search

anthraxx / linux-hardened

Minimal supplement to upstream Kernel Self Protection Project changes. Features already provided by SELinux + Yama and archs other than multiarch arm64 / x86_64 aren't in scope. Only tags have stable history. Shared IRC channel with KSPP: irc.libera.chat #linux-hardening
Other
567 stars 56 forks source link

Failed compiling kernel 5.15.25 using gcc 11.2.0 #65

Open pete842 opened 2 years ago

pete842 commented 2 years ago

Hi,

It seems after gcc update from version 10.3.0 to 11.2.0, I am not able to compile the kernel anymore

When I try to compile the linux kernel 5.15.25 with linux-hardened patches using gcc 11.2.0, I get the following output:

In file included from ./include/linux/resource_ext.h:11,
                 from ./include/linux/pci.h:40,
                 from ./drivers/iommu/intel/dmar.c:19:
In function ‘kmalloc’,
    inlined from ‘kzalloc’ at ./include/linux/slab.h:721:9,
    inlined from ‘dmar_alloc_pci_notify_info’ at ./drivers/iommu/intel/dmar.c:150:10:
./include/linux/slab.h:596:16: error: argument 1 value ‘18446744073709551615’ exceeds maximum object size 9223372036854775807 [-Werror=alloc-size-larger-than=]
  596 |         return __kmalloc(size, flags);
      |                ^~~~~~~~~~~~~~~~~~~~~~
./include/linux/slab.h: In function ‘dmar_alloc_pci_notify_info’:
./include/linux/slab.h:428:7: note: in a call to allocation function ‘__kmalloc’ declared here
  428 | void *__kmalloc(size_t size, gfp_t flags) __assume_kmalloc_alignment __malloc __attribute__((alloc_size(1)));
      |       ^~~~~~~~~

As this suggests, the only impact of the patch on this issue is the addition of __attribute__((alloc_size(1))) at function __kmalloc(size_t size, gfp_t flags) in ./include/linux/slab.h:428. I can confirm that removing this and this only does "fix the problem".

Everything works fine when using gcc version 10.4.0.

I'm fully aware that this is not directly linked to the patch itself, and it most likely has to do with a gcc regression or something. However, I was hopping not being alone with this issue, and hopefully find some help here.

My guess is that this is a bogus warning / false positive.

1corn2 commented 2 years ago

You can also "fix" the issue by compiling with CONFIG_WERROR disabled. This is done on the arch linux package so I assume it is fine.

tsautereau-anssi commented 2 years ago

@pete842 See commit 86cffecdeaa2, which disabled this warning in v5.16 and was not backported to the 5.15 stable branch.

pete842 commented 2 years ago

@tsautereau-anssi thank you, I will have a look 👌