1. Patchew
  2. linux
  3. [PATCH 0/3] randstruct: gcc-plugin: Remove bogus void member
  4. View patch

[PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST"

Kees Cook posted 3 patches 9 months, 2 weeks ago
[PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST"
Posted by Kees Cook 9 months, 2 weeks ago 
This reverts commit f5c68a4e84f9feca3be578199ec648b676db2030.

It is again possible to build "allmodconfig" with the randstruct GCC
plugin, so enable it for COMPILE_TEST to catch future bugs.

Signed-off-by: Kees Cook <kees@kernel.org>
---
 security/Kconfig.hardening | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening
index 3fe9d7b945c4..c17366ce8224 100644
--- a/security/Kconfig.hardening
+++ b/security/Kconfig.hardening
@@ -344,7 +344,7 @@ config CC_HAS_RANDSTRUCT
 
 choice
 	prompt "Randomize layout of sensitive kernel structures"
-	default RANDSTRUCT_FULL if COMPILE_TEST && CC_HAS_RANDSTRUCT
+	default RANDSTRUCT_FULL if COMPILE_TEST && (GCC_PLUGINS || CC_HAS_RANDSTRUCT)
 	default RANDSTRUCT_NONE
 	help
 	  If you enable this, the layouts of structures that are entirely
-- 
2.34.1
Re: [PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST"
Posted by Thiago Jung Bauermann 8 months, 2 weeks ago 
Hello,

This commit was reported by our CI as breaking the allmodconfig build for
the arm and arm64 architectures when using GCC 15. This is due to
https://github.com/KSPP/linux/issues/367 :

-00:05:08 *** WARNING *** there are active plugins, do not report this as a bug unless you can reproduce it without enabling any plugins.
00:05:08 Event                            | Plugins
00:05:08 PLUGIN_FINISH_TYPE               | randomize_layout_plugin
00:05:08 PLUGIN_FINISH_DECL               | randomize_layout_plugin
00:05:08 PLUGIN_ATTRIBUTES                | latent_entropy_plugin randomize_layout_plugin
00:05:08 PLUGIN_START_UNIT                | latent_entropy_plugin stackleak_plugin
00:05:08 PLUGIN_ALL_IPA_PASSES_START      | randomize_layout_plugin
00:05:08 arch/arm64/kernel/kexec_image.c:132:14: internal compiler error: in comptypes_check_enum_int, at c/c-typeck.cc:1519
00:05:08   132 | const struct kexec_file_ops kexec_image_ops = {
00:05:08       |              ^~~~~~~~~~~~~~
00:05:08 0x225bdff internal_error(char const*, ...)
00:05:08 	../../../../../../gcc/gcc/diagnostic-global-context.cc:517
00:05:08 0x7cb197 fancy_abort(char const*, int, char const*)
00:05:08 	../../../../../../gcc/gcc/diagnostic.cc:1803
00:05:08 0x81f0e7 comptypes_check_enum_int(tree_node*, tree_node*, bool*)
00:05:08 	../../../../../../gcc/gcc/c/c-typeck.cc:1519
00:05:08 0x81f0e7 comptypes_check_enum_int(tree_node*, tree_node*, bool*)
00:05:08 	../../../../../../gcc/gcc/c/c-typeck.cc:1513
00:05:08 0x7e3b83 diagnose_mismatched_decls
00:05:08 	../../../../../../gcc/gcc/c/c-decl.cc:2170
00:05:08 0x7e64f3 duplicate_decls
00:05:08 	../../../../../../gcc/gcc/c/c-decl.cc:3169
00:05:08 0x7ea1eb pushdecl(tree_node*)
00:05:08 	../../../../../../gcc/gcc/c/c-decl.cc:3376
00:05:08 0x803c03 start_decl(c_declarator*, c_declspecs*, bool, tree_node*, bool, unsigned long*)
00:05:08 	../../../../../../gcc/gcc/c/c-decl.cc:5755
00:05:08 0x864c67 c_parser_declaration_or_fndef
00:05:08 	../../../../../../gcc/gcc/c/c-parser.cc:2851
00:05:08 0x8a7b33 c_parser_external_declaration
00:05:08 	../../../../../../gcc/gcc/c/c-parser.cc:2110
00:05:08 0x8a8ba3 c_parser_translation_unit
00:05:08 	../../../../../../gcc/gcc/c/c-parser.cc:1964
00:05:08 0x8a8ba3 c_parse_file()
00:05:08 	../../../../../../gcc/gcc/c/c-parser.cc:29839
00:05:08 0x931eff c_common_parse_file()
00:05:08 	../../../../../../gcc/gcc/c-family/c-opts.cc:1385
00:05:08 Please submit a full bug report, with preprocessed source (by using -freport-bug).
00:05:08 Please include the complete backtrace with any bug report.
00:05:08 See <https://gcc.gnu.org/bugs/> for instructions.
00:05:08 make[4]: *** [scripts/Makefile.build:203: arch/arm64/kernel/kexec_image.o] Error 1

The same error repeats for several other source files.
Re: [PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST"
Posted by Kees Cook 8 months, 2 weeks ago 
On Thu, May 29, 2025 at 09:06:46PM -0300, Thiago Jung Bauermann wrote:
> This commit was reported by our CI as breaking the allmodconfig build for
> the arm and arm64 architectures when using GCC 15. This is due to
> https://github.com/KSPP/linux/issues/367 :
> 
> 00:05:08 arch/arm64/kernel/kexec_image.c:132:14: internal compiler error: in comptypes_check_enum_int, at c/c-typeck.cc:1519
> 00:05:08   132 | const struct kexec_file_ops kexec_image_ops = {
> 00:05:08       |              ^~~~~~~~~~~~~~

I'm not able to reproduce this. Which specific version of GCC 15 and
on what distro are you seeing this?

This is Fedora 42 for me:

$ aarch64-linux-gnu-gcc --version
aarch64-linux-gnu-gcc (GCC) 15.1.1 20250425 (Red Hat Cross 15.1.1-1)
...
$ make O=gcc-arm64 ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- allmodconfig
$ grep RANDSTRUCT gcc-arm64/.config
# CONFIG_RANDSTRUCT_NONE is not set
CONFIG_RANDSTRUCT_FULL=y
# CONFIG_RANDSTRUCT_PERFORMANCE is not set
CONFIG_RANDSTRUCT=y
CONFIG_GCC_PLUGIN_RANDSTRUCT=y
CONFIG_RANDSTRUCT_KUNIT_TEST=m
$ make O=gcc-arm64 ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- all -s
$ file gcc-arm64/vmlinux
gcc-arm64/vmlinux: ELF 64-bit LSB pie executable, ARM aarch64, version 1 (SYSV), statically linked, BuildID[sha1]=b53656cb73bb82f4e19edbfa54241c203daa3fed, not stripped


And the new KUnit randstruct selftests all pass as well:

$ ./tools/testing/kunit/kunit.py run \
	--arch arm64 --cross_compile aarch64-linux-gnu- \
	--kconfig_add CONFIG_RANDSTRUCT_FULL=y randstruct
...
# Totals: pass:5 fail:0 skip:0 total:5



-- 
Kees Cook
Re: [PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST"
Posted by Nathan Chancellor 8 months, 2 weeks ago 
On Thu, May 29, 2025 at 10:12:22PM -0700, Kees Cook wrote:
> On Thu, May 29, 2025 at 09:06:46PM -0300, Thiago Jung Bauermann wrote:
> > This commit was reported by our CI as breaking the allmodconfig build for
> > the arm and arm64 architectures when using GCC 15. This is due to
> > https://github.com/KSPP/linux/issues/367 :
> > 
> > 00:05:08 arch/arm64/kernel/kexec_image.c:132:14: internal compiler error: in comptypes_check_enum_int, at c/c-typeck.cc:1519
> > 00:05:08   132 | const struct kexec_file_ops kexec_image_ops = {
> > 00:05:08       |              ^~~~~~~~~~~~~~
> 
> I'm not able to reproduce this. Which specific version of GCC 15 and
> on what distro are you seeing this?

It looks like this was also reported to Debian (I originally noticed it
in the #gcc channel on OFTC a couple of weeks ago but forgot to mention
it):

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104745

It looks like the difference might be whether GCC was built with
additional checks or not based on the last couple of comments in that
bug.

Cheers,
Nathan
Re: [PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST"
Posted by Kees Cook 8 months, 2 weeks ago 
On Fri, May 30, 2025 at 12:09:04PM -0700, Nathan Chancellor wrote:
> On Thu, May 29, 2025 at 10:12:22PM -0700, Kees Cook wrote:
> > On Thu, May 29, 2025 at 09:06:46PM -0300, Thiago Jung Bauermann wrote:
> > > This commit was reported by our CI as breaking the allmodconfig build for
> > > the arm and arm64 architectures when using GCC 15. This is due to
> > > https://github.com/KSPP/linux/issues/367 :
> > > 
> > > 00:05:08 arch/arm64/kernel/kexec_image.c:132:14: internal compiler error: in comptypes_check_enum_int, at c/c-typeck.cc:1519
> > > 00:05:08   132 | const struct kexec_file_ops kexec_image_ops = {
> > > 00:05:08       |              ^~~~~~~~~~~~~~
> > 
> > I'm not able to reproduce this. Which specific version of GCC 15 and
> > on what distro are you seeing this?
> 
> It looks like this was also reported to Debian (I originally noticed it
> in the #gcc channel on OFTC a couple of weeks ago but forgot to mention
> it):
> 
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104745
> 
> It looks like the difference might be whether GCC was built with
> additional checks or not based on the last couple of comments in that
> bug.

Proposed fix here:
https://lore.kernel.org/lkml/20250530221824.work.623-kees@kernel.org/

-- 
Kees Cook
Re: [PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST"
Posted by Kees Cook 8 months, 2 weeks ago 
On Fri, May 30, 2025 at 12:09:04PM -0700, Nathan Chancellor wrote:
> On Thu, May 29, 2025 at 10:12:22PM -0700, Kees Cook wrote:
> > On Thu, May 29, 2025 at 09:06:46PM -0300, Thiago Jung Bauermann wrote:
> > > This commit was reported by our CI as breaking the allmodconfig build for
> > > the arm and arm64 architectures when using GCC 15. This is due to
> > > https://github.com/KSPP/linux/issues/367 :
> > > 
> > > 00:05:08 arch/arm64/kernel/kexec_image.c:132:14: internal compiler error: in comptypes_check_enum_int, at c/c-typeck.cc:1519
> > > 00:05:08   132 | const struct kexec_file_ops kexec_image_ops = {
> > > 00:05:08       |              ^~~~~~~~~~~~~~
> > 
> > I'm not able to reproduce this. Which specific version of GCC 15 and
> > on what distro are you seeing this?
> 
> It looks like this was also reported to Debian (I originally noticed it
> in the #gcc channel on OFTC a couple of weeks ago but forgot to mention
> it):
> 
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104745
> 
> It looks like the difference might be whether GCC was built with
> additional checks or not based on the last couple of comments in that
> bug.

Ah, thanks for the additional pointer! Yeah, discussion has continued
on https://github.com/KSPP/linux/issues/367 which shows it's a problem
for GCC builds configured with "--enable-checking=yes"

It seems like this check is overly strict? I'm building GCC now to see
which aspect of the plugin is tripping it... I assume its decl
finalization, but we'll see.

-- 
Kees Cook

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.