Linux 5.15 Readies More Code For Compile & Run-Time Detection Of Buffer Overflows
Written by Michael Larabel in Linux Kernel on 10 September 2021 at 05:29 AM EDT. 17 Comments
LINUX KERNEL --
Last week a number of patches were merged in the quest to provide the kernel with comprehensive compile-time and run-time detection of buffer overflows. Another patch series was sent out today while still for this cycle they are expected to enable the compiler warnings around array-bounds and zero-length-bounds.

Kees Cook sent in the second batch of overflow updates for Linux 5.15. This latest batch has tree-wide changes to replace open-coded flex arrays in unions, replacing zero-element memcpy() destinations with flexible arrays, and a variety of other improvements to improve the Linux kernel's buffer overflow detection and trying to make it an issue of the past.

Prior to Linux 5.15-rc2, Kees still hopes to be able to submit the work to enable -Warray-bounds and -Wzero-length-bounds warnings for kernel builds.

More details on the latest overflow updates via this pull request.

When talking of buffer overflows and memory safety, of course, many like to bring up Rust... We are about through the Linux 5.15 merge window with no signs of the Rust for Linux code being ready to go for this merge window, so it looks like that initial work on introducing Rust code to the Linux kernel will be waiting for another cycle.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week