* [PATCH v3 4/5] Makefile: Enable -Warray-bounds [not found] <20210827163015.3141722-1-keescook@chromium.org> @ 2021-08-27 16:30 ` Kees Cook 2021-08-31 4:31 ` Guenter Roeck 2021-08-27 16:30 ` [PATCH v3 5/5] Makefile: Enable -Wzero-length-bounds Kees Cook 1 sibling, 1 reply; 7+ messages in thread From: Kees Cook @ 2021-08-27 16:30 UTC (permalink / raw) To: linux-kernel Cc: Kees Cook, Arnd Bergmann, Masahiro Yamada, linux-kbuild, Gustavo A . R . Silva, Rasmus Villemoes, Keith Packard, Dan Williams, Daniel Vetter, clang-built-linux, linux-hardening With the recent fixes for flexible arrays and expanded FORTIFY_SOURCE coverage, it is now possible to enable -Warray-bounds. Since both GCC and Clang include -Warray-bounds in -Wall, we just need to stop disabling it. Cc: Arnd Bergmann <arnd@arndb.de> Cc: Masahiro Yamada <masahiroy@kernel.org> Cc: linux-kbuild@vger.kernel.org Co-developed-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> --- Makefile | 1 - 1 file changed, 1 deletion(-) diff --git a/Makefile b/Makefile index e4f5895badb5..8e7e73a642e2 100644 --- a/Makefile +++ b/Makefile @@ -995,7 +995,6 @@ KBUILD_CFLAGS += $(call cc-disable-warning, stringop-truncation) # We'll want to enable this eventually, but it's not going away for 5.7 at least KBUILD_CFLAGS += $(call cc-disable-warning, zero-length-bounds) -KBUILD_CFLAGS += $(call cc-disable-warning, array-bounds) KBUILD_CFLAGS += $(call cc-disable-warning, stringop-overflow) # Another good warning that we'll want to enable eventually -- 2.30.2 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH v3 4/5] Makefile: Enable -Warray-bounds 2021-08-27 16:30 ` [PATCH v3 4/5] Makefile: Enable -Warray-bounds Kees Cook @ 2021-08-31 4:31 ` Guenter Roeck 2021-08-31 17:46 ` Kees Cook 0 siblings, 1 reply; 7+ messages in thread From: Guenter Roeck @ 2021-08-31 4:31 UTC (permalink / raw) To: Kees Cook Cc: linux-kernel, Arnd Bergmann, Masahiro Yamada, linux-kbuild, Gustavo A . R . Silva, Rasmus Villemoes, Keith Packard, Dan Williams, Daniel Vetter, clang-built-linux, linux-hardening On Fri, Aug 27, 2021 at 09:30:14AM -0700, Kees Cook wrote: > With the recent fixes for flexible arrays and expanded FORTIFY_SOURCE > coverage, it is now possible to enable -Warray-bounds. Since both > GCC and Clang include -Warray-bounds in -Wall, we just need to stop > disabling it. > > Cc: Arnd Bergmann <arnd@arndb.de> > Cc: Masahiro Yamada <masahiroy@kernel.org> > Cc: linux-kbuild@vger.kernel.org > Co-developed-by: Gustavo A. R. Silva <gustavoars@kernel.org> > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> > Signed-off-by: Kees Cook <keescook@chromium.org> > --- > Makefile | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/Makefile b/Makefile > index e4f5895badb5..8e7e73a642e2 100644 > --- a/Makefile > +++ b/Makefile > @@ -995,7 +995,6 @@ KBUILD_CFLAGS += $(call cc-disable-warning, stringop-truncation) > > # We'll want to enable this eventually, but it's not going away for 5.7 at least > KBUILD_CFLAGS += $(call cc-disable-warning, zero-length-bounds) > -KBUILD_CFLAGS += $(call cc-disable-warning, array-bounds) > KBUILD_CFLAGS += $(call cc-disable-warning, stringop-overflow) > This patch causes 'alpha' builds to fail when trying to build an image with gcc 11.2. In file included from include/linux/string.h:20, from include/linux/bitmap.h:11, from include/linux/cpumask.h:12, from include/linux/smp.h:13, from include/linux/lockdep.h:14, from include/linux/spinlock.h:63, from include/linux/mmzone.h:8, from include/linux/gfp.h:6, from include/linux/mm.h:10, from include/linux/pagemap.h:8, from arch/alpha/mm/init.c:10: In function '__memset', inlined from '__bad_pagetable' at arch/alpha/mm/init.c:79:2: arch/alpha/include/asm/string.h:37:32: error: '__builtin_memset' offset [0, 8191] is out of the bounds [0, 0] [-Werror=array-bounds] 37 | return __builtin_memset(s, c, n); | ^~~~~~~~~~~~~~~~~~~~~~~~~ In function '__memset', inlined from '__bad_page' at arch/alpha/mm/init.c:86:2: arch/alpha/include/asm/string.h:37:32: error: '__builtin_memset' offset [0, 8191] is out of the bounds [0, 0] [-Werror=array-bounds] 37 | return __builtin_memset(s, c, n); | ^~~~~~~~~~~~~~~~~~~~~~~~~ In function '__memset', inlined from 'paging_init' at arch/alpha/mm/init.c:256:2: arch/alpha/include/asm/string.h:37:32: error: '__builtin_memset' offset [0, 8191] is out of the bounds [0, 0] [-Werror=array-bounds] 37 | return __builtin_memset(s, c, n); Seen in next-20210830. Guenter ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v3 4/5] Makefile: Enable -Warray-bounds 2021-08-31 4:31 ` Guenter Roeck @ 2021-08-31 17:46 ` Kees Cook 2021-08-31 19:40 ` Guenter Roeck 0 siblings, 1 reply; 7+ messages in thread From: Kees Cook @ 2021-08-31 17:46 UTC (permalink / raw) To: Guenter Roeck Cc: linux-kernel, Arnd Bergmann, Masahiro Yamada, linux-kbuild, Gustavo A . R . Silva, Rasmus Villemoes, Keith Packard, Dan Williams, Daniel Vetter, clang-built-linux, linux-hardening On Mon, Aug 30, 2021 at 09:31:28PM -0700, Guenter Roeck wrote: > On Fri, Aug 27, 2021 at 09:30:14AM -0700, Kees Cook wrote: > > With the recent fixes for flexible arrays and expanded FORTIFY_SOURCE > > coverage, it is now possible to enable -Warray-bounds. Since both > > GCC and Clang include -Warray-bounds in -Wall, we just need to stop > > disabling it. > > > > Cc: Arnd Bergmann <arnd@arndb.de> > > Cc: Masahiro Yamada <masahiroy@kernel.org> > > Cc: linux-kbuild@vger.kernel.org > > Co-developed-by: Gustavo A. R. Silva <gustavoars@kernel.org> > > Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> > > Signed-off-by: Kees Cook <keescook@chromium.org> > > --- > > Makefile | 1 - > > 1 file changed, 1 deletion(-) > > > > diff --git a/Makefile b/Makefile > > index e4f5895badb5..8e7e73a642e2 100644 > > --- a/Makefile > > +++ b/Makefile > > @@ -995,7 +995,6 @@ KBUILD_CFLAGS += $(call cc-disable-warning, stringop-truncation) > > > > # We'll want to enable this eventually, but it's not going away for 5.7 at least > > KBUILD_CFLAGS += $(call cc-disable-warning, zero-length-bounds) > > -KBUILD_CFLAGS += $(call cc-disable-warning, array-bounds) > > KBUILD_CFLAGS += $(call cc-disable-warning, stringop-overflow) > > > > This patch causes 'alpha' builds to fail when trying to build an image with > gcc 11.2. > > In file included from include/linux/string.h:20, > from include/linux/bitmap.h:11, > from include/linux/cpumask.h:12, > from include/linux/smp.h:13, > from include/linux/lockdep.h:14, > from include/linux/spinlock.h:63, > from include/linux/mmzone.h:8, > from include/linux/gfp.h:6, > from include/linux/mm.h:10, > from include/linux/pagemap.h:8, > from arch/alpha/mm/init.c:10: > In function '__memset', > inlined from '__bad_pagetable' at arch/alpha/mm/init.c:79:2: > arch/alpha/include/asm/string.h:37:32: error: '__builtin_memset' offset [0, 8191] is out of the bounds [0, 0] [-Werror=array-bounds] > 37 | return __builtin_memset(s, c, n); > | ^~~~~~~~~~~~~~~~~~~~~~~~~ > In function '__memset', > inlined from '__bad_page' at arch/alpha/mm/init.c:86:2: > arch/alpha/include/asm/string.h:37:32: error: '__builtin_memset' offset [0, 8191] is out of the bounds [0, 0] [-Werror=array-bounds] > 37 | return __builtin_memset(s, c, n); > | ^~~~~~~~~~~~~~~~~~~~~~~~~ > In function '__memset', > inlined from 'paging_init' at arch/alpha/mm/init.c:256:2: > arch/alpha/include/asm/string.h:37:32: error: '__builtin_memset' offset [0, 8191] is out of the bounds [0, 0] [-Werror=array-bounds] > 37 | return __builtin_memset(s, c, n); > > Seen in next-20210830. Ah-ha, thanks for the report! I didn't see this in my builds -- what config target did you use for this? Looks like GCC isn't happy about an unsigned long->void * conversion here... include/asm/page.h:#define PAGE_OFFSET 