lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <202505292153.14B0A688F8@keescook>
Date: Thu, 29 May 2025 22:12:22 -0700
From: Kees Cook <kees@...nel.org>
To: Thiago Jung Bauermann <thiago.bauermann@...aro.org>
Cc: akpm@...ux-foundation.org, arnd@...db.de, broonie@...nel.org,
	davidgow@...gle.com, diego.daniel.professional@...il.com,
	gnoack@...gle.com, gustavoars@...nel.org, jmorris@...ei.org,
	justinstitt@...gle.com, linux-hardening@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org,
	linux@...blig.org, llvm@...ts.linux.dev, mcgrof@...nel.org,
	mic@...ikod.net, morbo@...gle.com, nathan@...nel.org,
	nick.desaulniers+lkml@...il.com, paul@...l-moore.com,
	pmladek@...e.com, rmoar@...gle.com, serge@...lyn.com,
	tamird@...il.com, wangyuli@...ontech.com
Subject: Re: [PATCH 3/3] Revert "hardening: Disable GCC randstruct for
 COMPILE_TEST"

On Thu, May 29, 2025 at 09:06:46PM -0300, Thiago Jung Bauermann wrote:
> This commit was reported by our CI as breaking the allmodconfig build for
> the arm and arm64 architectures when using GCC 15. This is due to
> https://github.com/KSPP/linux/issues/367 :
> 
> 00:05:08 arch/arm64/kernel/kexec_image.c:132:14: internal compiler error: in comptypes_check_enum_int, at c/c-typeck.cc:1519
> 00:05:08   132 | const struct kexec_file_ops kexec_image_ops = {
> 00:05:08       |              ^~~~~~~~~~~~~~

I'm not able to reproduce this. Which specific version of GCC 15 and
on what distro are you seeing this?

This is Fedora 42 for me:

$ aarch64-linux-gnu-gcc --version
aarch64-linux-gnu-gcc (GCC) 15.1.1 20250425 (Red Hat Cross 15.1.1-1)
...
$ make O=gcc-arm64 ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- allmodconfig
$ grep RANDSTRUCT gcc-arm64/.config
# CONFIG_RANDSTRUCT_NONE is not set
CONFIG_RANDSTRUCT_FULL=y
# CONFIG_RANDSTRUCT_PERFORMANCE is not set
CONFIG_RANDSTRUCT=y
CONFIG_GCC_PLUGIN_RANDSTRUCT=y
CONFIG_RANDSTRUCT_KUNIT_TEST=m
$ make O=gcc-arm64 ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- all -s
$ file gcc-arm64/vmlinux
gcc-arm64/vmlinux: ELF 64-bit LSB pie executable, ARM aarch64, version 1 (SYSV), statically linked, BuildID[sha1]=b53656cb73bb82f4e19edbfa54241c203daa3fed, not stripped


And the new KUnit randstruct selftests all pass as well:

$ ./tools/testing/kunit/kunit.py run \
	--arch arm64 --cross_compile aarch64-linux-gnu- \
	--kconfig_add CONFIG_RANDSTRUCT_FULL=y randstruct
...
# Totals: pass:5 fail:0 skip:0 total:5



-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