Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0D599C6379F for ; Tue, 7 Feb 2023 18:01:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231187AbjBGSBu (ORCPT ); Tue, 7 Feb 2023 13:01:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60044 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231795AbjBGSBo (ORCPT ); Tue, 7 Feb 2023 13:01:44 -0500 Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C00E137577 for ; Tue, 7 Feb 2023 10:01:33 -0800 (PST) Received: by mail-pl1-x635.google.com with SMTP id i2so3085232ple.13 for ; Tue, 07 Feb 2023 10:01:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=PZduzSQedcfK0VkSdKK8LkGwE1Lav/aAuVJtPsAz85U=; b=OBxGFk75lDiGUlUvrFhIHJPcRAslCw/EEvSQNDBB5YCIzMHVA4EnksKV25d5GBa8T9 dFS19YdvdlPngB22IpK6355pvCbZS88YSXZJn0ypE20zzdLdc3hFS7GLG9O2Oi6SBDZr iX8gB/ssqdae0nsogt7pu+1nXVASgEzoB3iba34bqufCITrZzBbSUG72BPS1U/xt4PMm ZvdfoPHZ8gwvGgVZ8ryLTePkyRraoiOf8yX2ucJpoHts2vqjlVXcdjCZI1HRRTIdUqEJ I07rC4JoFiNgx1KV8OsL+j5niabSt3T/7hR+ulfJikexep4XdQnX2OIPRZ7KcZnGiE4h yBbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PZduzSQedcfK0VkSdKK8LkGwE1Lav/aAuVJtPsAz85U=; b=BRf4FhaQtfnaTqu3FgPgcm9NLO7piycX99F2mYiraICT/NPGQJp/5Vw3ySrag7qP8x rP73RtonB1arPq2rdRTtV2FY9gViUX9paQgYST+JT6a64vWEHtkdYxLI99Wa2l1hFquN CiYgL6PX57WEeHQVGWTZK/3rdcVBaXSigR55GJAy+kzhNEfqI0uB686w1yaw47OGq96z QlBZcbkTsydI0filf+oGLDqzEfk6f6I3WANTbLwSAzSj6veKHY8vizXZ0q4MMRbNsdeq s7iagOWgkMmsXIdCo0Ytrp8fK7+P0y2cvY0L2vjSzR1FZVnyP2SfyVb/bIzYAS1U1h1L q63Q== X-Gm-Message-State: AO0yUKVn+NexgDbPC+PFRsI9X/Q3dt2Lulf905nuxQKdW7vsK/ksdFZm Uf07oiAoL6tIV2SM3wmtL2hRe4+9+yCKmjG4J2bLhA== X-Google-Smtp-Source: AK7set/5/7deqTUQyO/sBNCbUgkmz7QmmOIK18S7lNp32mxnhOYV8HOSgp8+KUAArWSXjr58XkSfzZwy3swzWUzfUDI= X-Received: by 2002:a17:903:555:b0:196:14ea:d3c6 with SMTP id jo21-20020a170903055500b0019614ead3c6mr923273plb.20.1675792892586; Tue, 07 Feb 2023 10:01:32 -0800 (PST) MIME-Version: 1.0 References: <20230203194201.92015-1-ebiggers@kernel.org> <63deacb1.170a0220.f078.6779@mx.google.com> In-Reply-To: From: Nick Desaulniers Date: Tue, 7 Feb 2023 10:01:21 -0800 Message-ID: Subject: Re: [PATCH] randstruct: temporarily disable clang support To: Eric Biggers Cc: Kees Cook , linux-hardening@vger.kernel.org, llvm@lists.linux.dev, linux-kernel@vger.kernel.org, stable@vger.kernel.org, Bill Wendling Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Feb 6, 2023 at 3:41 PM Fangrui Song wrote: > > On Sat, Feb 4, 2023 at 11:06 AM Kees Cook wrote: > > > > On Fri, Feb 03, 2023 at 11:42:01AM -0800, Eric Biggers wrote: > > > From: Eric Biggers > > > > > > Randstruct with clang is currently unsafe to use in any clang release > > > that supports it, due to a clang bug that is causing miscompilations: > > > "-frandomize-layout-seed inconsistently randomizes all-function-point= ers > > > structs" (https://github.com/llvm/llvm-project/issues/60349). Disabl= e > > > it temporarily until the bug is fixed and the fix is released in a cl= ang > > > version that can be checked for. > > > > > > Fixes: 035f7f87b729 ("randstruct: Enable Clang support") > > > Cc: stable@vger.kernel.org > > > Signed-off-by: Eric Biggers > > > --- > > > security/Kconfig.hardening | 3 ++- > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening > > > index 53baa95cb644..aad16187148c 100644 > > > --- a/security/Kconfig.hardening > > > +++ b/security/Kconfig.hardening > > > @@ -280,7 +280,8 @@ config ZERO_CALL_USED_REGS > > > endmenu > > > > > > config CC_HAS_RANDSTRUCT > > > - def_bool $(cc-option,-frandomize-layout-seed-file=3D/dev/null) > > > + # Temporarily disabled due to https://github.com/llvm/llvm-proj= ect/issues/60349 > > > + def_bool n > > > > > > choice > > > prompt "Randomize layout of sensitive kernel structures" > > > > > > base-commit: 7b753a909f426f2789d9db6f357c3d59180a9354 > > > -- > > > 2.39.1 > > > > This should be fixed with greater precision -- i.e. this is nearly fixe= d > > in Clang now, and is likely to be backported. So I think we'll need > > versioned checks here. > > > > -- > > Kees Cook > > > > Bill has requested cherry-pick the llvm-project fix into the > release/16.x branch [1]. > https://github.com/llvm/llvm-project-release-prs/pull/276 > It may take one day to land. > > [1]: https://github.com/llvm/llvm-project/tree/release/16.x > > -- > =E5=AE=8B=E6=96=B9=E7=9D=BF > All landed; the version check should be for 16+. (And the link to the issue report would be nice to retain). --=20 Thanks, ~Nick Desaulniers