Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp2401199ybt; Tue, 16 Jun 2020 05:18:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwxhYIAbajonfAuSyzlXXCo2/U88Bg3TimWHAYnfXii+xHJADa+tFnv39V+ZDtKwcdEFfi3 X-Received: by 2002:a05:6402:2d5:: with SMTP id b21mr2391924edx.293.1592309916420; Tue, 16 Jun 2020 05:18:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592309916; cv=none; d=google.com; s=arc-20160816; b=N+wY/TQVPyhpxensgzKtk5jWWhH5QmK08fs1qh6ekSGEKijeBKVLB201sH6Jh5L8OG AqQpN+71c0wayQNJwRK3+/1zQj1dL6QaCK7unXQucKi2fvdjFTHSTLHZRZlEU9xl0RUR dqOv6oOgDJ+RFHBGGHLhR2yAi94tnK7O/cszEwsysUcI1q/dJVycCaeN7y0YPmX6bFg1 /ZrpHMuYi9XxBZttVUbk1A7kn42GZGFYY7SoJYP9zAUrm23fF3GjemZin52OhPxTjtxU gbEDkf/BMKFC9ZqdhV652G6fvG9aOQzGuwB5ZYMMN/6q1sR+wYs+kg7iJHEgU1BF/Nud loyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=/FXzi8SFvevnxFXfw0hJtEay1p87T2KpcQAaG7LkSaI=; b=GeOgPC5PZKrQ8tF5/awdMacaFeJDtECDXtBvrnRIRFTdjhIlIGoWtcduv+AkB7zhUr sldplK6yUWU8gs5N2RlYb+EPNGbjvayAQ/Bv1Ln7/77IbFZpD9D+yDCWV2ncYUDf2DIH pActXp51BXYMRkMYfm/bdmHg2XVsuU3e6PiWsFdRF9a3S98UsxwFtets12sjJduAbQaX rrIW0toqxeto8wm2SzLRQ9Poe7qp5kmI8weT5JGAaAuVhj3nfhPb/XMb3I3lUYd+fhkY 7Tw5w5oBOzdiZkmS4mx4PYJktFLVi5DtnMNBcZQxz+iHPhHNz3rG/Tnw9q7Mlqo1XFZM 6hzw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=RuBVeUQm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h17si10675082eds.347.2020.06.16.05.18.13; Tue, 16 Jun 2020 05:18:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=RuBVeUQm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728481AbgFPMQH (ORCPT + 99 others); Tue, 16 Jun 2020 08:16:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726606AbgFPMQG (ORCPT ); Tue, 16 Jun 2020 08:16:06 -0400 Received: from mail-wm1-x341.google.com (mail-wm1-x341.google.com [IPv6:2a00:1450:4864:20::341]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BC259C08C5C2 for ; Tue, 16 Jun 2020 05:16:05 -0700 (PDT) Received: by mail-wm1-x341.google.com with SMTP id d128so2834981wmc.1 for ; Tue, 16 Jun 2020 05:16:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/FXzi8SFvevnxFXfw0hJtEay1p87T2KpcQAaG7LkSaI=; b=RuBVeUQmbQmtjK3dkr1lqFQXpKTKQP6QDtJ8ytHnKx1PvweHuSw6sYSJZYakkmJssF xNWVKc334A2uNvQFf2uG7y7joLwTJxQCkYTufkU/TCLEOqoqJmEsCoEkmtN9qhSMu8Ja iSHYJQh7IY/cCxeOmFOosMUnX9oHQWATRWStPO2c+pcnhWxsyQo4HWn6I1EQ9l58meYN sxllk1MWnN06wdP3K6mWcPe19RN4C4BEKcdaEzS2GM4rVT2VM7mdrqjV023M/hTE+4fo ZWqehIWY3teUloSU8KP0JiT1zSLdyZiWH+9EyR+2Tx+9KqHOWJBIMYDjDnOGmlRkDrm2 o6UA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/FXzi8SFvevnxFXfw0hJtEay1p87T2KpcQAaG7LkSaI=; b=mJE4Ph/BCHAgPstX+VFdoTS/AzssAwd6m7IO/iejeoctgXpKWMoshJ+TdX9lBD8B2k uwueF82EVKqu950Dg5woJ3tncayiUgvIvoeDmQtGZZBYJoJGH2dcisG4ScerBzZeiNyC clFQa/rGjTlJRTquScpmS+MTH2nzQZ3VwhaG9QWa4JUnyIKBmtHua2+JXkLf0yhcCOBq vTFkk6jj1n5TpvwzBhUmEXZ8P6M8+wnH3fG5Q3pdLYZ095uxt2A2zxC9Q57D2xqJnndb aZmITTp4Hqto6jmmnWmwxpXUmLZlXCIc/1i20/hq6nRAE29jil0xRcWHRp3lKhW6LOXt s3WA== X-Gm-Message-State: AOAM533QMHsjtldr9O0AV/qqBitZs/3x8oxbZO5oJuONH2MXlAUZW+dR JK7ymji5a1KBxfgXnMZX4a8A0MwhXPjKWXhE8b03oA== X-Received: by 2002:a1c:3286:: with SMTP id y128mr2802214wmy.29.1592309764320; Tue, 16 Jun 2020 05:16:04 -0700 (PDT) MIME-Version: 1.0 References: <20200616083435.223038-1-glider@google.com> <20200616100309.GA2614426@kroah.com> In-Reply-To: <20200616100309.GA2614426@kroah.com> From: Alexander Potapenko Date: Tue, 16 Jun 2020 14:15:52 +0200 Message-ID: Subject: Re: [PATCH v2] [RFC] security: allow using Clang's zero initialization for stack variables To: Greg KH Cc: Masahiro Yamada , Kees Cook , James Morris , =?UTF-8?Q?Maciej_=C5=BBenczykowski?= , Nick Desaulniers , linux-security-module , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > +KBUILD_CFLAGS += -ftrivial-auto-var-init=zero -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang > > +endif > > Gotta love the name... This is basically the reason why we've been hesitating to add it to the kernel from the very beginning. > Anyway, if this is enabled, and clang changes the flag or drops it, does > the build suddenly break? My original intention (see v1 of this patch) was to make zero-initialization a secondary option of INIT_STACK_ALL, so that nothing changes for the existing users. But I agree with Kees that these options should be made distinct, as people may want to use them for different purposes (think debug vs. release builds). We could make INIT_STACK_ALL_ZERO fall back to INIT_STACK_ALL_PATTERN if the compiler flag goes away - does this make sense? > And does gcc have something like this as well, or does that have to come > in a compiler plugin? Kees mentioned someone's plans to implement that in GCC, but I don't think they have done it already.