1eee36a552
commit 1e860048c53ee77ee9870dcce94847a28544b753 upstream. Linus pointed out a third of the time in the Kconfig parse stage comes from the single invocation of cc1plus in scripts/gcc-plugin.sh [1], and directly testing plugin-version.h for existence cuts down the overhead a lot. [2] This commit takes one step further to kill the build test entirely. The small piece of code was probably intended to test the C++ designated initializer, which was not supported until C++20. In fact, with -pedantic option given, both GCC and Clang emit a warning. $ echo 'class test { public: int test; } test = { .test = 1 };' | g++ -x c++ -pedantic - -fsyntax-only <stdin>:1:43: warning: C++ designated initializers only available with '-std=c++2a' or '-std=gnu++2a' [-Wpedantic] $ echo 'class test { public: int test; } test = { .test = 1 };' | clang++ -x c++ -pedantic - -fsyntax-only <stdin>:1:43: warning: designated initializers are a C++20 extension [-Wc++20-designator] class test { public: int test; } test = { .test = 1 }; ^ 1 warning generated. Otherwise, modern C++ compilers should be able to build the code, and hopefully skipping this test should not make any practical problem. Checking the existence of plugin-version.h is still needed to ensure the plugin-dev package is installed. The test code is now small enough to be embedded in scripts/gcc-plugins/Kconfig. [1] https://lore.kernel.org/lkml/CAHk-=wjU4DCuwQ4pXshRbwDCUQB31ScaeuDo1tjoZ0_PjhLHzQ@mail.gmail.com/ [2] https://lore.kernel.org/lkml/CAHk-=whK0aQxs6Q5ijJmYF1n2ch8cVFSUzU5yUM_HOjig=+vnw@mail.gmail.com/ Reported-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20201203125700.161354-1-masahiroy@kernel.org Cc: Thomas Lindroth <thomas.lindroth@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
108 lines
3.8 KiB
Plaintext
108 lines
3.8 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
config HAVE_GCC_PLUGINS
|
|
bool
|
|
help
|
|
An arch should select this symbol if it supports building with
|
|
GCC plugins.
|
|
|
|
menuconfig GCC_PLUGINS
|
|
bool "GCC plugins"
|
|
depends on HAVE_GCC_PLUGINS
|
|
depends on CC_IS_GCC
|
|
depends on $(success,test -e $(shell,$(CC) -print-file-name=plugin)/include/plugin-version.h)
|
|
default y
|
|
help
|
|
GCC plugins are loadable modules that provide extra features to the
|
|
compiler. They are useful for runtime instrumentation and static analysis.
|
|
|
|
See Documentation/kbuild/gcc-plugins.rst for details.
|
|
|
|
if GCC_PLUGINS
|
|
|
|
config GCC_PLUGIN_CYC_COMPLEXITY
|
|
bool "Compute the cyclomatic complexity of a function" if EXPERT
|
|
depends on !COMPILE_TEST # too noisy
|
|
help
|
|
The complexity M of a function's control flow graph is defined as:
|
|
M = E - N + 2P
|
|
where
|
|
|
|
E = the number of edges
|
|
N = the number of nodes
|
|
P = the number of connected components (exit nodes).
|
|
|
|
Enabling this plugin reports the complexity to stderr during the
|
|
build. It mainly serves as a simple example of how to create a
|
|
gcc plugin for the kernel.
|
|
|
|
config GCC_PLUGIN_SANCOV
|
|
bool
|
|
help
|
|
This plugin inserts a __sanitizer_cov_trace_pc() call at the start of
|
|
basic blocks. It supports all gcc versions with plugin support (from
|
|
gcc-4.5 on). It is based on the commit "Add fuzzing coverage support"
|
|
by Dmitry Vyukov <dvyukov@google.com>.
|
|
|
|
config GCC_PLUGIN_LATENT_ENTROPY
|
|
bool "Generate some entropy during boot and runtime"
|
|
help
|
|
By saying Y here the kernel will instrument some kernel code to
|
|
extract some entropy from both original and artificially created
|
|
program state. This will help especially embedded systems where
|
|
there is little 'natural' source of entropy normally. The cost
|
|
is some slowdown of the boot process (about 0.5%) and fork and
|
|
irq processing.
|
|
|
|
Note that entropy extracted this way is not cryptographically
|
|
secure!
|
|
|
|
This plugin was ported from grsecurity/PaX. More information at:
|
|
* https://grsecurity.net/
|
|
* https://pax.grsecurity.net/
|
|
|
|
config GCC_PLUGIN_RANDSTRUCT
|
|
bool "Randomize layout of sensitive kernel structures"
|
|
select MODVERSIONS if MODULES
|
|
help
|
|
If you say Y here, the layouts of structures that are entirely
|
|
function pointers (and have not been manually annotated with
|
|
__no_randomize_layout), or structures that have been explicitly
|
|
marked with __randomize_layout, will be randomized at compile-time.
|
|
This can introduce the requirement of an additional information
|
|
exposure vulnerability for exploits targeting these structure
|
|
types.
|
|
|
|
Enabling this feature will introduce some performance impact,
|
|
slightly increase memory usage, and prevent the use of forensic
|
|
tools like Volatility against the system (unless the kernel
|
|
source tree isn't cleaned after kernel installation).
|
|
|
|
The seed used for compilation is located at
|
|
scripts/gcc-plugins/randomize_layout_seed.h. It remains after
|
|
a make clean to allow for external modules to be compiled with
|
|
the existing seed and will be removed by a make mrproper or
|
|
make distclean.
|
|
|
|
Note that the implementation requires gcc 4.7 or newer.
|
|
|
|
This plugin was ported from grsecurity/PaX. More information at:
|
|
* https://grsecurity.net/
|
|
* https://pax.grsecurity.net/
|
|
|
|
config GCC_PLUGIN_RANDSTRUCT_PERFORMANCE
|
|
bool "Use cacheline-aware structure randomization"
|
|
depends on GCC_PLUGIN_RANDSTRUCT
|
|
depends on !COMPILE_TEST # do not reduce test coverage
|
|
help
|
|
If you say Y here, the RANDSTRUCT randomization will make a
|
|
best effort at restricting randomization to cacheline-sized
|
|
groups of elements. It will further not randomize bitfields
|
|
in structures. This reduces the performance hit of RANDSTRUCT
|
|
at the cost of weakened randomization.
|
|
|
|
config GCC_PLUGIN_ARM_SSP_PER_TASK
|
|
bool
|
|
depends on GCC_PLUGINS && ARM
|
|
|
|
endif
|