Stories
Slash Boxes
Comments

SoylentNews is people

The Linux Kernel Is Now VLA-Free: A Win For Security, Less Overhead & Better For Clang

posted by chromas on Monday October 29 2018, @11:05AM   Printer-friendly
from the constants-aren't-variables-won't dept.

martyb writes:

https://www.phoronix.com/scan.php?page=news_item&px=Linux-Kills-The-VLA:

VLAs [(Varable Length Arrays)] allow for array lengths to be determined at run-time rather than compile time. The Linux kernel has long relied upon VLAs in different parts of the kernel -- including within structures -- but going on for months now (and years if counting the kernel Clang'ing efforts) has been to remove the usage of variable-length arrays within the kernel. The problems with them are:

- Using variable-length arrays can add some minor run-time overhead to the code due to needing to determine the size of the array at run-time.

- VLAs within structures is not supported by the LLVM Clang compiler and thus an issue for those wanting to build the kernel outside of GCC, Clang only supports the C99-style VLAs.

- Arguably most importantly is there can be security implications from VLAs around the kernel's stack usage.

[...] Kees Cook[*] sent out the pull request today for VLA removal that now enables the "-Wvla" compiler flag to emit a warning should any variable-length array be found within the kernel's C code. That will help prevent new code from inadvertently using VLAs and also spot any lingering kernel code still relying upon this behavior.

Kees Cook wrote that there still might be a few places where VLAs could be found, "there may be a couple more VLAs hiding in hard-to-find randconfigs, but nothing big has shaken out in the last month or so in linux-next. We should be basically VLA-free now! Wheee. :)"

[*] KeesCook.

Have you ever used VLAs? Removed them? Why?

Original Submission

 
This discussion has been archived. No new comments can be posted.
The Linux Kernel Is Now VLA-Free: A Win For Security, Less Overhead & Better For Clang | Log In/Create an Account | Top | 15 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Immerman on Monday October 29 2018, @05:24PM

    by Immerman (3985) on Monday October 29 2018, @05:24PM (#755215)

    With pointers and heap-based arrays. The big difference is in where the array is allocated - are the surrounding variables immediately adjacent to the array contents, or just to a pointer to an array that's floating around at some random place in memory. That can have some profound performance implications (good or bad) in some situations, and you want to use the right tool for the job.

    When it really matters (and the compiler can't handle what you need), there's long been suggestions of using a fixed-size in-place array as the preallocated starting point for a heap-based array - large enough to handle most situations locally, while still being able to grow as needed.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2