Received: by 2002:a25:ca44:0:0:0:0:0 with SMTP id a65csp2158386ybg; Thu, 30 Jul 2020 11:48:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx5wSMp6jfFjTvQYJ8bQjw2DjMw3hPpevRMhQ5ySgLpY9For0mlY9trH9x5ZSDAhtCrG/PF X-Received: by 2002:a17:906:26c3:: with SMTP id u3mr408421ejc.483.1596134885337; Thu, 30 Jul 2020 11:48:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1596134885; cv=none; d=google.com; s=arc-20160816; b=QfXFjDepLUYudDkKoKJkO1vnhiSrxmOWcGrz7HpoyDUoztdQtyAKuk8eB183DOM6XJ ao+QUTg9J15t8Gz62+/36/Qx78pr66Uv4UV8dPth5xDo091OT4xQqVnbJ/K1/hEXuRvv 5kYBpW7VisshLcfzDkEvdCBjEK6AGll/KLt8vU7JEESt6xUimETntnYK/u/7JPJaiBh8 csR6FMdpIDzz6HUlOCMMRi47PNH08vy01EU/I0n+W7TgNyP6lxoiKl9V4qtU+LU/ahzb CzNTNzReLEpvl2V0rxgixb5ZPBa3G+XZurRUgzxhxxuMmqhxa0B1+BzeuT6eYXfgTeCR bPiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=20EbUEqeYpd3RRZUZK1aesXR8taUEzkknvo8JthXpRA=; b=d2bdsY3wvLUB1VU6GY7yowAAdaPJvSRQSCNsHG82PBFSyUcG4E2AtMJjInwcI1Ra98 Vy+6LcqSEa4A4GVHzqye5zBL/WDqniIuW08DukKvbJUDst6npaGY6OsxgaU3zg1lTYDX TybfhgH3tF4Y8L3TzJtgQ/er9vbixuDJ1aar0SWoQqiUcz1bSPyCSiWBYDx/TgrisAgI qd9WNCi4iK/HwTGJbPmzCtERwYjbHZGpKyauM21jI60cThGldUjwMIklzppW1NiwZDDX ZgYbBXHdlRgJoDnsFAEzaYGQstcgZUqOx7w5c4YFM0qYzJ2uyIqq8qz6HSe0Zq1rm5Ky iU2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=mGjup5h1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x4si3513298eju.496.2020.07.30.11.47.42; Thu, 30 Jul 2020 11:48:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=mGjup5h1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728610AbgG3SrZ (ORCPT + 99 others); Thu, 30 Jul 2020 14:47:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38472 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726495AbgG3SrZ (ORCPT ); Thu, 30 Jul 2020 14:47:25 -0400 Received: from mail-pj1-x1044.google.com (mail-pj1-x1044.google.com [IPv6:2607:f8b0:4864:20::1044]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C9305C061575 for ; Thu, 30 Jul 2020 11:47:24 -0700 (PDT) Received: by mail-pj1-x1044.google.com with SMTP id mt12so4992674pjb.4 for ; Thu, 30 Jul 2020 11:47:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=20EbUEqeYpd3RRZUZK1aesXR8taUEzkknvo8JthXpRA=; b=mGjup5h1kWARxWONoDVI2PHrZazfbUi5lBQ0bXcOsbujHQq2gF2Jr5Hjanq+FS/GK7 AJ4vM5eaPU6+EeStZkPwAcLTaK/csiqXJDmm+rF53e9D2zFhxyRVE6ueu34xfxf51RRs s2cOtYC3OvjXZBd/SLGSAK9FJ6zlFi6Tg0Z5M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=20EbUEqeYpd3RRZUZK1aesXR8taUEzkknvo8JthXpRA=; b=CCkanCq28VPLUvmB2CL9y2fveFPg95Yu59DpPB0DyHP2L0pV9lFy5zOxD81F5fuSFU Y9cypKXqOFIc3mLp5FzhrnK11GgMND+OGNG53Jk9jPoVDVjF9ZzM+TRqKSkOA7yIMkKV AZ3+ZZNHT23TF1s2YE0ME3KgnPDBMS6JjmvLCpZvKPS2xFzFqVNkVec3RHa/46MDMn00 y/WkJQZCk+KMfIoZHhAqGshsCo8BNkj7TvyQEclvodAB2n9Zu1lVK47VN64N9OtrB8oD 5U1k2YshS6t7lhJtnWLC4AXlfDMlAKyUNmN0sRLu5RjG3/NGwXZ+mdp7O6aYTrxCqjX9 gC1w== X-Gm-Message-State: AOAM533lqEzf2lHywCfKXVW9cCUN0O57iq2UPUJRhUFD9maK0mfXWMXa 5sSpOkmRy7+93scQoKOxDGh+uw== X-Received: by 2002:a17:90a:348d:: with SMTP id p13mr479596pjb.108.1596134844313; Thu, 30 Jul 2020 11:47:24 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id i1sm7221219pfo.212.2020.07.30.11.47.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 Jul 2020 11:47:23 -0700 (PDT) Date: Thu, 30 Jul 2020 11:47:22 -0700 From: Kees Cook To: Linus Torvalds Cc: Stephen Rothwell , Emese Revfy , Linux Next Mailing List , Linux Kernel Mailing List , Willy Tarreau , Catalin Marinas , Will Deacon , Sami Tolvanen Subject: Re: linux-next: build failure after merge of the origin tree Message-ID: <202007301138.D8B018CB@keescook> References: <20200730090828.2349e159@canb.auug.org.au> <202007292007.D87DBD34B@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jul 30, 2020 at 11:24:44AM -0700, Linus Torvalds wrote: > On Wed, Jul 29, 2020 at 8:17 PM Kees Cook wrote: > > > > I'll look into this more tomorrow. (But yes, __latent_entropy is > > absolutely used for globals already, as you found, but this is the first > > percpu it was applied to...) > > Note that it was always per-cpu. > > The only thing that changed was that it was declared static in > lib/random.c vs being externally visible. Yup, thanks. I realized that a bit after sending my email. :) > Unrelated side note: I notice that the plugins could be simplified a > bit now that we require gcc 4.9 or later. There's a fair amount of > cruft for the earlier gcc versions. Yup -- Masahiro keeps poking the build system, but I haven't cleaned up the header file macros to keep up with the recent jumps. (It falls a bit low on my TODO list since it's a bit of a mechanical cleanup. I'm open to anyone that would like to send patches, though!) > I'm not sure how seriously the gcc plugins are actually maintained (no > offense) aside from just keeping them limping along. Does anybody > actually use them in production? I thought google had mostly moved on > to clang. They're part of regular testing, and there is ongoing development (e.g. see Alex Popov's recent series[1], which is in -next waiting for the v5.9 merge window). I hear regularly from folks using randstruct, stackleak, structleak, and latent_entropy. But yes, Google has moved to Clang where we're using Clang's implementation of structleak (auto-var-init) but there has been work to get randstruct ported (as desired by at least one Android vendor), though it's currently stalled. -Kees [1] https://lore.kernel.org/lkml/20200624123330.83226-1-alex.popov@linux.com/ -- Kees Cook