Re: [PATCH v2] security: disable FORTIFY_SOURCE on clang

2020-05-06 Thread George Burgess
I took a bit to poke Clang here. Building an arbitrary file with `CONFIG_FORTIFY_SOURCE=y`, none of the functions in this range https://github.com/ClangBuiltLinux/linux/blob/0bee0cece/include/linux/string.h#L274-L468 have FORTIFY'ed definitions emitted by clang, i.e., the added FORTIFY checks aren'

Re: [PATCH v2] security: disable FORTIFY_SOURCE on clang

2020-05-05 Thread Nathan Chancellor
On Tue, May 05, 2020 at 07:54:09PM -0700, Kees Cook wrote: > On Tue, May 05, 2020 at 06:14:53PM -0600, Jason A. Donenfeld wrote: > > clang-10 has a broken optimization stage that doesn't allow the > > compiler to prove at compile time that certain memcpys are within > > bounds, and thus the outline

Re: [PATCH v2] security: disable FORTIFY_SOURCE on clang

2020-05-05 Thread Jason A. Donenfeld
On Tue, May 5, 2020 at 8:54 PM Kees Cook wrote: > > On Tue, May 05, 2020 at 06:14:53PM -0600, Jason A. Donenfeld wrote: > > clang-10 has a broken optimization stage that doesn't allow the > > compiler to prove at compile time that certain memcpys are within > > bounds, and thus the outline memcpy

Re: [PATCH v2] security: disable FORTIFY_SOURCE on clang

2020-05-05 Thread Kees Cook
On Tue, May 05, 2020 at 06:14:53PM -0600, Jason A. Donenfeld wrote: > clang-10 has a broken optimization stage that doesn't allow the > compiler to prove at compile time that certain memcpys are within > bounds, and thus the outline memcpy is always called, resulting in > horrific performance, and

Re: [PATCH v2] security: disable FORTIFY_SOURCE on clang

2020-05-05 Thread Nick Desaulniers
On Tue, May 5, 2020 at 5:15 PM Jason A. Donenfeld wrote: > > clang-10 has a broken optimization stage that doesn't allow the > compiler to prove at compile time that certain memcpys are within > bounds, and thus the outline memcpy is always called, resulting in > horrific performance, and in some

[PATCH v2] security: disable FORTIFY_SOURCE on clang

2020-05-05 Thread Jason A. Donenfeld
clang-10 has a broken optimization stage that doesn't allow the compiler to prove at compile time that certain memcpys are within bounds, and thus the outline memcpy is always called, resulting in horrific performance, and in some cases, excessive stack frame growth. Here's a simple reproducer: