From e6148767825ce345338328a29030a182e3b22d10 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 18 Jun 2021 23:30:07 -0700 Subject: Makefile: Enable -Warray-bounds With the recent fixes for flexible arrays and expanded FORTIFY_SOURCE coverage, it is now possible to enable -Warray-bounds. Since both GCC and Clang include -Warray-bounds in -Wall, adjust the Makefile to just stop disabling it. Note that this option can be conservative in its warnings (which is done at casting time rather than access time), but this is reasonable since the cast variables may be accessed out of a scope where the true size of the original object can't be evaluated. These handful of false positives (which are arguably bad casts and can be easily avoided), are worth dealing with because of the many places where this option has helped identify missed bounds checks and even accesses done against cases where a NULL pointer could be reached. https://github.com/KSPP/linux/issues/109 https://github.com/KSPP/linux/issues/151 Cc: Arnd Bergmann Cc: Masahiro Yamada Cc: linux-kbuild@vger.kernel.org Co-developed-by: Gustavo A. R. Silva Signed-off-by: Gustavo A. R. Silva Signed-off-by: Kees Cook --- Makefile | 1 - 1 file changed, 1 deletion(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index ceb987e5c87b..d66b61691e8c 100644 --- a/Makefile +++ b/Makefile @@ -952,7 +952,6 @@ KBUILD_CFLAGS += $(call cc-disable-warning, stringop-truncation) # We'll want to enable this eventually, but it's not going away for 5.7 at least KBUILD_CFLAGS += $(call cc-disable-warning, zero-length-bounds) -KBUILD_CFLAGS += -Wno-array-bounds KBUILD_CFLAGS += $(call cc-disable-warning, stringop-overflow) # Another good warning that we'll want to enable eventually -- cgit v1.2.3-70-g09d2 From 00a4f836eb369723b148e3f250c850a028778832 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Tue, 17 Aug 2021 11:56:36 -0700 Subject: Makefile: Enable -Wzero-length-bounds With all known internal zero-length accesses fixed, it is possible to enable -Wzero-length-bounds globally. Since this is included by default in -Warray-bounds, we just need to stop disabling it. Cc: "Gustavo A. R. Silva" Cc: Arnd Bergmann Cc: Masahiro Yamada Cc: linux-kbuild@vger.kernel.org Signed-off-by: Kees Cook Reviewed-by: Nick Desaulniers Link: https://lore.kernel.org/lkml/CAKwvOd=bcs5W6eEDXGn5ROR2EuMiSp_2e6sLFxak=KK6yLWcvA@mail.gmail.com --- Makefile | 1 - 1 file changed, 1 deletion(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index d66b61691e8c..8e2e4edf7e71 100644 --- a/Makefile +++ b/Makefile @@ -951,7 +951,6 @@ KBUILD_CFLAGS += $(call cc-option, -Wcast-function-type) KBUILD_CFLAGS += $(call cc-disable-warning, stringop-truncation) # We'll want to enable this eventually, but it's not going away for 5.7 at least -KBUILD_CFLAGS += $(call cc-disable-warning, zero-length-bounds) KBUILD_CFLAGS += $(call cc-disable-warning, stringop-overflow) # Another good warning that we'll want to enable eventually -- cgit v1.2.3-70-g09d2