1preferred-plugin-hostcc := $(if-success,[ $(gcc-version) -ge 40800 ],$(HOSTCXX),$(HOSTCC)) 2 3config PLUGIN_HOSTCC 4 string 5 default "$(shell,$(srctree)/scripts/gcc-plugin.sh "$(preferred-plugin-hostcc)" "$(HOSTCXX)" "$(CC)")" if CC_IS_GCC 6 help 7 Host compiler used to build GCC plugins. This can be $(HOSTCXX), 8 $(HOSTCC), or a null string if GCC plugin is unsupported. 9 10config HAVE_GCC_PLUGINS 11 bool 12 help 13 An arch should select this symbol if it supports building with 14 GCC plugins. 15 16menuconfig GCC_PLUGINS 17 bool "GCC plugins" 18 depends on HAVE_GCC_PLUGINS 19 depends on PLUGIN_HOSTCC != "" 20 help 21 GCC plugins are loadable modules that provide extra features to the 22 compiler. They are useful for runtime instrumentation and static analysis. 23 24 See Documentation/gcc-plugins.txt for details. 25 26if GCC_PLUGINS 27 28config GCC_PLUGIN_CYC_COMPLEXITY 29 bool "Compute the cyclomatic complexity of a function" if EXPERT 30 depends on !COMPILE_TEST # too noisy 31 help 32 The complexity M of a function's control flow graph is defined as: 33 M = E - N + 2P 34 where 35 36 E = the number of edges 37 N = the number of nodes 38 P = the number of connected components (exit nodes). 39 40 Enabling this plugin reports the complexity to stderr during the 41 build. It mainly serves as a simple example of how to create a 42 gcc plugin for the kernel. 43 44config GCC_PLUGIN_SANCOV 45 bool 46 help 47 This plugin inserts a __sanitizer_cov_trace_pc() call at the start of 48 basic blocks. It supports all gcc versions with plugin support (from 49 gcc-4.5 on). It is based on the commit "Add fuzzing coverage support" 50 by Dmitry Vyukov <dvyukov@google.com>. 51 52config GCC_PLUGIN_LATENT_ENTROPY 53 bool "Generate some entropy during boot and runtime" 54 help 55 By saying Y here the kernel will instrument some kernel code to 56 extract some entropy from both original and artificially created 57 program state. This will help especially embedded systems where 58 there is little 'natural' source of entropy normally. The cost 59 is some slowdown of the boot process (about 0.5%) and fork and 60 irq processing. 61 62 Note that entropy extracted this way is not cryptographically 63 secure! 64 65 This plugin was ported from grsecurity/PaX. More information at: 66 * https://grsecurity.net/ 67 * https://pax.grsecurity.net/ 68 69config GCC_PLUGIN_STRUCTLEAK 70 bool "Force initialization of variables containing userspace addresses" 71 help 72 This plugin zero-initializes any structures containing a 73 __user attribute. This can prevent some classes of information 74 exposures. 75 76 This plugin was ported from grsecurity/PaX. More information at: 77 * https://grsecurity.net/ 78 * https://pax.grsecurity.net/ 79 80config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL 81 bool "Force initialize all struct type variables passed by reference" 82 depends on GCC_PLUGIN_STRUCTLEAK 83 depends on !COMPILE_TEST 84 help 85 Zero initialize any struct type local variable that may be passed by 86 reference without having been initialized. 87 88config GCC_PLUGIN_STRUCTLEAK_VERBOSE 89 bool "Report forcefully initialized variables" 90 depends on GCC_PLUGIN_STRUCTLEAK 91 depends on !COMPILE_TEST # too noisy 92 help 93 This option will cause a warning to be printed each time the 94 structleak plugin finds a variable it thinks needs to be 95 initialized. Since not all existing initializers are detected 96 by the plugin, this can produce false positive warnings. 