Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D631C05027 for ; Wed, 8 Feb 2023 18:53:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231253AbjBHSxu (ORCPT ); Wed, 8 Feb 2023 13:53:50 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48586 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230427AbjBHSxn (ORCPT ); Wed, 8 Feb 2023 13:53:43 -0500 Received: from mail-pf1-x42a.google.com (mail-pf1-x42a.google.com [IPv6:2607:f8b0:4864:20::42a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C683D530CF for ; Wed, 8 Feb 2023 10:53:41 -0800 (PST) Received: by mail-pf1-x42a.google.com with SMTP id g9so13766662pfo.5 for ; Wed, 08 Feb 2023 10:53:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=ARKAnyJbGCDixUf78i+l0G5zkCQxdhupYbkp6nMWaxY=; b=GR+o7rQZRnnVhmV8DKpfe5rs/4FwgZ4XFtphgEXVIyvnOUrWvYWq+8ESj61NPNAwJ3 dwDUvoAgPU5ZnmGOSkt/w/3k1gynrD0KCQZa/uEl2Ep+xMfE8hg0eCu91ETY08mqyi/e 0gnt4W1ItvQoMk/ZHnutPdnFE5V4Q++7LHZzY5bxKyxElcU/p8zOyjyMJi0mpQ6ImO1C 6xar8VdeMfFd7NO8f/nu8KgeuHH9uat10q8VE27KqqqQpxm6B9rGY5RPI+mFyCTcdxSp 3D0uP99uNs82jdJtiQcMwAd4Vl5MlluR/yNHDyP9P+Tsu0o6wJG+R5ZMvgdLQv/gc/mg N/9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ARKAnyJbGCDixUf78i+l0G5zkCQxdhupYbkp6nMWaxY=; b=4t+EmZT1QShB2fS/G2gKga7B59dmm5otMlymNAkMvCI62i8GodjTt0Wyk9iECirkR5 cdwT8txq47SUidJz41ok3xSMR+2lFeyD5IgUt2Gwt21ZfwkkNc3inmwUuF14TucWgpJ/ hq0XcyW2TLKSfqC3es1iqtry6iLdv/lxhT/YhsiEeriKql5i+nikKmTEQVrlm4cbQUPW 028gMSSQ+iwXv5o5rYOjfj64WSG870No4xqg/6zDYmsK5sVL4C/QavdYCMaQcVH7/1ZQ L9IKDX72fhztfGrcwTw3VxhVJPk9/g0BTZ0KN2bqzhSxv+VUqjbRKxWSQPLHixV+Q6zV fbXg== X-Gm-Message-State: AO0yUKVN402tqBSKFFw7M/zt0z1rPq2o0LhO4kaJoE4JU/ImhYN0tB0A 6uIoi5xtl9haWzU/xaTFrhmWMwys+kFAVin12d42uQ== X-Google-Smtp-Source: AK7set+qg/4GJecRaFbLM82rNlur1zcDRisirla89w82/iIvTgqEVWcL7Bup47k6dMJQSzwaLNHJzj/tQ2m6ZDI8CZA= X-Received: by 2002:a62:5184:0:b0:5a8:4bf8:174e with SMTP id f126-20020a625184000000b005a84bf8174emr372120pfb.29.1675882420676; Wed, 08 Feb 2023 10:53:40 -0800 (PST) MIME-Version: 1.0 References: <20230208065133.220589-1-ebiggers@kernel.org> In-Reply-To: <20230208065133.220589-1-ebiggers@kernel.org> From: Nick Desaulniers Date: Wed, 8 Feb 2023 10:53:29 -0800 Message-ID: Subject: Re: [PATCH] randstruct: disable Clang 15 support To: Eric Biggers Cc: linux-hardening@vger.kernel.org, Kees Cook , Bill Wendling , llvm@lists.linux.dev, linux-kernel@vger.kernel.org, stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 7, 2023 at 10:52 PM Eric Biggers wrote: > > From: Eric Biggers > > The randstruct support released in Clang 15 is unsafe to use due to a > bug that can cause miscompilations: "-frandomize-layout-seed > inconsistently randomizes all-function-pointers structs" > (https://github.com/llvm/llvm-project/issues/60349). It has been fixed > on the Clang 16 release branch, so add a Clang version check. > > Fixes: 035f7f87b729 ("randstruct: Enable Clang support") > Cc: stable@vger.kernel.org > Signed-off-by: Eric Biggers Thanks for the patch and report. Guessing that wasn't fun to debug. Acked-by: Nick Desaulniers > --- > security/Kconfig.hardening | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening > index 53baa95cb644f..0f295961e7736 100644 > --- a/security/Kconfig.hardening > +++ b/security/Kconfig.hardening > @@ -281,6 +281,9 @@ endmenu > > config CC_HAS_RANDSTRUCT > def_bool $(cc-option,-frandomize-layout-seed-file=/dev/null) > + # Randstruct was first added in Clang 15, but it isn't safe to use until > + # Clang 16 due to https://github.com/llvm/llvm-project/issues/60349 > + depends on !CC_IS_CLANG || CLANG_VERSION >= 160000 > > choice > prompt "Randomize layout of sensitive kernel structures" > > base-commit: 4ec5183ec48656cec489c49f989c508b68b518e3 > -- > 2.39.1 > > -- Thanks, ~Nick Desaulniers