From: "Maciej Żenczykowski" <maze@google.com>
To: Alexander Potapenko <glider@google.com>
Cc: Greg KH <gregkh@linuxfoundation.org>,
Masahiro Yamada <yamada.masahiro@socionext.com>,
Kees Cook <keescook@chromium.org>,
James Morris <jmorris@namei.org>,
Nick Desaulniers <ndesaulniers@google.com>,
linux-security-module <linux-security-module@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables
Date: Tue, 16 Jun 2020 05:20:54 -0700 [thread overview]
Message-ID: <CANP3RGcvZ-TBoTo2MeCbF=TWoY2sGv21TQ5btJoh+952rscLKg@mail.gmail.com> (raw)
In-Reply-To: <CAG_fn=VYN6ynu2bnW96-p-QRi77NstHC6DXS+AN0r0bm5K2j7w@mail.gmail.com>
> We could make INIT_STACK_ALL_ZERO fall back to INIT_STACK_ALL_PATTERN
> if the compiler flag goes away - does this make sense?
No, I'm pretty sure failing to build, or at least not setting anything
is better.
AFAIK pattern actually introduces new bugs that aren't visible at all
with neither of these flags set.
(because in practice the default no flag behaviour seems to zero some
stuff [probably padding] that it doesn't with pattern)
next prev parent reply other threads:[~2020-06-16 12:21 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-16 8:34 [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables glider
2020-06-16 8:41 ` Maciej Żenczykowski
2020-06-16 9:08 ` Kees Cook
2020-06-16 10:03 ` Greg KH
2020-06-16 10:19 ` Maciej Żenczykowski
2020-06-16 12:05 ` Alexander Potapenko
2020-06-16 12:15 ` Alexander Potapenko
2020-06-16 12:20 ` Maciej Żenczykowski [this message]
2020-06-16 16:18 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CANP3RGcvZ-TBoTo2MeCbF=TWoY2sGv21TQ5btJoh+952rscLKg@mail.gmail.com' \
--to=maze@google.com \
--cc=glider@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=jmorris@namei.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=ndesaulniers@google.com \
--cc=yamada.masahiro@socionext.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).