97 98config GCC_PLUGIN_RANDSTRUCT 99 bool "Randomize layout of sensitive kernel structures" 100 select MODVERSIONS if MODULES 101 help 102 If you say Y here, the layouts of structures that are entirely 103 function pointers (and have not been manually annotated with 104 __no_randomize_layout), or structures that have been explicitly 105 marked with __randomize_layout, will be randomized at compile-time. 106 This can introduce the requirement of an additional information 107 exposure vulnerability for exploits targeting these structure 108 types. 109 110 Enabling this feature will introduce some performance impact, 111 slightly increase memory usage, and prevent the use of forensic 112 tools like Volatility against the system (unless the kernel 113 source tree isn't cleaned after kernel installation). 114 115 The seed used for compilation is located at 116 scripts/gcc-plgins/randomize_layout_seed.h. It remains after 117 a make clean to allow for external modules to be compiled with 118 the existing seed and will be removed by a make mrproper or 119 make distclean. 120 121 Note that the implementation requires gcc 4.7 or newer. 122 123 This plugin was ported from grsecurity/PaX. More information at: 124 * https://grsecurity.net/ 125 * https://pax.grsecurity.net/ 126 127config GCC_PLUGIN_RANDSTRUCT_PERFORMANCE 128 bool "Use cacheline-aware structure randomization" 129 depends on GCC_PLUGIN_RANDSTRUCT 130 depends on !COMPILE_TEST # do not reduce test coverage 131 help 132 If you say Y here, the RANDSTRUCT randomization will make a 133 best effort at restricting randomization to cacheline-sized 134 groups of elements. It will further not randomize bitfields 135 in structures. This reduces the performance hit of RANDSTRUCT 136 at the cost of weakened randomization. 137 138config GCC_PLUGIN_STACKLEAK 139 bool "Erase the kernel stack before returning from syscalls" 140 depends on GCC_PLUGINS 141 depends on HAVE_ARCH_STACKLEAK 142 help 143 This option makes the kernel erase the kernel stack before 144 returning from system calls. That reduces the information which 145 kernel stack leak bugs can reveal and blocks some uninitialized 146 stack variable attacks. 147 148 The tradeoff is the performance impact: on a single CPU system kernel 149 compilation sees a 1% slowdown, other systems and workloads may vary 150 and you are advised to test this feature on your expected workload 151 before deploying it. 152 153 This plugin was ported from grsecurity/PaX. More information at: 154 * https://grsecurity.net/ 155 * https://pax.grsecurity.net/ 156 157config STACKLEAK_TRACK_MIN_SIZE 158 int "Minimum stack frame size of functions tracked by STACKLEAK" 159 default 100 160 range 0 4096 161 depends on GCC_PLUGIN_STACKLEAK 162 help 163 The STACKLEAK gcc plugin instruments the kernel code for tracking 164 the lowest border of the kernel stack (and for some other purposes). 165 It inserts the stackleak_track_stack() call for the functions with 166 a stack frame size greater than or equal to this parameter. 167 If unsure, leave the default value 100. 168 169config STACKLEAK_METRICS 170 bool "Show STACKLEAK metrics in the /proc file system" 171 depends on GCC_PLUGIN_STACKLEAK 172 depends on PROC_FS 173 help 174 If this is set, STACKLEAK metrics for every task are available in 175 the /proc file system. In particular, /proc/<pid>/stack_depth 176 shows the maximum kernel stack consumption for the current and 177 previous syscalls. Although this information is not precise, it 178 can be useful for estimating the STACKLEAK performance impact for 179 your workloads. 180 181config STACKLEAK_RUNTIME_DISABLE 182 bool "Allow runtime disabling of kernel stack erasing" 183 depends on GCC_PLUGIN_STACKLEAK 184 help 185 This option provides 'stack_erasing' sysctl, which can be used in 186 runtime to control kernel stack erasing for kernels built with 187 CONFIG_GCC_PLUGIN_STACKLEAK. 188 189config GCC_PLUGIN_ARM_SSP_PER_TASK 190 bool 191 depends on GCC_PLUGINS && ARM 192 193endif 194