meminit fix
- Disable gcc-based stack variable auto-init under KASAN (Arnd Bergmann) -----BEGIN PGP SIGNATURE----- Comment: Kees Cook <kees@outflux.net> iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAl099MsWHGtlZXNjb29r QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJr6GD/0Xl/YxeXPnKIHoafoqMCBAY12f OnRZ2N6YCikYfLwgBnTAAyQi3P0qU8ffjt4LjoPxzByUPBmZ+VkUBXU1eNUuU0mT 4CX+ZakeWp5atbg7Ja7DAThBrJS4DYRzXiGB1Is8IACD/zkkRDoGU1tN+3nubtlk F2SYtmJBz/6pje2ksLDmuSS1sapaom7Cs4khB/oDb8HOsqydS0CpzN7Oa/Di3HoZ yUbyM3bcgmYECasGt7zVOLzr/EcI4T7rtLhMTnFBMbfckQJBPc7UpaLTt9pxMVqO Vo7SH/q8atmp3aThT3XbEYbSvx4kUdHZYcuMogPe8T+3Bx4i9gWGnmpqF94P0Kl8 SZgY92JEhF92PwVTi7ztAfAZQDunVm60c/Lp44r0q/lGQKZLXP8jQXd7KmL6dnPI gDnispJnNdNxVSVDx/r3yjSRh0VCA3yv01ed/pusCrxX48sEw7ExwswEJBy12O3s rUY7Xx/U+eIP+E+4B7ddlzTFy+0t6HQ0q0LLtbiim1ELF+8ZBnAvCMnm49SQbpEQ UMgO/bCAGkGu88uR3sclIwUbaR9oCCxkZO0YuLvAnGoMJ7JaYQlDmDqe/lWP7VjV HEmJxDpJE9SgmVtYkfz3aOEds5nSspRQOQfQpnq/JxjRQTSfriSpDpl72d5qk1CH WHAM8lviqVg/uT6r2Q== =z0XP -----END PGP SIGNATURE----- Merge tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull structleak fix from Kees Cook: "Disable gcc-based stack variable auto-init under KASAN (Arnd Bergmann). This fixes a bunch of build warnings under KASAN and the gcc-plugin-based stack auto-initialization features (which are arguably redundant, so better to let KASAN control this)" * tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK
This commit is contained in:
commit
c622fc5f54
|
@ -61,6 +61,7 @@ choice
|
||||||
config GCC_PLUGIN_STRUCTLEAK_BYREF
|
config GCC_PLUGIN_STRUCTLEAK_BYREF
|
||||||
bool "zero-init structs passed by reference (strong)"
|
bool "zero-init structs passed by reference (strong)"
|
||||||
depends on GCC_PLUGINS
|
depends on GCC_PLUGINS
|
||||||
|
depends on !(KASAN && KASAN_STACK=1)
|
||||||
select GCC_PLUGIN_STRUCTLEAK
|
select GCC_PLUGIN_STRUCTLEAK
|
||||||
help
|
help
|
||||||
Zero-initialize any structures on the stack that may
|
Zero-initialize any structures on the stack that may
|
||||||
|
@ -70,9 +71,15 @@ choice
|
||||||
exposures, like CVE-2017-1000410:
|
exposures, like CVE-2017-1000410:
|
||||||
https://git.kernel.org/linus/06e7e776ca4d3654
|
https://git.kernel.org/linus/06e7e776ca4d3654
|
||||||
|
|
||||||
|
As a side-effect, this keeps a lot of variables on the
|
||||||
|
stack that can otherwise be optimized out, so combining
|
||||||
|
this with CONFIG_KASAN_STACK can lead to a stack overflow
|
||||||
|
and is disallowed.
|
||||||
|
|
||||||
config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL
|
config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL
|
||||||
bool "zero-init anything passed by reference (very strong)"
|
bool "zero-init anything passed by reference (very strong)"
|
||||||
depends on GCC_PLUGINS
|
depends on GCC_PLUGINS
|
||||||
|
depends on !(KASAN && KASAN_STACK=1)
|
||||||
select GCC_PLUGIN_STRUCTLEAK
|
select GCC_PLUGIN_STRUCTLEAK
|
||||||
help
|
help
|
||||||
Zero-initialize any stack variables that may be passed
|
Zero-initialize any stack variables that may be passed
|
||||||
|
|
Loading…
Reference in New Issue