summaryrefslogtreecommitdiff
path: root/security/Kconfig.hardening
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2021-10-20 20:35:53 +0300
committerKees Cook <keescook@chromium.org>2021-10-21 18:41:38 +0300
commit8bd51a2ba3c3bb81a693fff17e983d02d914c14c (patch)
treee92bba2923437c4ee9590f821c470dedb4f2b2b2 /security/Kconfig.hardening
parent6eb4bd92c1cedcaadd65868b7ade396b422be4be (diff)
downloadlinux-8bd51a2ba3c3bb81a693fff17e983d02d914c14c.tar.xz
gcc-plugins: Explicitly document purpose and deprecation schedule
GCC plugins should only exist when some compiler feature needs to be proven but does not exist in either GCC nor Clang. For example, if a desired feature is already in Clang, it should be added to GCC upstream. Document this explicitly. Additionally, mark the plugins with matching upstream GCC features as removable past their respective GCC versions. Cc: Masahiro Yamada <masahiroy@kernel.org> Cc: Michal Marek <michal.lkml@markovi.net> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Nathan Chancellor <nathan@kernel.org> Cc: linux-hardening@vger.kernel.org Cc: linux-kbuild@vger.kernel.org Cc: linux-doc@vger.kernel.org Cc: linux-security-module@vger.kernel.org Cc: llvm@lists.linux.dev Signed-off-by: Kees Cook <keescook@chromium.org> Reviewed-by: Nathan Chancellor <nathan@kernel.org> Reviewed-by: Miguel Ojeda <ojeda@kernel.org> Acked-by: Nick Desaulniers <ndesaulniers@google.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Link: https://lore.kernel.org/r/20211020173554.38122-2-keescook@chromium.org
Diffstat (limited to 'security/Kconfig.hardening')
-rw-r--r--security/Kconfig.hardening9
1 files changed, 6 insertions, 3 deletions
diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening
index ded17b8abce2..d051f8ceefdd 100644
--- a/security/Kconfig.hardening
+++ b/security/Kconfig.hardening
@@ -56,7 +56,8 @@ choice
config GCC_PLUGIN_STRUCTLEAK_USER
bool "zero-init structs marked for userspace (weak)"
- depends on GCC_PLUGINS
+ # Plugin can be removed once the kernel only supports GCC 12+
+ depends on GCC_PLUGINS && !CC_HAS_AUTO_VAR_INIT_ZERO
select GCC_PLUGIN_STRUCTLEAK
help
Zero-initialize any structures on the stack containing
@@ -67,7 +68,8 @@ choice
config GCC_PLUGIN_STRUCTLEAK_BYREF
bool "zero-init structs passed by reference (strong)"
- depends on GCC_PLUGINS
+ # Plugin can be removed once the kernel only supports GCC 12+
+ depends on GCC_PLUGINS && !CC_HAS_AUTO_VAR_INIT_ZERO
depends on !(KASAN && KASAN_STACK)
select GCC_PLUGIN_STRUCTLEAK
help
@@ -85,7 +87,8 @@ choice
config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL
bool "zero-init everything passed by reference (very strong)"
- depends on GCC_PLUGINS
+ # Plugin can be removed once the kernel only supports GCC 12+
+ depends on GCC_PLUGINS && !CC_HAS_AUTO_VAR_INIT_ZERO
depends on !(KASAN && KASAN_STACK)
select GCC_PLUGIN_STRUCTLEAK
help