Received: by 10.213.65.68 with SMTP id h4csp647339imn; Sat, 31 Mar 2018 06:42:26 -0700 (PDT) X-Google-Smtp-Source: AIpwx49dYrpo9kH42L6ZaOL8Vrmxz68/3l5IpG6TP8ms14elUpBwTzuoqCKAZiTmtMzIUeNtTvdi X-Received: by 10.98.156.16 with SMTP id f16mr2222883pfe.180.1522503746623; Sat, 31 Mar 2018 06:42:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522503746; cv=none; d=google.com; s=arc-20160816; b=snqlD6vXMZDVYcbCoEW5JOcRN0jA4NScD3/NNN1OUw+AmahVxIWjVbek3658dfdqZ3 Z5hvjA3/2bmt2ElU3bQU0tkxfPhxUowd8cGO+8FQtGBH7Q4Z/uwNMK/jb9gGaRp3ZBSs guoVg/tc6D3jZlYE6QJ8+ANNfdT9NCrdWxWhyWt++ruq2+k9zTqfTWfksod2oYRyyKJW UfizC+Xw/kqjyguVMUHZhtloK8//nRrpyUdOVhl9WqGul6UOqWVZG750RcVm2o2HyuA6 s0eDaxD2PsQZ33yAIgTH+H4QSOA4V5zYYRkq9kX8mMzJlkMXGhPm9d2L12J/r1LiXNP0 xSZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=9p8t4SfxFJe+y02WW+YO5IVXQEpGZxj5AXxeT3QrK6U=; b=mHPRhl8PB9Nul6lufn06tDiWpI9UeuHoTalEjOOKaNhA6Y9ieGyxwr7jpQQAvc9Cye lz2j5Ab3VjjdGpydD2+ylU6G9X6WyX9tmLmOMOIGgktIt3NYRMBZABBRhWA+VL5SCKRa e8IQT+IuqUP9CteLOrzeuDL0/XsuaBBZyRozb2jyNGz/NDLIE6NMZkjGRBkv0ZLtYtVm RiltiGrmYPons9IwfjmqCsYTNnPwZfVSu0btbumvDUqv0IwKA1YWt19ph/sr357fJO+l 4QzNf/Boz/mWYEdtDVNkQkuZgI1w2TXdujGmj4PikoNVkfzOHU0yvCr0BFN7Hk1lXSh0 D+Jw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=Zs7lnmar; dkim=fail header.i=@chromium.org header.s=google header.b=XcjjB0k0; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t23-v6si1182295ply.445.2018.03.31.06.41.35; Sat, 31 Mar 2018 06:42:26 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=Zs7lnmar; dkim=fail header.i=@chromium.org header.s=google header.b=XcjjB0k0; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752424AbeCaNhl (ORCPT + 99 others); Sat, 31 Mar 2018 09:37:41 -0400 Received: from mail-ua0-f195.google.com ([209.85.217.195]:42934 "EHLO mail-ua0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751965AbeCaNhj (ORCPT ); Sat, 31 Mar 2018 09:37:39 -0400 Received: by mail-ua0-f195.google.com with SMTP id o34so6715765uae.9 for ; Sat, 31 Mar 2018 06:37:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=9p8t4SfxFJe+y02WW+YO5IVXQEpGZxj5AXxeT3QrK6U=; b=Zs7lnmarvdeAGJ6gbZPV4HcKjTYW4YR3NpsuiPmJ42AlJ6DUHDJGSL+NJBsMEtB4nO yucTMWdkYNXSzRWk6BTM+9vpPrhSTHoZCp3U7zDonnqrLRghPozYK+ZX8BexFXsauG1P zERNLXjpyp6BLnypC3GQ10ktHBC4k1Cd+4HDjQ4aEO9WRTLmeRw2qkbey30z59mqd6Bz ygVmxpL4+aJp6+CdHIqXnW9N95NSJN1syPOzhIfn5WKbCLNRv+B46p+i6yuOT2oMCSXT Xx38jDjgwRRq/wDtxOtWqEowCkF0Q0mjVOycm5cVHNFhjxH4dwvBvAY4t9rEaDYwZe9T KmVQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=9p8t4SfxFJe+y02WW+YO5IVXQEpGZxj5AXxeT3QrK6U=; b=XcjjB0k0y9OunnxFbXSY62/J5/rVOYUWmRRHEV66+zWS6voP1jQ5DRVOfHglHW4V59 OjzSyW9a0NmQdfEtgGUEI1u52/RrEfyUAo/PEiOAAhq/SMtCGpW4mQD/0J/IlkCu9ekx Ffa2+4jD2HxrQYP0wMXWJYE4E9/kI+RgmBWQM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=9p8t4SfxFJe+y02WW+YO5IVXQEpGZxj5AXxeT3QrK6U=; b=BAd5vASP1Q3KNYY3S8mpjCH+zUVug1tpkp8v+5+AG1LGLQ42ALsn2uqdgWtg2Ies86 qhDOP6WHM91+4eKK+c7r0ZNSfVZ3nqu3Vq83fBraJek2ihg39LZMascpeaW79UXp+50D dXKhhwxCAvITJKzXoT7TsFPPU4KsPcz2KezV9JnY1Ds12T2w3SOIPToogdLUR/J0P4Fz HHyzok9+KlU0gQ0u5T7oVI/l014+Kc3oKGRjxWH3jM4VvugwsJP+rZpuw81aSruLSn+T Oz6kTDCwBIwp9n9XUsThRWkUyNH2G1yfpYELMAReFZwRaVX0FVxYFz9Vnb/+1C6LbXC7 kbUQ== X-Gm-Message-State: ALQs6tAcTLZzBuQGvhA1W5KDsp2YS1edE7pgXmtJ6+YUBY7azIkScIqw HYpcjaDqlPUo3hawLqaL0b/DEN8tCFHkgdfv0CtVRw== X-Received: by 10.176.14.3 with SMTP id g3mr1537483uak.83.1522503458584; Sat, 31 Mar 2018 06:37:38 -0700 (PDT) MIME-Version: 1.0 Received: by 10.31.129.9 with HTTP; Sat, 31 Mar 2018 06:37:37 -0700 (PDT) In-Reply-To: <20180331053434.akno723avvcri654@gmail.com> References: <20180326221554.GA45166@beast> <20180327054748.jx6mzywguuqfkqpv@gmail.com> <20180331053434.akno723avvcri654@gmail.com> From: Kees Cook Date: Sat, 31 Mar 2018 06:37:37 -0700 X-Google-Sender-Auth: JCLb-vN2vXh7tWh0mpFd7yG-heU Message-ID: Subject: Re: [PATCH v6] kernel.h: Retain constant expression output for max()/min() To: Ingo Molnar Cc: Andrew Morton , Linus Torvalds , Martin Uecker , Josh Poimboeuf , Rasmus Villemoes , Randy Dunlap , Miguel Ojeda , David Laight , Ian Abbott , LKML , Kernel Hardening Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 30, 2018 at 10:34 PM, Ingo Molnar wrote: > > * Kees Cook wrote: > >> On Mon, Mar 26, 2018 at 10:47 PM, Ingo Molnar wrote: >> > >> > * Kees Cook wrote: >> > >> >> In the effort to remove all VLAs from the kernel[1], it is desirable to >> >> build with -Wvla. However, this warning is overly pessimistic, in that >> >> it is only happy with stack array sizes that are declared as constant >> >> expressions, and not constant values. One case of this is the evaluation >> >> of the max() macro which, due to its construction, ends up converting >> >> constant expression arguments into a constant value result. >> >> >> >> All attempts to rewrite this macro with __builtin_constant_p() failed with >> >> older compilers (e.g. gcc 4.4)[2]. However, Martin Uecker constructed[3] a >> >> mind-shattering solution that works everywhere. Cthulhu fhtagn! >> >> >> >> This patch updates the min()/max() macros to evaluate to a constant >> >> expression when called on constant expression arguments. This removes >> >> several false-positive stack VLA warnings from an x86 allmodconfig >> >> build when -Wvla is added: >> > >> > Cool! >> > >> > Acked-by: Ingo Molnar >> > >> > How many warnings are left in an allmodconfig build? >> >> For -Wvla? Out of the original 112 files with VLAs, 42 haven't had a >> patch applied yet. Doing a linux-next allmodconfig build with the >> max() patch and my latest ecc patch, we've gone from 316 warning >> instances to 205. More than half of those are in >> include/crypto/skcipher.h and include/crypto/hash.h. > > Great - once the number of warnings is zero, is the plan to enable the warning > unconditionally? That's the plan, yes. Like inbox-zero but for VLAs. ;) -Kees -- Kees Cook Pixel Security