From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=m6BX=NQ=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-23.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,
	USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 75DD9C4320A
	for <linux-mm@archiver.kernel.org>; Wed, 25 Aug 2021 19:42:11 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 02EBC610C7
	for <linux-mm@archiver.kernel.org>; Wed, 25 Aug 2021 19:42:10 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 02EBC610C7
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org
Received: by kanga.kvack.org (Postfix)
	id 7D59C6B006C; Wed, 25 Aug 2021 15:42:10 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 7859C6B0072; Wed, 25 Aug 2021 15:42:10 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 64D266B0073; Wed, 25 Aug 2021 15:42:10 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0055.hostedemail.com [216.40.44.55])
	by kanga.kvack.org (Postfix) with ESMTP id 4820A6B006C
	for <linux-mm@kvack.org>; Wed, 25 Aug 2021 15:42:10 -0400 (EDT)
Received: from smtpin06.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay01.hostedemail.com (Postfix) with ESMTP id F0F85182C15E2
	for <linux-mm@kvack.org>; Wed, 25 Aug 2021 19:42:09 +0000 (UTC)
X-FDA: 78514623978.06.AC8564E
Received: from mail-lj1-f170.google.com (mail-lj1-f170.google.com [209.85.208.170])
	by imf29.hostedemail.com (Postfix) with ESMTP id B88E39000253
	for <linux-mm@kvack.org>; Wed, 25 Aug 2021 19:42:09 +0000 (UTC)
Received: by mail-lj1-f170.google.com with SMTP id i28so608206ljm.7
        for <linux-mm@kvack.org>; Wed, 25 Aug 2021 12:42:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=e8bdCyvC7Uu9hJ+o7Jz6ECHUhPAIMpOORzVb26WnGxM=;
        b=fy7FSMFVhod+RQF9PxaNTXukhehzmnrw1oVvDT6ae1n1J2qALCG4+tGNP3gWGuP4TO
         EHapm1ur3TPgRbHJ4n4KixsoM/Og/0Hv1QyipQr8I9Gzo7NycATrc3EGLMCdllO2e5pR
         5C+VYFEX+Txbv5I9Bpxa4Hhud2zg+zRSP8ePynlDEmgWB2YkK06YIpQ7+dQ4/bGDQdEw
         +RzNQz2O5OCruiOJbcE8PFY5Knpx1aEH9X4LzfLcWCgWbB68/pqzg8Shu07RVYTpqzo4
         IGZMriF7cj5OC43E+/QyQcAJoE9gGaED08EjsBMgeZaSYJDnQVZ0cf0qOszhqrPOjOVi
         gh5Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=e8bdCyvC7Uu9hJ+o7Jz6ECHUhPAIMpOORzVb26WnGxM=;
        b=DGcprpPYNwkOzZjWJK8iaRzAZk9gj5rdMPXIfv4tIG4mutmjOUW7N6P1xXjQhWjbY8
         4NTSxPFaNmqK4g5pdKUCXx6H4ovzX6WIVprZSRXkekpQFq8vPMRxM/IZ5RmHxTC5vnid
         gDow39hwol1qi9S9owDBTMFPU3Of1Ob5loVReMmJ1KCRpQb+kQ2S9SAIHeRCn46Nao6R
         b5kATxcACWtWN4Mx1QkG8SeDhBfna252esw5eA9eAZfhxlzBkhG8Lop2CGCzDsxk4hgr
         gU+lquDs/SeuCU2U4ugXg5fZF+mn5PWIg7e9oG1Vi5f9vpceAjLgVrzrlOOlCLs7i2K5
         c9vA==
X-Gm-Message-State: AOAM531d79kHxV3zXk2+bti2rxycI+RhPFOrpWTUh0s/QUX9NV5v/MyB
	AE13mEC2cJ/B7ixG9isTClRaSyzV/W54KUFzSZ59gw==
X-Google-Smtp-Source: ABdhPJwZnjnGR+4s5l/KVJUFTI3ve9z49umzxrFnkgYuE41CcXxbXBK+PWqEpd6EYW2goWod17qptKYPuxBC6zXhitk=
X-Received: by 2002:a2e:8008:: with SMTP id j8mr36245723ljg.233.1629920527830;
 Wed, 25 Aug 2021 12:42:07 -0700 (PDT)
MIME-Version: 1.0
References: <20210822075122.864511-1-keescook@chromium.org> <20210822075122.864511-17-keescook@chromium.org>
In-Reply-To: <20210822075122.864511-17-keescook@chromium.org>
