Kconfig (597473720f4dc69749542bfcfed4a927a43d935e) | Kconfig (d5ccd65ab6272f21f442695b0022a4f553d818e5) |
---|---|
1# SPDX-License-Identifier: GPL-2.0-only |
|
1preferred-plugin-hostcc := $(if-success,[ $(gcc-version) -ge 40800 ],$(HOSTCXX),$(HOSTCC)) 2 3config PLUGIN_HOSTCC 4 string 5 default "$(shell,$(srctree)/scripts/gcc-plugin.sh "$(preferred-plugin-hostcc)" "$(HOSTCXX)" "$(CC)")" if CC_IS_GCC 6 help 7 Host compiler used to build GCC plugins. This can be $(HOSTCXX), 8 $(HOSTCC), or a null string if GCC plugin is unsupported. 9 10config HAVE_GCC_PLUGINS 11 bool 12 help 13 An arch should select this symbol if it supports building with 14 GCC plugins. 15 | 2preferred-plugin-hostcc := $(if-success,[ $(gcc-version) -ge 40800 ],$(HOSTCXX),$(HOSTCC)) 3 4config PLUGIN_HOSTCC 5 string 6 default "$(shell,$(srctree)/scripts/gcc-plugin.sh "$(preferred-plugin-hostcc)" "$(HOSTCXX)" "$(CC)")" if CC_IS_GCC 7 help 8 Host compiler used to build GCC plugins. This can be $(HOSTCXX), 9 $(HOSTCC), or a null string if GCC plugin is unsupported. 10 11config HAVE_GCC_PLUGINS 12 bool 13 help 14 An arch should select this symbol if it supports building with 15 GCC plugins. 16 |
16menuconfig GCC_PLUGINS 17 bool "GCC plugins" | 17config GCC_PLUGINS 18 bool |
18 depends on HAVE_GCC_PLUGINS 19 depends on PLUGIN_HOSTCC != "" | 19 depends on HAVE_GCC_PLUGINS 20 depends on PLUGIN_HOSTCC != "" |
21 default y |
|
20 help 21 GCC plugins are loadable modules that provide extra features to the 22 compiler. They are useful for runtime instrumentation and static analysis. 23 | 22 help 23 GCC plugins are loadable modules that provide extra features to the 24 compiler. They are useful for runtime instrumentation and static analysis. 25 |
24 See Documentation/gcc-plugins.txt for details. | 26 See Documentation/core-api/gcc-plugins.rst for details. |
25 | 27 |
26if GCC_PLUGINS | 28menu "GCC plugins" 29 depends on GCC_PLUGINS |
27 28config GCC_PLUGIN_CYC_COMPLEXITY 29 bool "Compute the cyclomatic complexity of a function" if EXPERT 30 depends on !COMPILE_TEST # too noisy 31 help 32 The complexity M of a function's control flow graph is defined as: 33 M = E - N + 2P 34 where --- 26 unchanged lines hidden (view full) --- 61 62 Note that entropy extracted this way is not cryptographically 63 secure! 64 65 This plugin was ported from grsecurity/PaX. More information at: 66 * https://grsecurity.net/ 67 * https://pax.grsecurity.net/ 68 | 30 31config GCC_PLUGIN_CYC_COMPLEXITY 32 bool "Compute the cyclomatic complexity of a function" if EXPERT 33 depends on !COMPILE_TEST # too noisy 34 help 35 The complexity M of a function's control flow graph is defined as: 36 M = E - N + 2P 37 where --- 26 unchanged lines hidden (view full) --- 64 65 Note that entropy extracted this way is not cryptographically 66 secure! 67 68 This plugin was ported from grsecurity/PaX. More information at: 69 * https://grsecurity.net/ 70 * https://pax.grsecurity.net/ 71 |
69config GCC_PLUGIN_STRUCTLEAK 70 bool "Zero initialize stack variables" 71 help 72 While the kernel is built with warnings enabled for any missed 73 stack variable initializations, this warning is silenced for 74 anything passed by reference to another function, under the 75 occasionally misguided assumption that the function will do 76 the initialization. As this regularly leads to exploitable 77 flaws, this plugin is available to identify and zero-initialize 78 such variables, depending on the chosen level of coverage. 79 80 This plugin was originally ported from grsecurity/PaX. More 81 information at: 82 * https://grsecurity.net/ 83 * https://pax.grsecurity.net/ 84 85choice 86 prompt "Coverage" 87 depends on GCC_PLUGIN_STRUCTLEAK 88 default GCC_PLUGIN_STRUCTLEAK_BYREF_ALL 89 help 90 This chooses the level of coverage over classes of potentially 91 uninitialized variables. The selected class will be 92 zero-initialized before use. 93 94 config GCC_PLUGIN_STRUCTLEAK_USER 95 bool "structs marked for userspace" 96 help 97 Zero-initialize any structures on the stack containing 98 a __user attribute. This can prevent some classes of 99 uninitialized stack variable exploits and information 100 exposures, like CVE-2013-2141: 101 https://git.kernel.org/linus/b9e146d8eb3b9eca 102 103 config GCC_PLUGIN_STRUCTLEAK_BYREF 104 bool "structs passed by reference" 105 help 106 Zero-initialize any structures on the stack that may 107 be passed by reference and had not already been 108 explicitly initialized. This can prevent most classes 109 of uninitialized stack variable exploits and information 110 exposures, like CVE-2017-1000410: 111 https://git.kernel.org/linus/06e7e776ca4d3654 112 113 config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL 114 bool "anything passed by reference" 115 help 116 Zero-initialize any stack variables that may be passed 117 by reference and had not already been explicitly 118 initialized. This is intended to eliminate all classes 119 of uninitialized stack variable exploits and information 120 exposures. 