0xfffffc0000000000UL ... include/uapi/asm/setup.h:#define KERNEL_START_PHYS 0x1000000 /* required: Wildfire/Titan/Marvel */ include/uapi/asm/setup.h:#define EMPTY_PGT (PAGE_OFFSET+KERNEL_START_PHYS+0x04000) ... mm/init.c: memset((void *) EMPTY_PGT, 0, PAGE_SIZE); I'll try to figure out the right annotations to fix this... -- Kees Cook ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v3 4/5] Makefile: Enable -Warray-bounds 2021-08-31 17:46 ` Kees Cook @ 2021-08-31 19:40 ` Guenter Roeck 2021-08-31 20:18 ` Kees Cook 0 siblings, 1 reply; 7+ messages in thread From: Guenter Roeck @ 2021-08-31 19:40 UTC (permalink / raw) To: Kees Cook Cc: linux-kernel, Arnd Bergmann, Masahiro Yamada, linux-kbuild, Gustavo A . R . Silva, Rasmus Villemoes, Keith Packard, Dan Williams, Daniel Vetter, clang-built-linux, linux-hardening Hi Kees, On 8/31/21 10:46 AM, Kees Cook wrote: > On Mon, Aug 30, 2021 at 09:31:28PM -0700, Guenter Roeck wrote: >> On Fri, Aug 27, 2021 at 09:30:14AM -0700, Kees Cook wrote: >>> With the recent fixes for flexible arrays and expanded FORTIFY_SOURCE >>> coverage, it is now possible to enable -Warray-bounds. Since both >>> GCC and Clang include -Warray-bounds in -Wall, we just need to stop >>> disabling it. >>> >>> Cc: Arnd Bergmann <arnd@arndb.de> >>> Cc: Masahiro Yamada <masahiroy@kernel.org> >>> Cc: linux-kbuild@vger.kernel.org >>> Co-developed-by: Gustavo A. R. Silva <gustavoars@kernel.org> >>> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> >>> Signed-off-by: Kees Cook <keescook@chromium.org> >>> --- >>> Makefile | 1 - >>> 1 file changed, 1 deletion(-) >>> >>> diff --git a/Makefile b/Makefile >>> index e4f5895badb5..8e7e73a642e2 100644 >>> --- a/Makefile >>> +++ b/Makefile >>> @@ -995,7 +995,6 @@ KBUILD_CFLAGS += $(call cc-disable-warning, stringop-truncation) >>> >>> # We'll want to enable this eventually, but it's not going away for 5.7 at least >>> KBUILD_CFLAGS += $(call cc-disable-warning, zero-length-bounds) >>> -KBUILD_CFLAGS += $(call cc-disable-warning, array-bounds) >>> KBUILD_CFLAGS += $(call cc-disable-warning, stringop-overflow) >>> >> >> This patch causes 'alpha' builds to fail when trying to build an image with >> gcc 11.2. >> >> In file included from include/linux/string.h:20, >> from include/linux/bitmap.h:11, >> from include/linux/cpumask.h:12, >> from include/linux/smp.h:13, >> from include/linux/lockdep.h:14, >> from include/linux/spinlock.h:63, >> from include/linux/mmzone.h:8, >> from include/linux/gfp.h:6, >> from include/linux/mm.h:10, >> from include/linux/pagemap.h:8, >> from arch/alpha/mm/init.c:10: >> In function '__memset', >> inlined from '__bad_pagetable' at arch/alpha/mm/init.c:79:2: >> arch/alpha/include/asm/string.h:37:32: error: '__builtin_memset' offset [0, 8191] is out of the bounds [0, 0] [-Werror=array-bounds] >> 37 | return __builtin_memset(s, c, n); >> | ^~~~~~~~~~~~~~~~~~~~~~~~~ >> In function '__memset', >> inlined from '__bad_page' at arch/alpha/mm/init.c:86:2: >> arch/alpha/include/asm/string.h:37:32: error: '__builtin_memset' offset [0, 8191] is out of the bounds [0, 0] [-Werror=array-bounds] >> 37 | return __builtin_memset(s, c, n); >> | ^~~~~~~~~~~~~~~~~~~~~~~~~ >> In function '__memset', >> inlined from 'paging_init' at arch/alpha/mm/init.c:256:2: >> arch/alpha/include/asm/string.h:37:32: error: '__builtin_memset' offset [0, 8191] is out of the bounds [0, 0] [-Werror=array-bounds] >> 37 | return __builtin_memset(s, c, n); >> >> Seen in next-20210830. > > Ah-ha, thanks for the report! I didn't see this in my builds -- what > config target did you use for this? > The configuration doesn't matter; it fails for me for all configurations, including defconfig, alllnoconfig, and allmodconfig. Key is to use gcc 11.2. The image builds just fine with gcc 9.4 and 10.3. Guenter ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v3 4/5] Makefile: Enable -Warray-bounds 2021-08-31 19:40 ` Guenter Roeck @ 2021-08-31 20:18 ` Kees Cook 2021-08-31 20:49 ` Guenter Roeck 0 siblings, 1 reply; 7+ messages in thread From: Kees Cook @ 2021-08-31 20:18 UTC (permalink / raw) To: Guenter Roeck Cc: linux-kernel, Arnd Bergmann, Masahiro Yamada, linux-kbuild, Gustavo A . R . Silva, Rasmus Villemoes, Keith Packard, Dan Williams, Daniel Vetter, clang-built-linux, linux-hardening On Tue, Aug 31, 2021 at 12:40:53PM -0700, Guenter Roeck wrote: > The configuration doesn't matter; it fails for me for all configurations, > including defconfig, alllnoconfig, and allmodconfig. > Key is to use gcc 11.2. The image builds just fine with gcc 9.4 and 10.3. Ah! Yes, heh. That would be my problem; I've got 10.3 for my builders. Thanks! I will give 11.2 a spin. -- Kees Cook ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v3 4/5] Makefile: Enable -Warray-bounds 2021-08-31 20:18 ` Kees Cook @ 2021-08-31 20:49 ` Guenter Roeck 0 siblings, 0 replies; 7+ messages in thread From: Guenter Roeck @ 2021-08-31 20:49 UTC (permalink / raw) To: Kees Cook Cc: linux-kernel, Arnd Bergmann, Masahiro Yamada, linux-kbuild, Gustavo A . R . Silva, Rasmus Villemoes, Keith Packard, Dan Williams, Daniel Vetter, clang-built-linux, linux-hardening On 8/31/21 1:18 PM, Kees Cook wrote: > On Tue, Aug 31, 2021 at 12:40:53PM -0700, Guenter Roeck wrote: >> The configuration doesn't matter; it fails for me for all configurations, >> including defconfig, alllnoconfig, and allmodconfig. >> Key is to use gcc 11.2. The image builds just fine with gcc 9.4 and 10.3. > > Ah! Yes, heh. That would be my problem; I've got 10.3 for my builders. > Thanks! I will give 11.2 a spin. > In case you don't have gcc 11.2 available - I tested with 11.1 as well; that also fails. Guenter ^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v3 5/5] Makefile: Enable -Wzero-length-bounds [not found] <20210827163015.3141722-1-keescook@chromium.org> 2021-08-27 16:30 ` [PATCH v3 4/5] Makefile: Enable -Warray-bounds Kees Cook @ 2021-08-27 16:30 ` Kees Cook 1 sibling, 0 replies; 7+ messages in thread From: Kees Cook @ 2021-08-27 16:30 UTC (permalink / raw) To: linux-kernel Cc: Kees Cook, Gustavo A. R. Silva, Arnd Bergmann, Masahiro Yamada, linux-kbuild, Rasmus Villemoes, Keith Packard, Dan Williams, Daniel Vetter, clang-built-linux, linux-hardening With all known internal zero-length accesses fixed, it is possible to enable -Wzero-length-bounds globally. Since this is included by default in -Warray-bounds, we just need to stop disabling it. Cc: "Gustavo A. R. Silva" <gustavoars@kernel.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Masahiro Yamada <masahiroy@kernel.org> Cc: linux-kbuild@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> --- Makefile | 1 - 1 file changed, 1 deletion(-) diff --git a/Makefile b/Makefile index 8e7e73a642e2..8e732e875e78 100644 --- a/Makefile +++ b/Makefile @@ -994,7 +994,6 @@ KBUILD_CFLAGS += -Wno-pointer-sign KBUILD_CFLAGS += $(call cc-disable-warning, stringop-truncation) # We'll want to enable this eventually, but it's not going away for 5.7 at least -KBUILD_CFLAGS += $(call cc-disable-warning, zero-length-bounds) KBUILD_CFLAGS += $(call cc-disable-warning, stringop-overflow) # Another good warning that we'll want to enable eventually -- 2.30.2 ^ permalink raw reply related [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-08-31 20:49 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20210827163015.3141722-1-keescook@chromium.org>
2021-08-27 16:30 ` [PATCH v3 4/5] Makefile: Enable -Warray-bounds Kees Cook
2021-08-31 4:31 ` Guenter Roeck
2021-08-31 17:46 ` Kees Cook
2021-08-31 19:40 ` Guenter Roeck
2021-08-31 20:18 ` Kees Cook
2021-08-31 20:49 ` Guenter Roeck
2021-08-27 16:30 ` [PATCH v3 5/5] Makefile: Enable -Wzero-length-bounds Kees Cook
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox