6.7-stable review patch. If anyone has any objections, please let me know. ------------------ From: Kees Cook <keescook@xxxxxxxxxxxx> commit 3e00f5802fabf2f504070a591b14b648523ede13 upstream. We continue to see false positives from -Warray-bounds even in GCC 10, which is getting reported in a few places[1] still: security/security.c:811:2: warning: `memcpy' offset 32 is out of the bounds [0, 0] [-Warray-bounds] Lower the GCC version check from 11 to 10. Link: https://lkml.kernel.org/r/20240223170824.work.768-kees@xxxxxxxxxx Reported-by: Lu Yao <yaolu@xxxxxxxxxx> Closes: https://lore.kernel.org/lkml/20240117014541.8887-1-yaolu@xxxxxxxxxx/ Link: https://lore.kernel.org/linux-next/65d84438.620a0220.7d171.81a7@xxxxxxxxxxxxx [1] Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> Reviewed-by: Paul Moore <paul@xxxxxxxxxxxxxx> Cc: Ard Biesheuvel <ardb@xxxxxxxxxx> Cc: Christophe Leroy <christophe.leroy@xxxxxxxxxx> Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> Cc: "Gustavo A. R. Silva" <gustavoars@xxxxxxxxxx> Cc: Johannes Weiner <hannes@xxxxxxxxxxx> Cc: Marc Aurèle La France <tsi@xxxxxxxxxx> Cc: Masahiro Yamada <masahiroy@xxxxxxxxxx> Cc: Nathan Chancellor <nathan@xxxxxxxxxx> Cc: Nhat Pham <nphamcs@xxxxxxxxx> Cc: Petr Mladek <pmladek@xxxxxxxx> Cc: Randy Dunlap <rdunlap@xxxxxxxxxxxxx> Cc: Suren Baghdasaryan <surenb@xxxxxxxxxx> Cc: <stable@xxxxxxxxxxxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- init/Kconfig | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) --- a/init/Kconfig +++ b/init/Kconfig @@ -876,14 +876,14 @@ config CC_IMPLICIT_FALLTHROUGH default "-Wimplicit-fallthrough=5" if CC_IS_GCC && $(cc-option,-Wimplicit-fallthrough=5) default "-Wimplicit-fallthrough" if CC_IS_CLANG && $(cc-option,-Wunreachable-code-fallthrough) -# Currently, disable gcc-11+ array-bounds globally. +# Currently, disable gcc-10+ array-bounds globally. # It's still broken in gcc-13, so no upper bound yet. -config GCC11_NO_ARRAY_BOUNDS +config GCC10_NO_ARRAY_BOUNDS def_bool y config CC_NO_ARRAY_BOUNDS bool - default y if CC_IS_GCC && GCC_VERSION >= 110000 && GCC11_NO_ARRAY_BOUNDS + default y if CC_IS_GCC && GCC_VERSION >= 100000 && GCC10_NO_ARRAY_BOUNDS # # For architectures that know their GCC __int128 support is sound