1preferred-plugin-hostcc := $(if-success,[ $(gcc-version) -ge 40800 ],$(HOSTCXX),$(HOSTCC)) 2 3config PLUGIN_HOSTCC 4 string 5 default "$(shell,$(srctree)/scripts/gcc-plugin.sh "$(preferred-plugin-hostcc)" "$(HOSTCXX)" "$(CC)")" if CC_IS_GCC 6 help 7 Host compiler used to build GCC plugins. This can be $(HOSTCXX), 8 $(HOSTCC), or a null string if GCC plugin is unsupported. 9 10config HAVE_GCC_PLUGINS 11 bool 12 help 13 An arch should select this symbol if it supports building with 14 GCC plugins. 15 16menuconfig GCC_PLUGINS 17 bool "GCC plugins" 18 depends on HAVE_GCC_PLUGINS 19 depends on PLUGIN_HOSTCC != "" 20 help 21 GCC plugins are loadable modules that provide extra features to the 22 compiler. They are useful for runtime instrumentation and static analysis. 23 24 See Documentation/gcc-plugins.txt for details. 25 26if GCC_PLUGINS 27 28config GCC_PLUGIN_CYC_COMPLEXITY 29 bool "Compute the cyclomatic complexity of a function" if EXPERT 30 depends on !COMPILE_TEST # too noisy 31 help 32 The complexity M of a function's control flow graph is defined as: 33 M = E - N + 2P 34 where 35 36 E = the number of edges 37 N = the number of nodes 38 P = the number of connected components (exit nodes). 39 40 Enabling this plugin reports the complexity to stderr during the 41 build. It mainly serves as a simple example of how to create a 42 gcc plugin for the kernel. 43 44config GCC_PLUGIN_SANCOV 45 bool 46 help 47 This plugin inserts a __sanitizer_cov_trace_pc() call at the start of 48 basic blocks. It supports all gcc versions with plugin support (from 49 gcc-4.5 on). It is based on the commit "Add fuzzing coverage support" 50 by Dmitry Vyukov <dvyukov@google.com>. 51 52config GCC_PLUGIN_LATENT_ENTROPY 53 bool "Generate some entropy during boot and runtime" 54 help 55 By saying Y here the kernel will instrument some kernel code to 56 extract some entropy from both original and artificially created 57 program state. This will help especially embedded systems where 58 there is little 'natural' source of entropy normally. The cost 59 is some slowdown of the boot process (about 0.5%) and fork and 60 irq processing. 61 62 Note that entropy extracted this way is not cryptographically 63 secure! 64 65 This plugin was ported from grsecurity/PaX. More information at: 66 * https://grsecurity.net/ 67 * https://pax.grsecurity.net/ 68 69config GCC_PLUGIN_STRUCTLEAK 70 bool "Force initialization of variables containing userspace addresses" 71 # Currently STRUCTLEAK inserts initialization out of live scope of 72 # variables from KASAN point of view. This leads to KASAN false 73 # positive reports. Prohibit this combination for now. 74 depends on !KASAN_EXTRA 75 help 76 This plugin zero-initializes any structures containing a 77 __user attribute. This can prevent some classes of information 78 exposures. 79 80 This plugin was ported from grsecurity/PaX. More information at: 81 * https://grsecurity.net/ 82 * https://pax.grsecurity.net/ 83 84config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL 85 bool "Force initialize all struct type variables passed by reference" 86 depends on GCC_PLUGIN_STRUCTLEAK 87 depends on !COMPILE_TEST 88 help 89 Zero initialize any struct type local variable that may be passed by 90 reference without having been initialized. 91 92config GCC_PLUGIN_STRUCTLEAK_VERBOSE 93 bool "Report forcefully initialized variables" 94 depends on GCC_PLUGIN_STRUCTLEAK 95 depends on !COMPILE_TEST # too noisy 96 help 97 This option will cause a warning to be printed each time the 98 structleak plugin finds a variable it thinks needs to be 99 initialized. Since not all existing initializers are detected 100 by the plugin, this can produce false positive warnings. 