From: Ingo Molnar <mingo@elte.hu>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Arjan van de Ven <arjan@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Pekka Enberg <penberg@cs.helsinki.fi>,
linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, James Morris <jmorris@namei.org>,
Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: 2.6.25-mm1: not looking good
Date: Fri, 18 Apr 2008 09:19:45 +0200 [thread overview]
Message-ID: <20080418071945.GA18044@elte.hu> (raw)
In-Reply-To: <20080417231038.72363123.akpm@linux-foundation.org>
* Andrew Morton <akpm@linux-foundation.org> wrote:
> On Thu, 17 Apr 2008 22:49:08 -0700 Arjan van de Ven <arjan@infradead.org> wrote:
>
> > On Thu, 17 Apr 2008 16:03:31 -0700
> > Andrew Morton <akpm@linux-foundation.org> wrote:
> >
> > >
> > > I repulled all the trees an hour or two ago, installed everything on
> > > an 8-way x86_64 box and:
> > >
> > >
> > > stack-protector:
> > >
> > > Testing -fstack-protector-all feature
> > > No -fstack-protector-stack-frame!
> > > -fstack-protector-all test failed
> >
> > do you have a stack-protector capable GCC? I guess not.
> >
> > This is a catch-22. You do not have stack-protector. Should we make that
> > a silent failure? or do you want to know that you don't have a security
> > feature you thought you had.... complaining seems to be the right thing to do imo.
>
> A #warning sounds more appropriate.
this warning is telling the user that the security feature that got
enabled in the .config is completely, 100% not working due to using a
stack-protector-incapable GCC.
it's analogous as if there was a bug in gcc that made SELinux totally
ineffective in some mitigate-exploit-damage scenarios. No harm done on a
perfectly bug-free system - but once a bug happens that SELinux should
have mitigated, the breakage becomes real. Having a prominent warning is
the _minimum_.
having a build failure would be nice too because this is a build
environment problem. (not a build warning - warnings can easily be
missed because on a typical kernel build there's so many false positives
that get emitted by various other warning mechanisms) Arjan?
Ingo
WARNING: multiple messages have this Message-ID (diff)
From: Ingo Molnar <mingo@elte.hu>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Arjan van de Ven <arjan@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Pekka Enberg <penberg@cs.helsinki.fi>,
linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, James Morris <jmorris@namei.org>,
Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: 2.6.25-mm1: not looking good
Date: Fri, 18 Apr 2008 09:19:45 +0200 [thread overview]
Message-ID: <20080418071945.GA18044@elte.hu> (raw)
In-Reply-To: <20080417231038.72363123.akpm@linux-foundation.org>
* Andrew Morton <akpm@linux-foundation.org> wrote:
> On Thu, 17 Apr 2008 22:49:08 -0700 Arjan van de Ven <arjan@infradead.org> wrote:
>
> > On Thu, 17 Apr 2008 16:03:31 -0700
> > Andrew Morton <akpm@linux-foundation.org> wrote:
> >
> > >
> > > I repulled all the trees an hour or two ago, installed everything on
> > > an 8-way x86_64 box and:
> > >
> > >
> > > stack-protector:
> > >
> > > Testing -fstack-protector-all feature
> > > No -fstack-protector-stack-frame!
> > > -fstack-protector-all test failed
> >
> > do you have a stack-protector capable GCC? I guess not.
> >
> > This is a catch-22. You do not have stack-protector. Should we make that
> > a silent failure? or do you want to know that you don't have a security
> > feature you thought you had.... complaining seems to be the right thing to do imo.
>
> A #warning sounds more appropriate.
this warning is telling the user that the security feature that got
enabled in the .config is completely, 100% not working due to using a
stack-protector-incapable GCC.
it's analogous as if there was a bug in gcc that made SELinux totally
ineffective in some mitigate-exploit-damage scenarios. No harm done on a
perfectly bug-free system - but once a bug happens that SELinux should
have mitigated, the breakage becomes real. Having a prominent warning is
the _minimum_.
having a build failure would be nice too because this is a build
environment problem. (not a build warning - warnings can easily be
missed because on a typical kernel build there's so many false positives
that get emitted by various other warning mechanisms) Arjan?
