| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250121215122.GA1517789@ax162> Date: Tue, 21 Jan 2025 14:51:22 -0700 From: Nathan Chancellor <nathan@...nel.org> To: Kees Cook <kees@...nel.org> Cc: Masahiro Yamada <masahiroy@...nel.org>, Jakub Jelinek <jakub@...hat.com>, Nicolas Schier <nicolas@...sle.eu>, linux-kbuild@...r.kernel.org, Stephen Hemminger <stephen@...workplumber.org>, linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH] kbuild: Use -fzero-init-padding-bits=all On Mon, Jan 20, 2025 at 04:36:53PM -0800, Kees Cook wrote: > Enable -fzero-init-padding-bits=all when available (GCC 15+). This will > correctly zero padding bits in structs and unions that might have been > left uninitialized, and will make sure there is no regression in union > initializations[1]. This fixes the following stackinit KUnit selftest > cases that had been XFAIL until now because there was no compiler > support: > > ok 38 test_small_hole_static_all # SKIP XFAIL uninit bytes: 3 > ok 39 test_big_hole_static_all # SKIP XFAIL uninit bytes: 124 > ok 40 test_trailing_hole_static_all # SKIP XFAIL uninit bytes: 7 > ok 42 test_small_hole_dynamic_all # SKIP XFAIL uninit bytes: 3 > ok 43 test_big_hole_dynamic_all # SKIP XFAIL uninit bytes: 124 > ok 44 test_trailing_hole_dynamic_all # SKIP XFAIL uninit bytes: 7 > ok 58 test_small_hole_assigned_static_all # SKIP XFAIL uninit bytes: 3 > ok 59 test_big_hole_assigned_static_all # SKIP XFAIL uninit bytes: 124 > ok 60 test_trailing_hole_assigned_static_all # SKIP XFAIL uninit bytes: 7 > ok 62 test_small_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 3 > ok 63 test_big_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 124 > ok 64 test_trailing_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 7 > > All of the above now pass when built under GCC 15: > > ./tools/testing/kunit/kunit.py run stackinit --arch=x86_64 \ > --make_option CC=gcc-15 > > Suggested-by: Jakub Jelinek <jakub@...hat.com> > Link: https://lore.kernel.org/linux-toolchains/Z0hRrrNU3Q+ro2T7@tucnak/ [1] > Signed-off-by: Kees Cook <kees@...nel.org> Reviewed-by: Nathan Chancellor <nathan@...nel.org> As far as I understand it, clang has decided to do this unconditionally: https://github.com/llvm/llvm-project/commit/7a086e1b2dc05f54afae3591614feede727601fa > --- > Cc: Masahiro Yamada <masahiroy@...nel.org> > Cc: Nathan Chancellor <nathan@...nel.org> > Cc: Nicolas Schier <nicolas@...sle.eu> > Cc: linux-kbuild@...r.kernel.org > --- > scripts/Makefile.extrawarn | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn > index 1d13cecc7cc7..eb719f6d8d53 100644 > --- a/scripts/Makefile.extrawarn > +++ b/scripts/Makefile.extrawarn > @@ -77,6 +77,9 @@ KBUILD_CFLAGS += $(call cc-option,-Werror=designated-init) > # Warn if there is an enum types mismatch > KBUILD_CFLAGS += $(call cc-option,-Wenum-conversion) > > +# Explicitly clear padding bits during variable initialization > +KBUILD_CFLAGS += $(call cc-option,-fzero-init-padding-bits=all) > + > KBUILD_CFLAGS += -Wextra > KBUILD_CFLAGS += -Wunused > > -- > 2.34.1 >
Powered by blists - more mailing lists