101 102config GCC_PLUGIN_RANDSTRUCT 103 bool "Randomize layout of sensitive kernel structures" 104 select MODVERSIONS if MODULES 105 help 106 If you say Y here, the layouts of structures that are entirely 107 function pointers (and have not been manually annotated with 108 __no_randomize_layout), or structures that have been explicitly 109 marked with __randomize_layout, will be randomized at compile-time. 110 This can introduce the requirement of an additional information 111 exposure vulnerability for exploits targeting these structure 112 types. 113 114 Enabling this feature will introduce some performance impact, 115 slightly increase memory usage, and prevent the use of forensic 116 tools like Volatility against the system (unless the kernel 117 source tree isn't cleaned after kernel installation). 118 119 The seed used for compilation is located at 120 scripts/gcc-plgins/randomize_layout_seed.h. It remains after 121 a make clean to allow for external modules to be compiled with 122 the existing seed and will be removed by a make mrproper or 123 make distclean. 124 125 Note that the implementation requires gcc 4.7 or newer. 126 127 This plugin was ported from grsecurity/PaX. More information at: 128 * https://grsecurity.net/ 129 * https://pax.grsecurity.net/ 130 131config GCC_PLUGIN_RANDSTRUCT_PERFORMANCE 132 bool "Use cacheline-aware structure randomization" 133 depends on GCC_PLUGIN_RANDSTRUCT 134 depends on !COMPILE_TEST # do not reduce test coverage 135 help 136 If you say Y here, the RANDSTRUCT randomization will make a 137 best effort at restricting randomization to cacheline-sized 138 groups of elements. It will further not randomize bitfields 139 in structures. This reduces the performance hit of RANDSTRUCT 140 at the cost of weakened randomization. 141 142config GCC_PLUGIN_STACKLEAK 143 bool "Erase the kernel stack before returning from syscalls" 144 depends on GCC_PLUGINS 145 depends on HAVE_ARCH_STACKLEAK 146 help 147 This option makes the kernel erase the kernel stack before 148 returning from system calls. That reduces the information which 149 kernel stack leak bugs can reveal and blocks some uninitialized 150 stack variable attacks. 151 152 The tradeoff is the performance impact: on a single CPU system kernel 153 compilation sees a 1% slowdown, other systems and workloads may vary 154 and you are advised to test this feature on your expected workload 155 before deploying it. 156 157 This plugin was ported from grsecurity/PaX. More information at: 158 * https://grsecurity.net/ 159 * https://pax.grsecurity.net/ 160 161config STACKLEAK_TRACK_MIN_SIZE 162 int "Minimum stack frame size of functions tracked by STACKLEAK" 163 default 100 164 range 0 4096 165 depends on GCC_PLUGIN_STACKLEAK 166 help 167 The STACKLEAK gcc plugin instruments the kernel code for tracking 168 the lowest border of the kernel stack (and for some other purposes). 169 It inserts the stackleak_track_stack() call for the functions with 170 a stack frame size greater than or equal to this parameter. 171 If unsure, leave the default value 100. 172 173config STACKLEAK_METRICS 174 bool "Show STACKLEAK metrics in the /proc file system" 175 depends on GCC_PLUGIN_STACKLEAK 176 depends on PROC_FS 177 help 178 If this is set, STACKLEAK metrics for every task are available in 179 the /proc file system. In particular, /proc/<pid>/stack_depth 180 shows the maximum kernel stack consumption for the current and 181 previous syscalls. Although this information is not precise, it 182 can be useful for estimating the STACKLEAK performance impact for 183 your workloads. 184 185config STACKLEAK_RUNTIME_DISABLE 186 bool "Allow runtime disabling of kernel stack erasing" 187 depends on GCC_PLUGIN_STACKLEAK 188 help 189 This option provides 'stack_erasing' sysctl, which can be used in 190 runtime to control kernel stack erasing for kernels built with 191 CONFIG_GCC_PLUGIN_STACKLEAK. 192 193endif 194