Re: [Linux-kernel-mentees] [PATCH net] rds: Prevent kernel-infoleak in rds_notify_queue_get()
From: Jason Gunthorpe
Date: Fri Jul 31 2020 - 14:27:16 EST
On Fri, Jul 31, 2020 at 07:19:24PM +0200, Greg Kroah-Hartman wrote:
> > I tried for a bit and didn't find a way to get even old gcc 4.4 to not
> > initialize the holes.
>
> Odd, so it is just the "= {0};" that does not zero out the holes?
Nope, it seems to work fine too. I tried a number of situations and I
could not get the compiler to not zero holes, even back to gcc 4.4
It is not just accidental either, take this:
struct rds_rdma_notify {
unsigned long user_token;
unsigned char status;
unsigned long user_token1 __attribute__((aligned(32)));
} foo = {0};
Which has quite a big hole, clang generates:
movq $0, 56(%rdi)
movq $0, 48(%rdi)
movq $0, 40(%rdi)
movq $0, 32(%rdi)
movq $0, 24(%rdi)
movq $0, 16(%rdi)
movq $0, 8(%rdi)
movq $0, (%rdi)
Deliberate extra instructions to fill both holes. gcc 10 does the
same, older gcc's do create a rep stosq over the whole thing.
Some fiddling with godbolt shows quite a variety of output, but I
didn't see anything that looks like a compiler not filling
padding. Even godbolt's gcc 4.1 filled the padding, which is super old.
In several cases it seems the aggregate initializer produced better
code than memset, in other cases it didn't
Without an actual example where this doesn't work right it is hard to
say anything more..
Jason