| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHmME9qm8Xo6ccUUBm=QJ4X9BfTc3WgkmWohHsi_+xaGsgY4rw@mail.gmail.com> Date: Sun, 23 Nov 2025 21:38:49 +0100 From: "Jason A. Donenfeld" <Jason@...c4.com> To: Eric Biggers <ebiggers@...nel.org> Cc: Ard Biesheuvel <ardb@...nel.org>, linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org, Herbert Xu <herbert@...dor.apana.org.au>, linux-hardening@...r.kernel.org, Kees Cook <kees@...nel.org> Subject: Re: [PATCH 0/6] lib/crypto: More at_least decorations On Sun, Nov 23, 2025 at 9:37 PM Eric Biggers <ebiggers@...nel.org> wrote: > > On Sun, Nov 23, 2025 at 09:31:19AM +0100, Ard Biesheuvel wrote: > > On Sat, 22 Nov 2025 at 20:42, Eric Biggers <ebiggers@...nel.org> wrote: > > > > > > This series depends on the 'at_least' macro added by > > > https://lore.kernel.org/r/20251122025510.1625066-4-Jason@zx2c4.com > > > It can also be retrieved from > > > > > > git fetch https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git more-at-least-decorations-v1 > > > > > > Add the at_least (i.e. 'static') decoration to the fixed-size array > > > parameters of more of the crypto library functions. This causes clang > > > to generate a warning if a too-small array of known size is passed. > > > > > > > FTR GCC does so too. > > See https://lore.kernel.org/linux-crypto/20251115021430.GA2148@sol/ > Unfortunately gcc puts these warnings under -Wstringop-overflow which > the kernel disables, so we don't see them. clang works, though. Is that disabling new? Look at the commit message in my chapoly patch... The warning shown there happened from a real live kernel build. Jason
Powered by blists - more mailing lists