Ingo
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2008-04-18 7:20 UTC|newest]
Thread overview: 112+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-17 23:03 2.6.25-mm1: not looking good Andrew Morton
2008-04-17 23:03 ` Andrew Morton
2008-04-17 23:24 ` Greg KH
2008-04-17 23:24 ` Greg KH
2008-04-18 0:48 ` Kay Sievers
2008-04-18 0:48 ` Kay Sievers
2008-04-18 1:12 ` Andrew Morton
2008-04-18 1:12 ` Andrew Morton
2008-04-18 4:07 ` Andrew Morton
2008-04-18 4:07 ` Andrew Morton
2008-04-17 23:24 ` Dan Williams
2008-04-17 23:24 ` Dan Williams
2008-04-17 23:40 ` Andrew Morton
2008-04-17 23:40 ` Andrew Morton
2008-04-18 0:14 ` Andrew Morton
2008-04-18 0:14 ` Andrew Morton
2008-04-18 3:05 ` Jason Wessel
2008-04-18 3:05 ` Jason Wessel
2008-04-18 7:37 ` Ingo Molnar
2008-04-18 7:37 ` Ingo Molnar
2008-04-18 11:46 ` Vegard Nossum
2008-04-18 11:46 ` Vegard Nossum
2008-04-18 12:34 ` Ingo Molnar
2008-04-18 12:34 ` Ingo Molnar
2008-04-18 12:41 ` Vegard Nossum
2008-04-18 12:41 ` Vegard Nossum
2008-04-18 13:02 ` Jason Wessel
2008-04-18 13:02 ` Jason Wessel
2008-04-18 13:22 ` Vegard Nossum
2008-04-18 13:22 ` Vegard Nossum
2008-04-18 13:27 ` Jason Wessel
2008-04-18 13:27 ` Jason Wessel
2008-04-18 14:47 ` Vegard Nossum
2008-04-18 14:47 ` Vegard Nossum
2008-04-18 16:02 ` Vegard Nossum
2008-04-18 16:02 ` Vegard Nossum
2008-04-18 21:54 ` Jason Wessel
2008-04-18 21:54 ` Jason Wessel
2008-04-17 23:55 ` Paul Moore
2008-04-17 23:55 ` Paul Moore
2008-04-18 0:04 ` Andrew Morton
2008-04-18 0:04 ` Andrew Morton
2008-04-18 14:55 ` Paul Moore
2008-04-18 14:55 ` Paul Moore
2008-04-18 1:35 ` Andrew Morton
2008-04-18 1:35 ` Andrew Morton
2008-04-18 14:57 ` Paul Moore
2008-04-18 14:57 ` Paul Moore
2008-04-18 5:49 ` Arjan van de Ven
2008-04-18 5:49 ` Arjan van de Ven
2008-04-18 6:10 ` Andrew Morton
2008-04-18 6:10 ` Andrew Morton
2008-04-18 7:19 ` Ingo Molnar [this message]
2008-04-18 7:19 ` Ingo Molnar
2008-04-18 7:28 ` Andrew Morton
2008-04-18 7:28 ` Andrew Morton
2008-04-18 9:28 ` Ingo Molnar
2008-04-18 9:28 ` Ingo Molnar
2008-04-18 13:58 ` Stack protector build failure (was Re: 2.6.25-mm1: not looking good) Arjan van de Ven
2008-04-18 16:57 ` Arjan van de Ven
2008-04-18 6:40 ` 2.6.25-mm1: not looking good Pekka Enberg
2008-04-18 6:40 ` Pekka Enberg
2008-04-18 6:56 ` Andrew Morton
2008-04-18 6:56 ` Andrew Morton
2008-04-18 7:24 ` Ingo Molnar
2008-04-18 7:24 ` Ingo Molnar
2008-04-18 7:25 ` Pekka Enberg
2008-04-18 7:25 ` Pekka Enberg
2008-04-18 10:32 ` James Morris
2008-04-18 10:32 ` James Morris
2008-04-18 7:09 ` Ingo Molnar
2008-04-18 7:09 ` Ingo Molnar
2008-04-18 7:50 ` Andrew Morton
2008-04-18 7:50 ` Andrew Morton
2008-04-18 7:53 ` Andrew Morton
2008-04-18 7:53 ` Andrew Morton
2008-04-18 7:57 ` Andrew Morton
2008-04-18 7:57 ` Andrew Morton
2008-04-18 9:22 ` Ingo Molnar
2008-04-18 9:22 ` Ingo Molnar
2008-04-18 9:22 ` Ingo Molnar
2008-04-18 12:18 ` Ingo Molnar
2008-04-18 12:18 ` Ingo Molnar
2008-04-18 12:18 ` Ingo Molnar
2008-04-18 7:57 ` Andrew Morton
2008-04-18 9:42 ` Pavel Machek
2008-04-18 9:42 ` Pavel Machek
2008-04-18 9:42 ` Pavel Machek
2008-04-18 15:22 ` Alan Stern
2008-04-18 15:22 ` Alan Stern
2008-04-18 15:22 ` Alan Stern
2008-04-18 11:07 ` Pavel Machek
2008-04-18 11:07 ` Pavel Machek
2008-04-18 11:07 ` Pavel Machek
2008-04-18 7:53 ` Andrew Morton
2008-04-28 16:42 ` 2.6.25-mm1: Failing to probe IDE interface Mel Gorman
2008-04-28 16:59 ` Andrew Morton
2008-04-28 16:59 ` Andrew Morton
2008-04-29 9:39 ` Mel Gorman
2008-04-29 9:39 ` Mel Gorman
2008-04-28 18:44 ` Bartlomiej Zolnierkiewicz
2008-04-28 18:44 ` Bartlomiej Zolnierkiewicz
2008-04-29 9:43 ` Mel Gorman
2008-04-29 9:43 ` Mel Gorman
2008-04-29 15:49 ` Mel Gorman
2008-04-29 15:49 ` Mel Gorman
2008-04-29 16:58 ` Mel Gorman
2008-04-29 16:58 ` Mel Gorman
2008-04-29 21:37 ` Bartlomiej Zolnierkiewicz
2008-04-29 21:37 ` Bartlomiej Zolnierkiewicz
2008-04-30 11:16 ` Mel Gorman
2008-04-30 11:16 ` Mel Gorman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080418071945.GA18044@elte.hu \
--to=mingo@elte.hu \
--cc=akpm@linux-foundation.org \
--cc=arjan@infradead.org \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-usb@vger.kernel.org \
--cc=penberg@cs.helsinki.fi \
--cc=sds@tycho.nsa.gov \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.