, all my tests were able to
> complete with success.
>
> Tested-by: Steven Rostedt (Google) <rostedt@...dmis.org>

Thanks.

--
paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