|
Message-ID: <20180312092108.d4ajuj7dk2jxgkon@gmail.com> Date: Mon, 12 Mar 2018 10:21:08 +0100 From: Ingo Molnar <mingo@...nel.org> To: Ard Biesheuvel <ard.biesheuvel@...aro.org> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Steven Rostedt <rostedt@...dmis.org>, Arnd Bergmann <arnd@...db.de>, Daniel Micay <danielmicay@...il.com>, Kees Cook <keescook@...omium.org>, Dave Hansen <dave.hansen@...ux.intel.com>, Alexander Popov <alex.popov@...ux.com>, Kernel Hardening <kernel-hardening@...ts.openwall.com>, PaX Team <pageexec@...email.hu>, Brad Spengler <spender@...ecurity.net>, Andy Lutomirski <luto@...nel.org>, Tycho Andersen <tycho@...ho.ws>, Laura Abbott <labbott@...hat.com>, Mark Rutland <mark.rutland@....com>, Borislav Petkov <bp@...en8.de>, Richard Sandiford <richard.sandiford@....com>, Thomas Gleixner <tglx@...utronix.de>, "H . Peter Anvin" <hpa@...or.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, "Dmitry V . Levin" <ldv@...linux.org>, Emese Revfy <re.emese@...il.com>, Jonathan Corbet <corbet@....net>, Andrey Ryabinin <aryabinin@...tuozzo.com>, "Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>, Thomas Garnier <thgarnie@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>, Alexei Starovoitov <ast@...nel.org>, Josef Bacik <jbacik@...com>, Masami Hiramatsu <mhiramat@...nel.org>, Nicholas Piggin <npiggin@...il.com>, Al Viro <viro@...iv.linux.org.uk>, "David S . Miller" <davem@...emloft.net>, Ding Tianhong <dingtianhong@...wei.com>, David Woodhouse <dwmw@...zon.co.uk>, Josh Poimboeuf <jpoimboe@...hat.com>, Dominik Brodowski <linux@...inikbrodowski.net>, Juergen Gross <jgross@...e.com>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Dan Williams <dan.j.williams@...el.com>, Mathias Krause <minipli@...glemail.com>, Vikas Shivappa <vikas.shivappa@...ux.intel.com>, Kyle Huey <me@...ehuey.com>, Dmitry Safonov <dsafonov@...tuozzo.com>, Will Deacon <will.deacon@....com>, X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH RFC v9 4/7] x86/entry: Erase kernel stack in syscall_trace_enter() * Ard Biesheuvel <ard.biesheuvel@...aro.org> wrote: > > Is it possible to implement this "safe automatic variable initialization" language > > feature via a GCC plugin robustly, while still keeping code generation sane? (i.e. > > no forced allocation of stack slots, etc.) It should be a superset of > > CONFIG_GCC_PLUGIN_STRUCTLEAK=y. > > I think that should be feasible, yes. > > It would be worth trying whether the current code can be simplified, though: it > currently takes care not to add such an initialization if it can already spot > one, but I wonder whether just blindly adding one at the start and letting the > compiler optimize it away again is safer. Absolutely - followed by: - a good look at the resulting code generation with a reasonably uptodate GCC - a look at the resulting code with older GCCs, to make sure there's no pathological code generation ... because IMHO in the end it is the practical effects that will make (or break) any such attempt. ( BTW., initializing all automatic variables might even speed up certain optimization passes, FWIIW. ) Thanks, Ingo
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.