Re: F36 Change: GNU Toolchain Update (gcc 12, glibc 2.35) (late System-Wide Change proposal)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 22 Jan 2022 at 11:51, Jonathan Wakely <jwakely@xxxxxxxxxx> wrote:
>
> On Sat, 22 Jan 2022 at 10:52, Andreas Schneider <asn@xxxxxxxxxx> wrote:
> >
> > On Tuesday, January 11, 2022 7:00:22 PM CET Steve Grubb wrote:
> > > Hello,
> > >
> > > On Wednesday, January 5, 2022 5:05:26 PM EST Ben Cotton wrote:
> > >
> > > > https://fedoraproject.org/wiki/Changes/GNUToolchainF36
> > > >
> > > > == Summary ==
> > > > Update the Fedora 36 GNU Toolchain to gcc 12 and glibc 2.35.
> > > >
> > > > The gcc 12 is currently under development and will be included in
> > > > Fedora 36 upon release. The glibc 2.35 change will be tracked in this
> > > > top-level GNU Toolchain system-wide update.
> > >
> > >
> > > Reading through the GCC 12 changes, there is a significant new feature to
> > > GCC
> >  that would appear to be useful for security. There is a new:
> > >
> > > -ftrivial-auto-var-init=zero
> > >
> > > flag that initializes all stack variables to zero. Zero being a nice safe
> > > value that makes programs crash instead of being exploitable.
> > >
> > > Are there plans to enable this flag so that all applications, but more
> > > importantly the kernel, are hardened against uninitialized stack variables?
> > >
> > > This is one of the major classes of security bugs that could potentially
> > > be eliminated during this mass rebuild.
> >
> > I don't know if it is still the case, but OpenSSL used uninitialized stack
> > variables on purpose! If you initialize them to zero might end up with the
> > same disaster as Debian had some years ago!
> >
> > https://www.debian.org/security/2008/dsa-1571
>
> IIRC it wasn't that simple. The necessary entropy was *not* coming
> from uninitialized bytes. There were other sources of *real* entropy,
> but the Debian patch caused *none* of it to be added to the pool
> (except for the PID). Zeroing the uninitialized bytes would *not* hurt
> as long as the *real* sources of entropy still get added.

Also, I think the count of added entropy was still being updated even
though nothing got added.

The bug was more complicated than just "an uninitialized stack buffer
didn't get used as entropy".
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux