Linux 5.15 Readies More Code For Compile & Run-Time Detection Of Buffer Overflows

Written by Michael Larabel in Linux Kernel on 10 September 2021 at 05:29 AM EDT. 17 Comments
LINUX KERNEL
Last week a number of patches were merged in the quest to provide the kernel with comprehensive compile-time and run-time detection of buffer overflows. Another patch series was sent out today while still for this cycle they are expected to enable the compiler warnings around array-bounds and zero-length-bounds.

Kees Cook sent in the second batch of overflow updates for Linux 5.15. This latest batch has tree-wide changes to replace open-coded flex arrays in unions, replacing zero-element memcpy() destinations with flexible arrays, and a variety of other improvements to improve the Linux kernel's buffer overflow detection and trying to make it an issue of the past.

Prior to Linux 5.15-rc2, Kees still hopes to be able to submit the work to enable -Warray-bounds and -Wzero-length-bounds warnings for kernel builds.

More details on the latest overflow updates via this pull request.

When talking of buffer overflows and memory safety, of course, many like to bring up Rust... We are about through the Linux 5.15 merge window with no signs of the Rust for Linux code being ready to go for this merge window, so it looks like that initial work on introducing Rust code to the Linux kernel will be waiting for another cycle.
17 Comments
Related News
LZ4 Support Revised For Faster Restore From Linux Hibernation
"Panthor" DRM Driver Coming Together For Newer Arm Mali GPUs
AMD Threadripper 7980X Kernel Benchmarks On Linux 6.5 / 6.6 / 6.7
Linux 6.7-rc4 Released As The Holidays Approach
Linux 6.8 To Add Atomic Mode-Setting Mouse Hotspots, Atomic Async Page Flip
Linux 6.7-rc3 Released Following A Light Holiday Week
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Roundcube Open-Source Webmail Software Merges With Nextcloud
PCSX2 Emulator Disables Wayland Support By Default
Red Hat Enterprise Linux 10 Dropping The X.Org Server Except For XWayland
OpenZFS Is Still Battling A Data Corruption Issue
AMD Has A Nice Performance Optimization Coming With Linux 6.8
Wine Wayland Driver's Vulkan Support Is Now Usable
Intel Appears On The Verge Of Some Exciting Performance Optimizations For Linux Distros
Steam Linux Marketshare Surges To Nearly 2% In November