Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20180909165647.GC22251@thunk.org>
Date: Sun, 9 Sep 2018 12:56:47 -0400
From: "Theodore Y. Ts'o" <tytso@....edu>
To: Greg KH <greg@...ah.com>
Cc: Sandy Harris <sandyinchina@...il.com>,
	kernel-hardening@...ts.openwall.com
Subject: Re: Checked C?

On Sun, Sep 09, 2018 at 02:59:12PM +0200, Greg KH wrote:
> On Sun, Sep 09, 2018 at 08:22:44AM -0400, Sandy Harris wrote:
> > Slashdot reports that Microsoft have come up with something they call
> > "checked C". It claims to prevent a wide variety of memory & pointer
> > bugs, using a mix of compile-time and run-time checks, at moderate
> > overheads.
> > 
> > Implementation is as extensions to Clang so it might be hard to apply
> > to the kernel which I think has some GNU-isms. Perhaps still worth a
> > look?

What would be really interesting would be implementing the Microsoft
extensions as Clang plugins, so the kernel changes don't require
distributions to ship a modified Clang.

Whoever does this will need to remember that kernel modifications need
to work with:

   * Clang with the extensions

   * Clang without the extensions (in case the extensions are Clang
     version dependent, and the system has a Clang which is too old).

   * Gcc without the extensions

We've been doing that sort of thing already, using CPP magic, so there
are plenty of examples about ways of doing that.

    	       	     	       	  	- Ted

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.