Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Jul 2017 16:16:52 -0700
From: Kees Cook <>
To: Arnd Bergmann <>
Cc: Ard Biesheuvel <>, 
	Kernel Hardening <>, 
	Linus Torvalds <>
Subject: Re: [RFC/RFT PATCH] gcc-plugins: force initialize auto variables
 whose addresses are taken

On Thu, Jul 6, 2017 at 2:44 PM, Kees Cook <> wrote:
> On Thu, Jul 6, 2017 at 4:09 AM, Arnd Bergmann <> wrote:
>> On Thu, Jul 6, 2017 at 12:13 PM, Ard Biesheuvel
>> <> wrote:
>>> To prevent leaking stack contents in cases where it is not possible
>>> for the compiler to figure out whether an automatic variable has been
>>> initialized or not, add a plugin that forcibly initializes all automatic
>>> variables of struct/union types if their address is taken at any point.
>>> Signed-off-by: Ard Biesheuvel <>
> Ard, I'd be curious what you see for "size" difference between builds
> and if it's visible with hackbench or other things?

Hm, not all that bad on the size front:

   text                 data            bss                 dec
            hex filename
10950705        5592525 13955072        30498302        1d15dfe vmlinux
11048035        5592365 13955072        30595472        1d2d990

And yes, as expected, wow there are a lot of notices in verbose mode. ;)

My pet favorite, from the NAKed patch I sent forever ago, is covered
(as expected):

net/socket.c: In function ‘SYSC_getsockname’:
net/socket.c:1605:26: note: auto variable will be forcibly initialized
  struct sockaddr_storage address;


Kees Cook
Pixel Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.