Received: by 10.223.185.116 with SMTP id b49csp808073wrg; Sat, 10 Feb 2018 20:46:57 -0800 (PST) X-Google-Smtp-Source: AH8x227+iurW+Dn4F5p7PROXLKTRXk/fMwhvXnC2G0J2LrySxwVbpPhBIimXtESrx/vqKD2+QZn6 X-Received: by 10.99.67.133 with SMTP id q127mr6344541pga.365.1518324417527; Sat, 10 Feb 2018 20:46:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518324417; cv=none; d=google.com; s=arc-20160816; b=oX4Q3cvVoxO4DjZfdXg+4f0htB4SgJHDMrZLWPgCSh51qAY2t5kaoRNJx6nvcpdme/ SMp4oP3pDVYpAMOCDMsqbloFhNmLCeLCNumO2akz6dTuA2sPUW3n5rHZ2gzC5B9xiGHK 00hBFZ0ya90+QTT4PVg6Yihf5NsuBe/BDdOHXbMZ45e/mazTZukq0fSy/2iWSZKVo5en nLmqbOktwE1HkGOht0ztKLfsL+KSxNgIsKLW2slzy3soRxRZwzj8GIKWMCzsevJ9GadU dCBwSOXrsj6EaVofEBcW7QXBIlK2QyatY7OJUHMwIB6vD+EIKb8VqB/Pl+rnn2u4U9ip YjFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=Y+spHF5SXvmuLp5VqWOH3i3Da5A3GnZ1eenTF71ZLq8=; b=NaO0vm8SqNgqCxe1Ap7p1jUo85KOaVrbep9KHo6CXyFy/LvVevWHviHM6Ku0ZPKbzl B9ZmmX8VkKxJorKdfAsaYHsgAMXUJP07uzUmPdu8ECOI8BQAk+9Gk1deGP6/GCUaBBrR fMpd6IzdYMwiUf6AFbkDo3B0twehwYPuv8mK9rh4BW5KHgyxaFA//Lg/KDH2hmtQDDbO 0NsHiB2mr/omP4hCDOHD4VuLommq2bJAhlaTj1vqRlyAChS4CI676SCYdzbo5zsN0kbI XIJa2b0IsjkYYfW0Qhuo9rM4A9WT5HC62muvwc3FzEK2kuk60Vt6YX+XVACuuBLpmC4Z g6mA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=tHHuo0IT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m11-v6si2052141pla.712.2018.02.10.20.46.44; Sat, 10 Feb 2018 20:46:57 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=tHHuo0IT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753242AbeBKEqJ (ORCPT + 99 others); Sat, 10 Feb 2018 23:46:09 -0500 Received: from mail-io0-f170.google.com ([209.85.223.170]:46463 "EHLO mail-io0-f170.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752905AbeBKEqE (ORCPT ); Sat, 10 Feb 2018 23:46:04 -0500 Received: by mail-io0-f170.google.com with SMTP id k80so2633107ioe.13; Sat, 10 Feb 2018 20:46:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=Y+spHF5SXvmuLp5VqWOH3i3Da5A3GnZ1eenTF71ZLq8=; b=tHHuo0ITEI3/97yL0AGkfKOWv3ThaoCqKbhDus0hdxULitvJshinaSxFSwSE1q+3iV pqFi/HuTlNAqAC7MYFPwH0qiQLZkONObiFQYrq7boJIdmh1+DLLWpvkKAKO5yk5HAD8P LWlF5D2G0z+uontP6uqBbVHdujDPKgp1z85LH/vpBFDbpMjGmRjgA4gdd3Q01GdWJnLx z9cNLSdXUV555CIshrLuFpIbhIjivA1UMcAHOcIStLLSWNgyoZ1RHFJZ809GGGuJJkPO grageBSzrpnfvh4WWsp0HqoRG3POe6Bng5dYgHCVQEkixAOYtnn4twRLX1uUXOBgJON0 5LRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=Y+spHF5SXvmuLp5VqWOH3i3Da5A3GnZ1eenTF71ZLq8=; b=p85S5ZsiM3BmeAC2b621rh94K5oO/gjnfUZrYynOEYw/OwrcRSZHZI/vnc5lb8hh4a hDug/F6NSk7Lt6uSwiPoWwzOL4ALDn9lIfTjwGOp8gmx7z4Ed8rBGx8hTyZ+KTJ++seD d9TDi+1G92/4tbvL9QRDUxt4tlucIjOrwZfrP9mWPdzRXQIn3YfIRzXImdqqgy7eSpI9 d3joGS5rWXmhQI10VtSM97xus9YI99qgoPdZEVOXpRrZq13kAZCp58XGsYWldmp2HFRz QYP4PDu1JqkhhcN9uwkcm4VayKQSdjnokJ48J1tA4cGGOu7jn9xMrY2wBX4zJ5Qm+c9Y GW8g== X-Gm-Message-State: APf1xPBJz5m32oEj3+CiiltD3+CpUD+2t/MHfL4BepoAFGRTdFEvUWaa wPWZjpeaMAnTTnMB205Z4GuSsiTEKNIO3U3RgsA= X-Received: by 10.107.78.5 with SMTP id c5mr9148459iob.120.1518324363681; Sat, 10 Feb 2018 20:46:03 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.59.196 with HTTP; Sat, 10 Feb 2018 20:46:02 -0800 (PST) In-Reply-To: References: <1518106752-29228-1-git-send-email-yamada.masahiro@socionext.com> <1518106752-29228-5-git-send-email-yamada.masahiro@socionext.com> <20180209053038.pscoijvowmyudyzf@huvuddator> <20180209124607.akjhncb5sempjqcn@huvuddator> <20180210054843.z3g7wvcmlccvww3h@huvuddator> <20180210074924.3nhxsza5zdbaahxx@huvuddator> <20180210080556.mycqsjhxbaguwhay@huvuddator> <20180210085519.737ckf4bcl57h4g2@huvuddator> From: Linus Torvalds Date: Sat, 10 Feb 2018 20:46:02 -0800 X-Google-Sender-Auth: JNCr5wLaef5j0kJeDVmnrtvEEPA Message-ID: Subject: Re: [RFC PATCH 4/7] kconfig: support new special property shell= To: Kees Cook Cc: Ulf Magnusson , Masahiro Yamada , Linux Kbuild mailing list , Greg Kroah-Hartman , Andrew Morton , Nicolas Pitre , "Luis R . Rodriguez" , Randy Dunlap , Sam Ravnborg , Michal Marek , Martin Schwidefsky , Pavel Machek , linux-s390 , Jiri Kosina , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Feb 10, 2018 at 8:13 PM, Kees Cook wrote: > > It's been there since the very beginning when Arjan added it to > validate that the compiler actually produces a stack protector when > you give it -fstack-protector. Older gccs broke this entirely, more > recent misconfigurations (as seen with some of Arnd's local gcc > builds) did similar, and there have been regressions in some versions > where gcc's x86 support flipped to the global canary instead of the > %gs-offset canary. Argh. I wanted to get rid of all that entirely, and simplify this all. The mentioned script (and bugzilla) was from 2006, I assumed this was all historical. But if it has broken again since, I guess we need to have a silly script. Grr. But yes, I also reacted to your earlier " It can't silently rewrite it to _REGULAR because the compiler support for _STRONG regressed." Because it damn well can. If the compiler doesn't support -fstack-protector-strong, we can just fall back on -fstack-protector. Silently. No extra crazy complex logic for that either. Linus