From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 119429 invoked by alias); 4 Mar 2019 12:02:15 -0000 Mailing-List: contact gcc-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-owner@gcc.gnu.org Received: (qmail 119420 invoked by uid 89); 4 Mar 2019 12:02:14 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-6.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM,GIT_PATCH_2,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2 spammy=HTo:D*in, pjpfedoraprojectorg, pjp@fedoraproject.org, H*i:sk:6593392 X-HELO: mail-lf1-f43.google.com Received: from mail-lf1-f43.google.com (HELO mail-lf1-f43.google.com) (209.85.167.43) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 04 Mar 2019 12:02:08 +0000 Received: by mail-lf1-f43.google.com with SMTP id m73so3334950lfa.2 for ; Mon, 04 Mar 2019 04:02:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2otlZE8Z2wUe7UdOK9CGnEG1th2WpCEdgNCHjnWvSfo=; b=Vgik3mekP6NB4X4koV4CQdq15CmyI0meFXc13clPrL1+yyjqvCdEjhAj3CUk2/hgdu qJmCfcZSIKLtKnuxrJTb6qjyAYhBZK+4lRJwlHDi12fC/4no2zjlV+3fV8DoNCVaCV2P KQjaVdSNzZcsC1COFcqUWVvekOEwDZd/VbMdo/KRBWuw4r2aa1O7MHVe2LZgaVm1P9qb n8VlvVRuAJrHUaoHV4m24nv/N1sLW1dOrCvoomiauH3wKkLwO3d1oQMe1cL7DSS7csVV nzuqqaSB+D4ota8/hDPl7W3rzjdCBF6aQFqaWMHerc8ggi7Zl2Pet7aoBSnZXYC0IRX2 iHkg== MIME-Version: 1.0 References: <1225413012.1679387.1550571810991.ref@mail.yahoo.com> <1225413012.1679387.1550571810991@mail.yahoo.com> <659339220.8296036.1551696283308@mail.yahoo.com> In-Reply-To: <659339220.8296036.1551696283308@mail.yahoo.com> From: Richard Biener Date: Mon, 04 Mar 2019 12:02:00 -0000 Message-ID: Subject: Re: About BZ#87210 [RFE] To initialize automatic stack variables To: P J P Cc: Gcc Mailing List Content-Type: text/plain; charset="UTF-8" X-IsSubscribed: yes X-SW-Source: 2019-03/txt/msg00019.txt.bz2 On Mon, Mar 4, 2019 at 11:44 AM P J P wrote: > > On Tuesday, 19 February, 2019, 3:55:35 PM IST, P J P wrote: > > > >Hello, > > > > -> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87210 > > > >This RFE is about providing gcc option(s) to eliminate information leakage > >issues from programs. Information leakage via uninitialised memory has been > >a chronic/recurring issue across all software. They are found quite often > >and may lead to severe effects if found in system software/kernel, OR an > >application which handles sensitive information. > > > >Various projects/efforts are underway to keep such information exposure > >from happening > > > >* STACKLEAK - http://lkml.iu.edu/hypermail/linux/kernel/1810.3/00522.html > >* KLEAK - https://netbsd.org/gallery/presentations/maxv/kleak.pdf > >* https://j00ru.vexillium.org/papers/2018/bochspwn_reloaded.pdf > > > >But these are still external corrections to improve specific project and/or > >software. It does not help to fix/eliminate all information leakage issues. > >Automatic memory initialisation: > > > >* https://lists.llvm.org/pipermail/cfe-dev/2018-November/060172.html > >* https://reviews.llvm.org/D54604 > > > >It'd be immensely helpful and welcome if gcc(1) could provide compile/build > >time options to enable/disable - automatic memory initialisation. > > > >Could we please consider it as more viable/useful option? > > Ping...! Patches welcome(?) Richard. > --- > -P J P > http://feedmug.com