diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2021-11-01 17:09:03 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2021-11-01 17:09:03 -0700 |
| commit | f594e28d805aca2c6e158cc647f133cab58a8bb4 (patch) | |
| tree | bbc6044de5bc18185c0de5318fc0d2890f9a32d8 /scripts/gcc-plugins/Kconfig | |
| parent | 01463374c50e4fe75abec927fa231f8f5d701852 (diff) | |
| parent | 6425392acf24b6d469932dd1b217dc7b20d6447f (diff) | |
Merge tag 'hardening-v5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull compiler hardening updates from Kees Cook:
"These are various compiler-related hardening feature updates. Notable
is the addition of an explicit limited rationale for, and deprecation
schedule of, gcc-plugins.
gcc-plugins:
- remove support for GCC 4.9 and older (Ard Biesheuvel)
- remove duplicate include in gcc-common.h (Ye Guojin)
- Explicitly document purpose and deprecation schedule (Kees Cook)
- Remove cyc_complexity (Kees Cook)
instrumentation:
- Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO (Kees Cook)
Clang LTO:
- kallsyms: strip LTO suffixes from static functions (Nick Desaulniers)"
* tag 'hardening-v5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
gcc-plugins: remove duplicate include in gcc-common.h
gcc-plugins: Remove cyc_complexity
gcc-plugins: Explicitly document purpose and deprecation schedule
kallsyms: strip LTO suffixes from static functions
gcc-plugins: remove support for GCC 4.9 and older
hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO
Diffstat (limited to 'scripts/gcc-plugins/Kconfig')
| -rw-r--r-- | scripts/gcc-plugins/Kconfig | 20 |
1 files changed, 2 insertions, 18 deletions
diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig index ab9eb4cbe33a..51d81c3f03d6 100644 --- a/scripts/gcc-plugins/Kconfig +++ b/scripts/gcc-plugins/Kconfig @@ -19,24 +19,10 @@ menuconfig GCC_PLUGINS if GCC_PLUGINS -config GCC_PLUGIN_CYC_COMPLEXITY - bool "Compute the cyclomatic complexity of a function" if EXPERT - depends on !COMPILE_TEST # too noisy - help - The complexity M of a function's control flow graph is defined as: - M = E - N + 2P - where - - E = the number of edges - N = the number of nodes - P = the number of connected components (exit nodes). - - Enabling this plugin reports the complexity to stderr during the - build. It mainly serves as a simple example of how to create a - gcc plugin for the kernel. - config GCC_PLUGIN_SANCOV bool + # Plugin can be removed once the kernel only supports GCC 6+ + depends on !CC_HAS_SANCOV_TRACE_PC help This plugin inserts a __sanitizer_cov_trace_pc() call at the start of basic blocks. It supports all gcc versions with plugin support (from @@ -83,8 +69,6 @@ config GCC_PLUGIN_RANDSTRUCT the existing seed and will be removed by a make mrproper or make distclean. - Note that the implementation requires gcc 4.7 or newer. - This plugin was ported from grsecurity/PaX. More information at: * https://grsecurity.net/ * https://pax.grsecurity.net/ |