6.7-stable review patch. If anyone has any objections, please let me know.
------------------
From: Kees Cook keescook@chromium.org
commit 3e00f5802fabf2f504070a591b14b648523ede13 upstream.
We continue to see false positives from -Warray-bounds even in GCC 10, which is getting reported in a few places[1] still:
security/security.c:811:2: warning: `memcpy' offset 32 is out of the bounds [0, 0] [-Warray-bounds]
Lower the GCC version check from 11 to 10.
Link: https://lkml.kernel.org/r/20240223170824.work.768-kees@kernel.org Reported-by: Lu Yao yaolu@kylinos.cn Closes: https://lore.kernel.org/lkml/20240117014541.8887-1-yaolu@kylinos.cn/ Link: https://lore.kernel.org/linux-next/65d84438.620a0220.7d171.81a7@mx.google.co... [1] Signed-off-by: Kees Cook keescook@chromium.org Reviewed-by: Paul Moore paul@paul-moore.com Cc: Ard Biesheuvel ardb@kernel.org Cc: Christophe Leroy christophe.leroy@csgroup.eu Cc: Greg Kroah-Hartman gregkh@linuxfoundation.org Cc: "Gustavo A. R. Silva" gustavoars@kernel.org Cc: Johannes Weiner hannes@cmpxchg.org Cc: Marc Aurèle La France tsi@tuyoix.net Cc: Masahiro Yamada masahiroy@kernel.org Cc: Nathan Chancellor nathan@kernel.org Cc: Nhat Pham nphamcs@gmail.com Cc: Petr Mladek pmladek@suse.com Cc: Randy Dunlap rdunlap@infradead.org Cc: Suren Baghdasaryan surenb@google.com Cc: stable@vger.kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- init/Kconfig | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
--- a/init/Kconfig +++ b/init/Kconfig @@ -876,14 +876,14 @@ config CC_IMPLICIT_FALLTHROUGH default "-Wimplicit-fallthrough=5" if CC_IS_GCC && $(cc-option,-Wimplicit-fallthrough=5) default "-Wimplicit-fallthrough" if CC_IS_CLANG && $(cc-option,-Wunreachable-code-fallthrough)
-# Currently, disable gcc-11+ array-bounds globally. +# Currently, disable gcc-10+ array-bounds globally. # It's still broken in gcc-13, so no upper bound yet. -config GCC11_NO_ARRAY_BOUNDS +config GCC10_NO_ARRAY_BOUNDS def_bool y
config CC_NO_ARRAY_BOUNDS bool - default y if CC_IS_GCC && GCC_VERSION >= 110000 && GCC11_NO_ARRAY_BOUNDS + default y if CC_IS_GCC && GCC_VERSION >= 100000 && GCC10_NO_ARRAY_BOUNDS
# # For architectures that know their GCC __int128 support is sound