121 122endchoice 123 124config GCC_PLUGIN_STRUCTLEAK_VERBOSE 125 bool "Report forcefully initialized variables" 126 depends on GCC_PLUGIN_STRUCTLEAK 127 depends on !COMPILE_TEST # too noisy 128 help 129 This option will cause a warning to be printed each time the 130 structleak plugin finds a variable it thinks needs to be 131 initialized. Since not all existing initializers are detected 132 by the plugin, this can produce false positive warnings. 133 | |
134config GCC_PLUGIN_RANDSTRUCT 135 bool "Randomize layout of sensitive kernel structures" 136 select MODVERSIONS if MODULES 137 help 138 If you say Y here, the layouts of structures that are entirely 139 function pointers (and have not been manually annotated with 140 __no_randomize_layout), or structures that have been explicitly 141 marked with __randomize_layout, will be randomized at compile-time. --- 24 unchanged lines hidden (view full) --- 166 depends on !COMPILE_TEST # do not reduce test coverage 167 help 168 If you say Y here, the RANDSTRUCT randomization will make a 169 best effort at restricting randomization to cacheline-sized 170 groups of elements. It will further not randomize bitfields 171 in structures. This reduces the performance hit of RANDSTRUCT 172 at the cost of weakened randomization. 173 | 72config GCC_PLUGIN_RANDSTRUCT 73 bool "Randomize layout of sensitive kernel structures" 74 select MODVERSIONS if MODULES 75 help 76 If you say Y here, the layouts of structures that are entirely 77 function pointers (and have not been manually annotated with 78 __no_randomize_layout), or structures that have been explicitly 79 marked with __randomize_layout, will be randomized at compile-time. --- 24 unchanged lines hidden (view full) --- 104 depends on !COMPILE_TEST # do not reduce test coverage 105 help 106 If you say Y here, the RANDSTRUCT randomization will make a 107 best effort at restricting randomization to cacheline-sized 108 groups of elements. It will further not randomize bitfields 109 in structures. This reduces the performance hit of RANDSTRUCT 110 at the cost of weakened randomization. 111 |
174config GCC_PLUGIN_STACKLEAK 175 bool "Erase the kernel stack before returning from syscalls" 176 depends on GCC_PLUGINS 177 depends on HAVE_ARCH_STACKLEAK 178 help 179 This option makes the kernel erase the kernel stack before 180 returning from system calls. That reduces the information which 181 kernel stack leak bugs can reveal and blocks some uninitialized 182 stack variable attacks. 183 184 The tradeoff is the performance impact: on a single CPU system kernel 185 compilation sees a 1% slowdown, other systems and workloads may vary 186 and you are advised to test this feature on your expected workload 187 before deploying it. 188 189 This plugin was ported from grsecurity/PaX. More information at: 190 * https://grsecurity.net/ 191 * https://pax.grsecurity.net/ 192 193config STACKLEAK_TRACK_MIN_SIZE 194 int "Minimum stack frame size of functions tracked by STACKLEAK" 195 default 100 196 range 0 4096 197 depends on GCC_PLUGIN_STACKLEAK 198 help 199 The STACKLEAK gcc plugin instruments the kernel code for tracking 200 the lowest border of the kernel stack (and for some other purposes). 201 It inserts the stackleak_track_stack() call for the functions with 202 a stack frame size greater than or equal to this parameter. 203 If unsure, leave the default value 100. 204 205config STACKLEAK_METRICS 206 bool "Show STACKLEAK metrics in the /proc file system" 207 depends on GCC_PLUGIN_STACKLEAK 208 depends on PROC_FS 209 help 210 If this is set, STACKLEAK metrics for every task are available in 211 the /proc file system. In particular, /proc/<pid>/stack_depth 212 shows the maximum kernel stack consumption for the current and 213 previous syscalls. Although this information is not precise, it 214 can be useful for estimating the STACKLEAK performance impact for 215 your workloads. 216 217config STACKLEAK_RUNTIME_DISABLE 218 bool "Allow runtime disabling of kernel stack erasing" 219 depends on GCC_PLUGIN_STACKLEAK 220 help 221 This option provides 'stack_erasing' sysctl, which can be used in 222 runtime to control kernel stack erasing for kernels built with 223 CONFIG_GCC_PLUGIN_STACKLEAK. 224 | |
225config GCC_PLUGIN_ARM_SSP_PER_TASK 226 bool 227 depends on GCC_PLUGINS && ARM 228 | 112config GCC_PLUGIN_ARM_SSP_PER_TASK 113 bool 114 depends on GCC_PLUGINS && ARM 115 |
229endif | 116endmenu |