From: Nick Desaulniers <ndesaulniers@google.com>
Date: Wed, 25 Aug 2021 12:41:56 -0700
Message-ID: <CAKwvOd=A+ueGV2ihdy5GtgR2fQbcXjjAtVxv3=cPjffpebZB7A@mail.gmail.com>
Subject: Re: [PATCH for-next 16/25] fortify: Explicitly disable Clang support
To: Kees Cook <keescook@chromium.org>
Cc: linux-kernel@vger.kernel.org, Rasmus Villemoes <linux@rasmusvillemoes.dk>, 
	Daniel Micay <danielmicay@gmail.com>, Francis Laniel <laniel_francis@privacyrequired.com>, 
	Bart Van Assche <bvanassche@acm.org>, David Gow <davidgow@google.com>, linux-mm@kvack.org, 
	clang-built-linux@googlegroups.com, linux-hardening@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Authentication-Results: imf29.hostedemail.com;
	dkim=pass header.d=google.com header.s=20161025 header.b=fy7FSMFV;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf29.hostedemail.com: domain of ndesaulniers@google.com designates 209.85.208.170 as permitted sender) smtp.mailfrom=ndesaulniers@google.com
X-Rspamd-Server: rspam06
X-Rspamd-Queue-Id: B88E39000253
X-Stat-Signature: eidqymkrp6bxyca4dz5cn7zu4de3rnq5
X-HE-Tag: 1629920529-320798
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Sun, Aug 22, 2021 at 12:57 AM Kees Cook <keescook@chromium.org> wrote:
>
> Clang has never correctly compiled the FORTIFY_SOURCE defenses due to
> a couple bugs:
>
>         Eliding inlines with matching __builtin_* names
>         https://bugs.llvm.org/show_bug.cgi?id=50322
>
>         Incorrect __builtin_constant_p() of some globals
>         https://bugs.llvm.org/show_bug.cgi?id=41459
>
> In the process of making improvements to the FORTIFY_SOURCE defenses, the
> first (silent) bug (coincidentally) becomes worked around, but exposes
> the latter which breaks the build. As such, Clang must not be used with
> CONFIG_FORTIFY_SOURCE until at least latter bug is fixed (in Clang 13),
> and the fortify routines have been rearranged.
>
> Update the Kconfig to reflect the reality of the current situation.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>

Acked-by: Nick Desaulniers <ndesaulniers@google.com>

> ---
>  security/Kconfig | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/security/Kconfig b/security/Kconfig
> index 0ced7fd33e4d..fe6c0395fa02 100644
> --- a/security/Kconfig
> +++ b/security/Kconfig
> @@ -191,6 +191,9 @@ config HARDENED_USERCOPY_PAGESPAN
>  config FORTIFY_SOURCE
>         bool "Harden common str/mem functions against buffer overflows"
>         depends on ARCH_HAS_FORTIFY_SOURCE
> +       # https://bugs.llvm.org/show_bug.cgi?id=50322
> +       # https://bugs.llvm.org/show_bug.cgi?id=41459
> +       depends on !CC_IS_CLANG
>         help
>           Detect overflows of buffers in common string and memory functions
>           where the compiler can determine and validate the buffer sizes.
> --
> 2.30.2
>
> --
> You received this message because you are subscribed to the Google Groups "Clang Built Linux" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to clang-built-linux+unsubscribe@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/clang-built-linux/20210822075122.864511-17-keescook%40chromium.org.



-- 
Thanks,
~Nick Desaulniers