From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Kees Cook <keescook@chromium.org>,
Nick Desaulniers <ndesaulniers@google.com>,
Nathan Chancellor <nathan@kernel.org>
Subject: [PATCH 5.15 11/20] fortify: Explicitly disable Clang support
Date: Fri, 19 Nov 2021 18:39:29 +0100 [thread overview]
Message-ID: <20211119171445.023010151@linuxfoundation.org> (raw)
In-Reply-To: <20211119171444.640508836@linuxfoundation.org>
From: Kees Cook <keescook@chromium.org>
commit a52f8a59aef46b59753e583bf4b28fccb069ce64 upstream.
Clang has never correctly compiled the FORTIFY_SOURCE defenses due to
a couple bugs:
Eliding inlines with matching __builtin_* names
https://bugs.llvm.org/show_bug.cgi?id=50322
Incorrect __builtin_constant_p() of some globals
https://bugs.llvm.org/show_bug.cgi?id=41459
In the process of making improvements to the FORTIFY_SOURCE defenses, the
first (silent) bug (coincidentally) becomes worked around, but exposes
the latter which breaks the build. As such, Clang must not be used with
CONFIG_FORTIFY_SOURCE until at least latter bug is fixed (in Clang 13),
and the fortify routines have been rearranged.
Update the Kconfig to reflect the reality of the current situation.
Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Nick Desaulniers <ndesaulniers@google.com>
Link: https://lore.kernel.org/lkml/CAKwvOd=A+ueGV2ihdy5GtgR2fQbcXjjAtVxv3=cPjffpebZB7A@mail.gmail.com
Cc: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
security/Kconfig | 3 +++
1 file changed, 3 insertions(+)
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -191,6 +191,9 @@ config HARDENED_USERCOPY_PAGESPAN
config FORTIFY_SOURCE
bool "Harden common str/mem functions against buffer overflows"
depends on ARCH_HAS_FORTIFY_SOURCE
+ # https://bugs.llvm.org/show_bug.cgi?id=50322
+ # https://bugs.llvm.org/show_bug.cgi?id=41459
+ depends on !CC_IS_CLANG
help
Detect overflows of buffers in common string and memory functions
where the compiler can determine and validate the buffer sizes.
next prev parent reply other threads:[~2021-11-19 17:40 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-19 17:39 [PATCH 5.15 00/20] 5.15.4-rc1 review Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 01/20] string: uninline memcpy_and_pad Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 02/20] Revert "drm: fb_helper: improve CONFIG_FB dependency" Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 03/20] Revert "drm: fb_helper: fix " Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 04/20] KVM: Fix steal time asm constraints Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 05/20] btrfs: introduce btrfs_is_data_reloc_root Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 06/20] btrfs: zoned: add a dedicated data relocation block group Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 07/20] btrfs: zoned: only allow one process to add pages to a relocation inode Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 08/20] btrfs: zoned: use regular writes for relocation Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 09/20] btrfs: check for relocation inodes on zoned btrfs in should_nocow Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 10/20] btrfs: zoned: allow preallocation for relocation inodes Greg Kroah-Hartman
2021-11-19 17:39 ` Greg Kroah-Hartman [this message]
2021-11-19 17:39 ` [PATCH 5.15 12/20] block: Add a helper to validate the block size Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 13/20] loop: Use blk_validate_block_size() to validate " Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 14/20] Bluetooth: btusb: Add support for TP-Link UB500 Adapter Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 15/20] parisc/entry: fix trace test in syscall exit path Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 16/20] PCI/MSI: Deal with devices lying about their MSI mask capability Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 17/20] PCI: Add MSI masking quirk for Nvidia ION AHCI Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 18/20] perf/core: Avoid put_page() when GUP fails Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 19/20] thermal: Fix NULL pointer dereferences in of_thermal_ functions Greg Kroah-Hartman
2021-11-19 17:39 ` [PATCH 5.15 20/20] Revert "ACPI: scan: Release PM resources blocked by unused objects" Greg Kroah-Hartman
2021-11-19 19:15 ` [PATCH 5.15 00/20] 5.15.4-rc1 review Florian Fainelli
2021-11-19 21:53 ` Fox Chen
2021-11-19 23:17 ` Shuah Khan
2021-11-20 4:28 ` Daniel Díaz
2021-11-20 8:16 ` Rudi Heitbaum
2021-11-20 16:53 ` Guenter Roeck
2021-11-20 17:40 ` Scott Bruce
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211119171445.023010151@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox