Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp4366079imm; Mon, 25 Jun 2018 14:34:00 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLg5h8hNCXF3BZl2MTRinIqnHhQe/ICgzR7PDp0EN+mxmkZCte0FG3bC0wrQI+vwSPWWKvj X-Received: by 2002:a17:902:b788:: with SMTP id e8-v6mr13356277pls.339.1529962440082; Mon, 25 Jun 2018 14:34:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529962440; cv=none; d=google.com; s=arc-20160816; b=Z1FOEGSX8ubnKfbh26NJeExVIETYU6prYYNe0Gw394APHX9tbkk7JjqoJP5iu61WoO qzXStK99hDHev+jha+t5ubElLO6EXnzyEq6uKnHFPSG9Av28NlIOzYpWNTIBoPKEAW0U C+IQYOClz2WUFiYj4iEcMaWzF7P1RmT6dxbzy9ZTkYOev+E5xirLnOj8+HOsmWOnb08b zHMShWixABpy+EfB4cGC05eziKzwHP5arnQsnV/AOhBBdARVrSdCeFH5O/BBAadRD+LG CYblAAFHXvDTwmPJ5EV61Jxw4MkXaeuDhFKnXQ2yFDKAHtGMWJw9moXq9d9gcjraht0X H0dQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=ao8+iP/ZXc2zh/hTSz2WGZu6mq+doZvTp3RhLWoHv3A=; b=ndqgFvV3Ah+6gmbLfFy/K1O7UvdJ0ag4tsxsxsUDQY0DfP3K8T8HNGo3rIbJ6obdCd 8sPh8xCYNMo5Hmptwt+QaKkPZ/0Rmzc94/9quAAUrLZOdW+gxuCUcbrVf4tGE35lMHms 1tJmafaf44aPUm+LbkfD7j1f0VkfLZzYfoDFfjXMCLRqzyjA9l3P0RApu82t5sTOJjJ6 CXoENvp8jcZhji+Umoksb7Du0pxuK5qjqJJ+sFlTuyDojG05TbXpSelHU4rboLN7D9SW zcjR7vWyWZrPqnW+6cOsX8hSetnPDYrAZZ/kiWigkUXJcCsaqmNw/aZjCaWAbbOMSnrB 70wQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=V1mf639E; dkim=fail header.i=@chromium.org header.s=google header.b=XvtM44RD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d77-v6si15144432pfb.262.2018.06.25.14.33.44; Mon, 25 Jun 2018 14:34:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=V1mf639E; dkim=fail header.i=@chromium.org header.s=google header.b=XvtM44RD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752834AbeFYVcQ (ORCPT + 99 others); Mon, 25 Jun 2018 17:32:16 -0400 Received: from mail-yw0-f193.google.com ([209.85.161.193]:44562 "EHLO mail-yw0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752330AbeFYVcP (ORCPT ); Mon, 25 Jun 2018 17:32:15 -0400 Received: by mail-yw0-f193.google.com with SMTP id k18-v6so5298612ywm.11 for ; Mon, 25 Jun 2018 14:32:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=ao8+iP/ZXc2zh/hTSz2WGZu6mq+doZvTp3RhLWoHv3A=; b=V1mf639EhXuQ60Zu2r78HRRDl39WHEV92qD/yjsebwtE5e59nmmn8qhkbV8V97nw8u QAZ57Ab1WC8v11oZoZmwUAgxIL1nv9zPx55UH67MBVlP1w3YkjRjXbn3sESPN+TIHBT7 tKPvCtP1BPKvesKwHBb31+X5iDJp4xBbz6SMVNKN785GzzD43kiVqvnoMH4QUs+9RhtF hMX0b9es+0TEK7d1nQZ76n5UrHAl/cYrKBjMmmiBzI8YFQsftympNbUcKCBCzMZQLitH VJ94qZv2rfbiFj8BRtoJK0PaPhYasFBh3EG8Mz3R+UqD0teUFVOFhU00bsEphQgySZ5z USJw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=ao8+iP/ZXc2zh/hTSz2WGZu6mq+doZvTp3RhLWoHv3A=; b=XvtM44RD6v26mVIeuwVCAsy7dXv1k8c2VPwDd1JepR7aTp4fhrp1qdX3OlVVVam/cp e5Z+RnZNoC9Ehv6OKBJfsVf8o1mJ98jSuZR9pn+ELM68JyATHgZqQK4lphN24Ad7rS7c oO7s+oK4HctrvoRuFG4KGNMlYTbvq0Fs0tHfM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=ao8+iP/ZXc2zh/hTSz2WGZu6mq+doZvTp3RhLWoHv3A=; b=ulM6nKVeqa+q33CIu50JRn5UE/EBB16saRv31aISw2G1uUlXTCtlkpVPnpSukHsaYt ZyTr42enxAbHbg4M9fb9RrL8asJroQi7eY0+fufayRZBvCbC3oN+/yDnb7WDEaogw02y gKz6gfVAdfDy7XYS9JpklQdHmcHrzXp8sO3Lzxwchgyt7SguJiqj0EtPIAdwVubMPk/i 