[patch 1/8] Add -fno-delete-null-pointer-checks to gcc CFLAGS

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: stable-review@kernel.org, torvalds@linux-foundation.org,
	akpm@linux-foundation.org, alan@lxorguk.ukuu.org.uk,
	Eugene Teo <eugeneteo@kernel.sg>, Eric Paris <eparis@redhat.com>,
	Wang Cong <amwang@redhat.com>
Subject: [patch 1/8] Add -fno-delete-null-pointer-checks to gcc CFLAGS
Date: Fri, 17 Jul 2009 13:37:19 -0700	[thread overview]
Message-ID: <20090717203824.048588533@mini.kroah.org> (raw)
In-Reply-To: <20090717203935.GA5641@kroah.com>

[-- Attachment #1: add-fno-delete-null-pointer-checks-to-gcc-cflags.patch --]
[-- Type: text/plain, Size: 1962 bytes --]

2.6.27-stable review patch.  If anyone has any objections, please let us know.

------------------

From: Eugene Teo <eteo@redhat.com>

commit a3ca86aea507904148870946d599e07a340b39bf upstream.

Turning on this flag could prevent the compiler from optimising away
some "useless" checks for null pointers.  Such bugs can sometimes become
exploitable at compile time because of the -O2 optimisation.

See http://gcc.gnu.org/onlinedocs/gcc-4.1.2/gcc/Optimize-Options.html

An example that clearly shows this 'problem' is commit 6bf67672.

 static void __devexit agnx_pci_remove(struct pci_dev *pdev)
 {
     struct ieee80211_hw *dev = pci_get_drvdata(pdev);
-    struct agnx_priv *priv = dev->priv;
+    struct agnx_priv *priv;
     AGNX_TRACE;

     if (!dev)
         return;
+    priv = dev->priv;

By reverting this patch, and compile it with and without
-fno-delete-null-pointer-checks flag, we can see that the check for dev
is compiled away.

    call    printk  #
-   testq   %r12, %r12  # dev
-   je  .L94    #,
    movq    %r12, %rdi  # dev,

Clearly the 'fix' is to stop using dev before it is tested, but building
with -fno-delete-null-pointer-checks flag at least makes it harder to
abuse.

Signed-off-by: Eugene Teo <eugeneteo@kernel.sg>
Acked-by: Eric Paris <eparis@redhat.com>
Acked-by: Wang Cong <amwang@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

---
 Makefile |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/Makefile
+++ b/Makefile
@@ -340,7 +340,8 @@ KBUILD_CPPFLAGS := -D__KERNEL__ $(LINUXI
 
 KBUILD_CFLAGS   := -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs \
 		   -fno-strict-aliasing -fno-common \
-		   -Werror-implicit-function-declaration
+		   -Werror-implicit-function-declaration \
+		   -fno-delete-null-pointer-checks
 KBUILD_AFLAGS   := -D__ASSEMBLY__
 
 # Read KERNELRELEASE from include/config/kernel.release (if it exists)

next prev parent reply	other threads:[~2009-07-17 20:40 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20090717203718.637372453@mini.kroah.org>
2009-07-17 20:39 ` [patch 0/8] 2.6.27.27-stable review Greg KH
2009-07-17 20:37   ` Greg KH [this message]
2009-07-17 20:37   ` [patch 2/8] personality: fix PER_CLEAR_ON_SETID (CVE-2009-1895) Greg KH
2009-07-17 20:37   ` [patch 3/8] security: use mmap_min_addr indepedently of security models Greg KH
2009-07-17 20:37   ` [patch 4/8] Fix iommu address space allocation Greg KH
2009-07-17 20:37   ` [patch 5/8] floppy: fix lock imbalance Greg KH
2009-07-17 20:37   ` [patch 6/8] kernel/resource.c: fix sign extension in reserve_setup() Greg KH
2009-07-17 20:37   ` [patch 7/8] tulip: Fix for MTU problems with 802.1q tagged frames Greg KH
2009-07-17 20:37   ` [patch 8/8] Dont use -fwrapv compiler option: its buggy in gcc-4.1.x Greg KH
     [not found]   ` <200907180329.34323.arekm@maven.pl>
2009-07-20  3:48     ` [patch 0/8] 2.6.27.27-stable review Greg KH

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20090717203824.048588533@mini.kroah.org \
    --to=gregkh@suse.de \
    --cc=akpm@linux-foundation.org \
    --cc=alan@lxorguk.ukuu.org.uk \
    --cc=amwang@redhat.com \
    --cc=eparis@redhat.com \
    --cc=eugeneteo@kernel.sg \
    --cc=linux-kernel@vger.kernel.org \
    --cc=stable-review@kernel.org \
    --cc=stable@kernel.org \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox