Re: [RFC][PATCH] Makefile: globally enable VLA warning

From: Kees Cook
Date: Tue Jun 26 2018 - 18:02:55 EST


On Tue, Jun 26, 2018 at 1:21 PM, Joe Perches <joe@xxxxxxxxxxx> wrote:
> On Tue, 2018-06-26 at 10:40 -0700, Kees Cook wrote:
>> This is the patch I've got prepared now that fixes for all VLAs have been
>> sent to maintainers (some are still under review/adjustment, but there
>> aren't any unexplored cases left). My intention would be to have this land
>> at the end of the next merge window after all the pending VLA patches
>> have landed. I just wanted to get any feedback here, since it touches
>> a couple areas in the process and I didn't want anyone to be surprised. :)
> []
>> diff --git a/Makefile b/Makefile
> []
>> @@ -778,6 +778,9 @@ NOSTDINC_FLAGS += -nostdinc -isystem $(shell $(CC) -print-file-name=include)
>> # warn about C99 declaration after statement
>> KBUILD_CFLAGS += $(call cc-option,-Wdeclaration-after-statement,)
>>
>> +# VLAs should not be used anywhere in the kernel
>> +KBUILD_CFLAGS += $(call cc-option,-Wvla)
>
> I'd probably spell out what a VLA is here.
> # VLAs (Variable Length Arrays) should not be used anywhere in the kernel
>
> Beyond that, seems sensible, thanks.

Ah yes, good idea. I've made that change locally now. Thanks!

-Kees

--
Kees Cook
Pixel Security