| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202505292153.14B0A688F8@keescook>
Date: Thu, 29 May 2025 22:12:22 -0700
From: Kees Cook <kees@...nel.org>
To: Thiago Jung Bauermann <thiago.bauermann@...aro.org>
Cc: akpm@...ux-foundation.org, arnd@...db.de, broonie@...nel.org,
davidgow@...gle.com, diego.daniel.professional@...il.com,
gnoack@...gle.com, gustavoars@...nel.org, jmorris@...ei.org,
justinstitt@...gle.com, linux-hardening@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org,
linux@...blig.org, llvm@...ts.linux.dev, mcgrof@...nel.org,
mic@...ikod.net, morbo@...gle.com, nathan@...nel.org,
nick.desaulniers+lkml@...il.com, paul@...l-moore.com,
pmladek@...e.com, rmoar@...gle.com, serge@...lyn.com,
tamird@...il.com, wangyuli@...ontech.com
Subject: Re: [PATCH 3/3] Revert "hardening: Disable GCC randstruct for
COMPILE_TEST"
On Thu, May 29, 2025 at 09:06:46PM -0300, Thiago Jung Bauermann wrote:
> This commit was reported by our CI as breaking the allmodconfig build for
> the arm and arm64 architectures when using GCC 15. This is due to
> https://github.com/KSPP/linux/issues/367 :
>
> 00:05:08 arch/arm64/kernel/kexec_image.c:132:14: internal compiler error: in comptypes_check_enum_int, at c/c-typeck.cc:1519
> 00:05:08 132 | const struct kexec_file_ops kexec_image_ops = {
> 00:05:08 | ^~~~~~~~~~~~~~
I'm not able to reproduce this. Which specific version of GCC 15 and
on what distro are you seeing this?
This is Fedora 42 for me:
$ aarch64-linux-gnu-gcc --version
aarch64-linux-gnu-gcc (GCC) 15.1.1 20250425 (Red Hat Cross 15.1.1-1)
...
$ make O=gcc-arm64 ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- allmodconfig
$ grep RANDSTRUCT gcc-arm64/.config
# CONFIG_RANDSTRUCT_NONE is not set
CONFIG_RANDSTRUCT_FULL=y
# CONFIG_RANDSTRUCT_PERFORMANCE is not set
CONFIG_RANDSTRUCT=y
CONFIG_GCC_PLUGIN_RANDSTRUCT=y
CONFIG_RANDSTRUCT_KUNIT_TEST=m
$ make O=gcc-arm64 ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- all -s
$ file gcc-arm64/vmlinux
gcc-arm64/vmlinux: ELF 64-bit LSB pie executable, ARM aarch64, version 1 (SYSV), statically linked, BuildID[sha1]=b53656cb73bb82f4e19edbfa54241c203daa3fed, not stripped
And the new KUnit randstruct selftests all pass as well:
$ ./tools/testing/kunit/kunit.py run \
--arch arm64 --cross_compile aarch64-linux-gnu- \
--kconfig_add CONFIG_RANDSTRUCT_FULL=y randstruct
...
# Totals: pass:5 fail:0 skip:0 total:5
--
Kees Cook
Powered by blists - more mailing lists