lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aX5NG2aOyvTXU6qZ@outflux.net>
Date: Sat, 31 Jan 2026 10:42:35 -0800
From: Kees Cook <kees@...ian.org>
To: Peter Zijlstra <peterz@...radead.org>, mingo@...nel.org, oleg@...hat.com,
        linux-kernel@...r.kernel.org, debian-kernel@...ts.debian.org,
        kees@...nel.org
Subject: Re: [PATCH] seqlock: Allow UBSAN to fail optimizing

On Sat, Jan 31, 2026 at 10:39:42AM +0100, Salvatore Bonaccorso wrote:
> Kees, Peter approached the Debian kernel list above to drop
> CONFIG_UBSAN again, which, so I think we need to revert your
> 6cfadabfe015 ("Enable UBSAN_BOUNDS and UBSAN_SHIFT"):
> https://salsa.debian.org/kernel-team/linux/-/commit/6cfadabfe015fa0d659fc8e3efd495cbcae3e44e
> 
> I have make a MR for our packaging for the change in
> https://salsa.debian.org/kernel-team/linux/-/merge_requests/1804

I am strongly opposed -- this undoes years of security flaw mitigation
work and leaves Debian (and only Debian!) exposed to trivial array index
overflows. The bounds sanitizer is the corner stone of memory safety
for C, and is not some "experimental" feature. GCC has a long history
of trouble with inlining, so this is not something unique to enabling
this feature.

I replied similarly to the PR. This would be a major mistake to disable.

-Kees

-- 
Kees Cook                                            @debian.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