4VlLfdzrUSa8mSf5lonYcx7rqF5pwFfGMiP1Ur9VufgMZe5wwiN2M0cFOnnfcx+t7qWe G2qNhn7eUUBVYLx40aIaQCH+BLwCNhUrqatBBbVyHVstxvX6F2zBYlIsb8JOO4ulRUKB 0vEw== X-Gm-Message-State: APt69E21ZiRsz6/cYztwnCb8FSd58VIoCnAVlFhpIGeAdmX8qoYzvwms bnWOiUp2I0P6bjt720chsfat4vAVGYVMMQcO5DkjOg== X-Received: by 2002:a81:3b04:: with SMTP id i4-v6mr6486270ywa.38.1529962334364; Mon, 25 Jun 2018 14:32:14 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:5f51:0:0:0:0:0 with HTTP; Mon, 25 Jun 2018 14:32:13 -0700 (PDT) In-Reply-To: <4d9f90abbf87539d3588f88117806f76c6826030.camel@perches.com> References: <20180625211026.15819-1-keescook@chromium.org> <20180625211026.15819-2-keescook@chromium.org> <4d9f90abbf87539d3588f88117806f76c6826030.camel@perches.com> From: Kees Cook Date: Mon, 25 Jun 2018 14:32:13 -0700 X-Google-Sender-Auth: YfSQCYBgxvlEQhtB7rqTQJd1BeA Message-ID: Subject: Re: [PATCH v2 01/11] crypto: xcbc: Remove VLA usage To: Joe Perches Cc: Herbert Xu , "David S. Miller" , linux-crypto , "Gustavo A. R. Silva" , Arnd Bergmann , Eric Biggers , Alasdair Kergon , Giovanni Cabiddu , Lars Persson , Mike Snitzer , Rabin Vincent , Tim Chen , qat-linux@intel.com, dm-devel@redhat.com, LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 25, 2018 at 2:23 PM, Joe Perches wrote: > On Mon, 2018-06-25 at 14:10 -0700, Kees Cook wrote: >> In the quest to remove all stack VLA usage from the kernel[1], this uses >> the maximum blocksize and adds a sanity check. For xcbc, the blocksize >> must always be 16, so use that, since it's already being enforced during >> instantiation. > > Is it time yet to change this warning from 'make W=3' to W=1? > --- > scripts/Makefile.extrawarn | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn > index 8d5357053f86..27ba478d40cd 100644 > --- a/scripts/Makefile.extrawarn > +++ b/scripts/Makefile.extrawarn > @@ -29,6 +29,7 @@ warning-1 += $(call cc-option, -Wmissing-include-dirs) > warning-1 += $(call cc-option, -Wunused-but-set-variable) > warning-1 += $(call cc-option, -Wunused-const-variable) > warning-1 += $(call cc-option, -Wpacked-not-aligned) > +warning-1 += $(call cc-option, -Wvla) > warning-1 += $(call cc-disable-warning, missing-field-initializers) > warning-1 += $(call cc-disable-warning, sign-compare) > > @@ -52,7 +53,6 @@ warning-3 += -Wpointer-arith > warning-3 += -Wredundant-decls > warning-3 += -Wswitch-default > warning-3 += $(call cc-option, -Wpacked-bitfield-compat) > -warning-3 += $(call cc-option, -Wvla) > > warning := $(warning-$(findstring 1, > $(KBUILD_ENABLE_EXTRA_GCC_CHECKS))) > warning += $(warning-$(findstring 2, > $(KBUILD_ENABLE_EXTRA_GCC_CHECKS))) I was going to skip the churn since I intend to make the default build use -Wvla for the next merge window (assuming we've killed all the VLAs by then). After crypto, only fs/ntfs remains, and I have that half done already. There are a couple more still under some development back-and-forth. I'm not _opposed_ to this change, but I'd rather just make it the default. And then the next cycle, I'd want it to be -Werror=vla, but I may get shouted down. ;) -Kees -- Kees Cook Pixel Security