diff options
author | Kees Cook <keescook@chromium.org> | 2021-06-18 23:30:07 -0700 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2022-02-13 16:49:40 -0800 |
commit | e6148767825ce345338328a29030a182e3b22d10 (patch) | |
tree | 12c437c80079caad8c673207996e0aa282e74001 /Makefile | |
parent | dfd42facf1e4ada021b939b4e19c935dcdd55566 (diff) | |
download | linux-e6148767825ce345338328a29030a182e3b22d10.tar.bz2 |
Makefile: Enable -Warray-bounds
With the recent fixes for flexible arrays and expanded FORTIFY_SOURCE
coverage, it is now possible to enable -Warray-bounds. Since both GCC
and Clang include -Warray-bounds in -Wall, adjust the Makefile to just
stop disabling it.
Note that this option can be conservative in its warnings (which is
done at casting time rather than access time), but this is reasonable
since the cast variables may be accessed out of a scope where the true
size of the original object can't be evaluated. These handful of false
positives (which are arguably bad casts and can be easily avoided),
are worth dealing with because of the many places where this option
has helped identify missed bounds checks and even accesses done against
cases where a NULL pointer could be reached.
https://github.com/KSPP/linux/issues/109
https://github.com/KSPP/linux/issues/151
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: linux-kbuild@vger.kernel.org
Co-developed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'Makefile')
-rw-r--r-- | Makefile | 1 |
1 files changed, 0 insertions, 1 deletions
@@ -952,7 +952,6 @@ KBUILD_CFLAGS += $(call cc-disable-warning, stringop-truncation) # We'll want to enable this eventually, but it's not going away for 5.7 at least KBUILD_CFLAGS += $(call cc-disable-warning, zero-length-bounds) -KBUILD_CFLAGS += -Wno-array-bounds KBUILD_CFLAGS += $(call cc-disable-warning, stringop-overflow) # Another good warning that we'll want to enable eventually |