| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260201114741.GA3016024@noisy.programming.kicks-ass.net>
Date: Sun, 1 Feb 2026 12:47:41 +0100
From: Peter Zijlstra <peterz@...radead.org>
To: Kees Cook <kees@...ian.org>
Cc: mingo@...nel.org, oleg@...hat.com, linux-kernel@...r.kernel.org,
debian-kernel@...ts.debian.org, kees@...nel.org
Subject: Re: [PATCH] seqlock: Allow UBSAN to fail optimizing
On Sat, Jan 31, 2026 at 10:42:35AM -0800, Kees Cook wrote:
> On Sat, Jan 31, 2026 at 10:39:42AM +0100, Salvatore Bonaccorso wrote:
> > Kees, Peter approached the Debian kernel list above to drop
> > CONFIG_UBSAN again, which, so I think we need to revert your
> > 6cfadabfe015 ("Enable UBSAN_BOUNDS and UBSAN_SHIFT"):
> > https://salsa.debian.org/kernel-team/linux/-/commit/6cfadabfe015fa0d659fc8e3efd495cbcae3e44e
> >
> > I have make a MR for our packaging for the change in
> > https://salsa.debian.org/kernel-team/linux/-/merge_requests/1804
>
> I am strongly opposed -- this undoes years of security flaw mitigation
> work and leaves Debian (and only Debian!) exposed to trivial array index
> overflows. The bounds sanitizer is the corner stone of memory safety
> for C, and is not some "experimental" feature. GCC has a long history
> of trouble with inlining, so this is not something unique to enabling
> this feature.
>
> I replied similarly to the PR. This would be a major mistake to disable.
Why the heck is bounds checking part of UBSAN? The simple fix here is to
get it out from CONFIG_UBSAN, so that CONFIG_UBSAN is debug only crap.
Notably, none of the UBSAN configs that tripped the optimization fail
even had bounds checking enabled.
Powered by blists - more mailing lists