diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-28 12:33:15 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-28 12:33:15 -0700 |
commit | c622fc5f54cb0c7ea2e6fedba27ba533b97657d8 (patch) | |
tree | 43710a0d44928f750633f395c89636ad3f6372dd | |
parent | 8e61ea11c23b108c8ce062f791dfa737896da346 (diff) | |
parent | 173e6ee21e2b3f477f07548a79c43b8d9cfbb37d (diff) | |
download | linux-c622fc5f54cb0c7ea2e6fedba27ba533b97657d8.tar.gz linux-c622fc5f54cb0c7ea2e6fedba27ba533b97657d8.tar.bz2 linux-c622fc5f54cb0c7ea2e6fedba27ba533b97657d8.zip |
Merge tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull structleak fix from Kees Cook:
"Disable gcc-based stack variable auto-init under KASAN (Arnd
Bergmann).
This fixes a bunch of build warnings under KASAN and the
gcc-plugin-based stack auto-initialization features (which are
arguably redundant, so better to let KASAN control this)"
* tag 'meminit-v5.3-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
structleak: disable STRUCTLEAK_BYREF in combination with KASAN_STACK
-rw-r--r-- | security/Kconfig.hardening | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening index a1ffe2eb4d5f..af4c979b38ee 100644 --- a/security/Kconfig.hardening +++ b/security/Kconfig.hardening @@ -61,6 +61,7 @@ choice config GCC_PLUGIN_STRUCTLEAK_BYREF bool "zero-init structs passed by reference (strong)" depends on GCC_PLUGINS + depends on !(KASAN && KASAN_STACK=1) select GCC_PLUGIN_STRUCTLEAK help Zero-initialize any structures on the stack that may @@ -70,9 +71,15 @@ choice exposures, like CVE-2017-1000410: https://git.kernel.org/linus/06e7e776ca4d3654 + As a side-effect, this keeps a lot of variables on the + stack that can otherwise be optimized out, so combining + this with CONFIG_KASAN_STACK can lead to a stack overflow + and is disallowed. + config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL bool "zero-init anything passed by reference (very strong)" depends on GCC_PLUGINS + depends on !(KASAN && KASAN_STACK=1) select GCC_PLUGIN_STRUCTLEAK help Zero-initialize any stack variables that may be passed |