Re: Setting a default value for OPT_INIT_ALL (stable=zero, current=pattern)

Reply: Shawn Webb : "Re: Setting a default value for OPT_INIT_ALL (stable=zero, current=pattern)"
In reply to: Shawn Webb : "Re: Setting a default value for OPT_INIT_ALL (stable=zero, current=pattern)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Alexander Leidinger <Alexander_at_Leidinger.net>
Date: Sun, 12 Jan 2025 12:06:06 UTC

Am 2025-01-11 21:18, schrieb Shawn Webb:

> Hey Alex,
> 
> To give some additional data points coming from the HardenedBSD side:
> 
> 1. In 2019, we added support for this feature on an opt-in basis.
>    * Commit 6b573e328baa44bf8b47d40ff72fc1cc8a86fb00
> 2. In 2021, we enabled -ftrivial-auto-var-init=zero by default.
>    * Commit e4494782e5015da340106ca81445c65121c55ae3
> 3. In 2022, we modified clang itself to enable it by default.
>    * Commit 7557c8fd656c83a21e4d43071ea502445efb1ef3
> 4. In 2023, we added support for kernel modules to opt-in.
>    * Commit dd21b931eca8e5370a6d0341908316538b52de71

If it is enabled by default in clang, does it mean you have an opt-out 
per default in the kernel? Did you encounter parts of the kernel which 
don't work well with this?

If I read our bsd.kern.mk correctly, the OPT_INIT_ALL in src.conf is 
taken in the full kernel build. As such I have this "active" in the 
kernel on the jail host I test this on (with mysql, potsgresql, postfix, 
dovecot, redis, php, java, .......).

I have most of the kernel stuff as modules, so this should all be 
compiled with =zero (except the isal and nvidia modules, I have just 
compiled-tested the ports I use but not yet run tested with a similar 
feature for the ports collection):
Id Name
1 kernel
2 opensolaris.ko
3 usbhid.ko
4 hidbus.ko
5 hid.ko
6 kbdmux.ko
7 coretemp.ko
8 hsctrl.ko
9 hidmap.ko
10 tcphpts.ko
11 ahci.ko
12 hcons.ko
13 if_igb.ko
14 iflib.ko
15 cryptodev.ko
16 cc_chd.ko
17 aesni.ko
18 tcp_rack.ko
19 nvme.ko
20 smbios.ko
21 efirt.ko
22 vkbd.ko
23 zfs.ko
24 xdr.ko
25 cpufreq.ko
26 dpms.ko
27 hkbd.ko
28 umass.ko
29 miibus.ko
30 geom_eli.ko
31 geom_label.ko
32 tmpfs.ko
33 fdescfs.ko
34 if_bridge.ko
35 bridgestp.ko
36 if_epair.ko
37 xhci.ko
38 firewire.ko
39 if_fwip.ko
40 filemon.ko
41 sound.ko
42 ulpt.ko
43 accf_dns.ko
44 accf_data.ko
45 accf_http.ko
46 accf_tls.ko
47 cpuctl.ko
48 tpm.ko
49 ipmi.ko
50 linux.ko
51 mqueuefs.ko
52 linux_common.ko
53 linux64.ko
54 nullfs.ko
55 cuse.ko
56 isal.ko
57 nvidia-modeset.ko
58 nvidia.ko
59 hms.ko
60 ioat.ko
61 snd_uaudio.ko
62 pf.ko
63 procfs.ko
64 pseudofs.ko
65 linprocfs.ko
66 linsysfs.ko

Bye,
Alexander.

-- 
http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org    netchild@FreeBSD.org  : PGP 0x8F31830F9F2772BF