Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 12 Mar 2018 11:28:19 +0100
From: Salvatore Mesoraca <>
To: "Tobin C. Harding" <>
Cc: Kees Cook <>, Tycho Andersen <>, 
	Kernel Hardening <>
Subject: Re: VLA commit log

2018-03-12 6:26 GMT+01:00 Tobin C. Harding <>:
> Hi,
> I got some push back on the commit log we have all started to use
> (copying Kees' initial commit log).  If we are going to do hundreds of
> these patches should we write a perfectly correct commit log that can be
> included as the start of the 'why' of each VLA removal patch?  Here is
> my attempt, I am quite bad at writing commit logs so would love someone
> to fix it up.
>     Kernel stack size is limited.  Variable Length Arrays (VLA) open the
>     kernel up to stack abuse in a couple of ways;
>     1. If the variable can be controlled by an attacker.
>     2. Not having the size of the stack right there in plain site makes it
>     harder to maintain the code base because changes in one place can effect
>     the stack in another place (i.e in another function).
>     It would be nice to be able to build the kernel with -Wvla.  There has
>     been some consensus on this already [1].
>     ...
>     [1]:
> The '...' would of course be different for each patch.  In case you
> missed it here is the catalyst for this email
>         On Mon, Mar 12, 2018 at 03:49:40PM +1100, Tobin C. Harding wrote:
>         > The kernel would like to have all stack VLA usage removed[1].
>         Can you please stop writing this?  The Linux kernel isn't
>         sentient; it doesn't "like" anything.  You need to explain why
>         *you* (and other people) believe these changes should be made.
> Perhaps we should add a summary of all the gcc discussion i.e why const
> variables still cause gcc to emit a VLA warning.

Maybe it will be useful to update the doc (e.g.
Documentation/process/coding-style.rst or a new
Documentation/process/vla-considered-harmful.rst) with an extensive
explanation of why VLAs shouldn't be used.
And then we can just refer to that.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.