lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAK7LNAQ8RCAKWhwWNVA6jv-MGNCRFjsiBw2U6Y+3SDmv=7XGJg@mail.gmail.com>
Date: Thu, 30 Jan 2025 11:35:14 +0900
From: Masahiro Yamada <masahiroy@...nel.org>
To: Kees Cook <kees@...nel.org>
Cc: Jakub Jelinek <jakub@...hat.com>, Nathan Chancellor <nathan@...nel.org>, 
	Nicolas Schier <nicolas@...sle.eu>, linux-kbuild@...r.kernel.org, 
	Andrew Morton <akpm@...ux-foundation.org>, Nick Desaulniers <ndesaulniers@...gle.com>, 
	Bill Wendling <morbo@...gle.com>, Justin Stitt <justinstitt@...gle.com>, linux-kernel@...r.kernel.org, 
	llvm@...ts.linux.dev, linux-hardening@...r.kernel.org
Subject: Re: [PATCH v2 3/3] kbuild: Use -fzero-init-padding-bits=all

On Tue, Jan 28, 2025 at 4:10 AM Kees Cook <kees@...nel.org> wrote:
>
> GCC 15 introduces a regression in "= { 0 }" style initialization of
> unions that Linux has depended on for eliminating uninitialized variable
> contents. GCC does not seem likely to fix it[1], instead suggesting[2]
> that affected projects start using -fzero-init-padding-bits=unions.
>
> To avoid future surprises beyond just the current situation with unions,
> enable -fzero-init-padding-bits=all when available (GCC 15+). This will
> correctly zero padding bits in unions and structs that might have been
> left uninitialized, and will make sure there is no immediate regression
> in union initializations. As seen in the stackinit KUnit selftest union
> cases, which were passing before, were failing under GCC 15:
>
>     not ok 18 test_small_start_old_zero
>     ok 29 test_small_start_dynamic_partial # SKIP XFAIL uninit bytes: 63
>     ok 32 test_small_start_assigned_dynamic_partial # SKIP XFAIL uninit bytes: 63
>     ok 67 test_small_start_static_partial # SKIP XFAIL uninit bytes: 63
>     ok 70 test_small_start_static_all # SKIP XFAIL uninit bytes: 56
>     ok 73 test_small_start_dynamic_all # SKIP XFAIL uninit bytes: 56
>     ok 82 test_small_start_assigned_static_partial # SKIP XFAIL uninit bytes: 63
>     ok 85 test_small_start_assigned_static_all # SKIP XFAIL uninit bytes: 56
>     ok 88 test_small_start_assigned_dynamic_all # SKIP XFAIL uninit bytes: 56
>
> The above all now pass again with -fzero-init-padding-bits=all added.
>
> This also fixes the following cases for struct initialization that had
> been XFAIL until now because there was no compiler support beyond the
> larger "-ftrivial-auto-var-init=zero" option:
>
>     ok 38 test_small_hole_static_all # SKIP XFAIL uninit bytes: 3
>     ok 39 test_big_hole_static_all # SKIP XFAIL uninit bytes: 124
>     ok 40 test_trailing_hole_static_all # SKIP XFAIL uninit bytes: 7
>     ok 42 test_small_hole_dynamic_all # SKIP XFAIL uninit bytes: 3
>     ok 43 test_big_hole_dynamic_all # SKIP XFAIL uninit bytes: 124
>     ok 44 test_trailing_hole_dynamic_all # SKIP XFAIL uninit bytes: 7
>     ok 58 test_small_hole_assigned_static_all # SKIP XFAIL uninit bytes: 3
>     ok 59 test_big_hole_assigned_static_all # SKIP XFAIL uninit bytes: 124
>     ok 60 test_trailing_hole_assigned_static_all # SKIP XFAIL uninit bytes: 7
>     ok 62 test_small_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 3
>     ok 63 test_big_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 124
>     ok 64 test_trailing_hole_assigned_dynamic_all # SKIP XFAIL uninit bytes: 7
>
> All of the above now pass when built under GCC 15. Tests can be seen
> with:
>
>     ./tools/testing/kunit/kunit.py run stackinit --arch=x86_64 \
>         --make_option CC=gcc-15
>
> Clang continues to fully initialize these kinds of variables[3] with
> additional flags.
>
> Suggested-by: Jakub Jelinek <jakub@...hat.com>
> Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=118403 [1]
> Link: https://lore.kernel.org/linux-toolchains/Z0hRrrNU3Q+ro2T7@tucnak/ [2]
> Link: https://github.com/llvm/llvm-project/commit/7a086e1b2dc05f54afae3591614feede727601fa [3]
> Reviewed-by: Nathan Chancellor <nathan@...nel.org>
> Signed-off-by: Kees Cook <kees@...nel.org>
> ---



Acked-by: Masahiro Yamada <masahiroy@...nel.org>






> Cc: Masahiro Yamada <masahiroy@...nel.org>
> Cc: Nicolas Schier <nicolas@...sle.eu>
> Cc: linux-kbuild@...r.kernel.org
> ---
>  scripts/Makefile.extrawarn | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn
> index 1d13cecc7cc7..eb719f6d8d53 100644
> --- a/scripts/Makefile.extrawarn
> +++ b/scripts/Makefile.extrawarn
> @@ -77,6 +77,9 @@ KBUILD_CFLAGS += $(call cc-option,-Werror=designated-init)
>  # Warn if there is an enum types mismatch
>  KBUILD_CFLAGS += $(call cc-option,-Wenum-conversion)
>
> +# Explicitly clear padding bits during variable initialization
> +KBUILD_CFLAGS += $(call cc-option,-fzero-init-padding-bits=all)
> +
>  KBUILD_CFLAGS += -Wextra
>  KBUILD_CFLAGS += -Wunused
>
> --
> 2.34.1
>


-- 
Best Regards
Masahiro Yamada

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