From: Nilay Shroff <nilay@linux.ibm.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: linux-kernel@vger.kernel.org, briannorris@chromium.org,
yury.norov@gmail.com, kees@kernel.org, gustavoars@kernel.org,
nathan@kernel.org, steffen.klassert@secunet.com,
daniel.m.jordan@oracle.com, gjoyce@ibm.com,
linux-crypto@vger.kernel.org, linux@weissschuh.net
Subject: Re: [PATCHv3] gcc: disable '-Wstrignop-overread' universally for gcc-13+ and FORTIFY_SOURCE
Date: Mon, 9 Dec 2024 22:39:30 +0530 [thread overview]
Message-ID: <9ff492c6-3824-475b-a9f6-415205920e56@linux.ibm.com> (raw)
In-Reply-To: <2024120938-kilogram-granite-9a53@gregkh>
On 12/9/24 12:15, Greg Kroah-Hartman wrote:
> On Sun, Dec 08, 2024 at 09:42:28PM +0530, Nilay Shroff wrote:
>> Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>
> As this is different, my Ack does not still stand, sorry :(
>
>> +# Currently, disable -Wstringop-overread for gcc-13+ and FORTIFY_SOURCE globally.
>> +config GCC13_NO_STRINGOP_OVERREAD
>> + def_bool y
>
> I hit this with gcc 14, it's not just a gcc 13 issue.
>
>> +config CC_NO_STRINGOP_OVERREAD
>> + bool
>> + default y if CC_IS_GCC && GCC_VERSION >= 130000 && GCC13_NO_STRINGOP_OVERREAD && FORTIFY_SOURCE
>
> Ok, I see you enabled this for more than 13, but why call it "13"?
Yeah I'd change it to GCC_NO_STRINGOP_OVERREAD.
>
>> +
>> #
>> # For architectures that know their GCC __int128 support is sound
>> #
>> diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn
>> index 1d13cecc7cc7..1abd41269fd0 100644
>> --- a/scripts/Makefile.extrawarn
>> +++ b/scripts/Makefile.extrawarn
>> @@ -27,6 +27,7 @@ endif
>> KBUILD_CPPFLAGS-$(CONFIG_WERROR) += -Werror
>> KBUILD_CPPFLAGS += $(KBUILD_CPPFLAGS-y)
>> KBUILD_CFLAGS-$(CONFIG_CC_NO_ARRAY_BOUNDS) += -Wno-array-bounds
>> +KBUILD_CFLAGS-$(CONFIG_CC_NO_STRINGOP_OVERREAD) += -Wno-stringop-overread
>
> I don't want this disabled for all files in the kernel, we only have one
> that this is a problem for. I think you disable this, the whole fortify
> logic is disabled which is not the goal, why not just force the fortify
> feature OFF if we have a "bad compiler" that can not support it?
>
okay so that means you recommend to disable FORTIFY_SOURCE for gcc-13+ instead
of disabling -Wstringop-overread globally?
> So no, I don't think this is the correct solution here, sorry.
>
> And it's odd that we are the only 2 people hitting it, has everyone else
> just given up on gcc and moved on to using clang?
I guess that developers are either using Clang or they haven't enabled CONFIG_FORTIFY_SOURCE
if they're using gcc-13+.
Thanks,
--Nilay
next prev parent reply other threads:[~2024-12-09 17:09 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-08 16:12 [PATCHv3] gcc: disable '-Wstrignop-overread' universally for gcc-13+ and FORTIFY_SOURCE Nilay Shroff
2024-12-08 18:25 ` Yury Norov
2024-12-09 19:35 ` Nathan Chancellor
2024-12-10 8:28 ` Nilay Shroff
2024-12-10 16:14 ` Nathan Chancellor
2024-12-11 9:16 ` Nilay Shroff
2024-12-09 6:45 ` Greg Kroah-Hartman
2024-12-09 17:09 ` Nilay Shroff [this message]
2024-12-09 20:03 ` Nathan Chancellor
2024-12-09 20:43 ` Yury Norov
2024-12-09 22:24 ` Nathan Chancellor
2024-12-12 18:24 ` Kees Cook
2024-12-12 18:47 ` Kees Cook
2024-12-12 19:34 ` Yury Norov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9ff492c6-3824-475b-a9f6-415205920e56@linux.ibm.com \
--to=nilay@linux.ibm.com \
--cc=briannorris@chromium.org \
--cc=daniel.m.jordan@oracle.com \
--cc=gjoyce@ibm.com \
--cc=gregkh@linuxfoundation.org \
--cc=gustavoars@kernel.org \
--cc=kees@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@weissschuh.net \
--cc=nathan@kernel.org \
--cc=steffen.klassert@secunet.com \
--cc=yury.norov@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox