| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Nov 2021 09:20:52 -0700
From: Kees Cook <keescook@...omium.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-kernel@...r.kernel.org, Ard Biesheuvel <ardb@...nel.org>,
Fangrui Song <maskray@...gle.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
James Morris <jmorris@...ei.org>,
Jonathan Corbet <corbet@....net>,
Kees Cook <keescook@...omium.org>, "KE.LI" <like1@...o.com>,
linux-doc@...r.kernel.org, linux-hardening@...r.kernel.org,
linux-kbuild@...r.kernel.org,
linux-security-module@...r.kernel.org, llvm@...ts.linux.dev,
Masahiro Yamada <masahiroy@...nel.org>,
Michal Marek <michal.lkml@...kovi.net>,
Miguel Ojeda <ojeda@...nel.org>,
Nathan Chancellor <nathan@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Padmanabha Srinivasaiah <treasure4paddy@...il.com>,
Sami Tolvanen <samitolvanen@...gle.com>,
"Serge E. Hallyn" <serge@...lyn.com>,
Will Deacon <will@...nel.org>,
Ye Guojin <ye.guojin@....com.cn>,
Zeal Robot <zealci@....com.cn>
Subject: [GIT PULL] hardening updates for v5.16-rc1
Hi Linus,
Please pull these hardening updates for v5.16-rc1. These are various
compiler-related hardening feature updates. Notable is the addition of an
explicit limited rationale for, and deprecation schedule of, gcc-plugins.
More details in the tag below.
Thanks!
-Kees
The following changes since commit e4e737bb5c170df6135a127739a9e6148ee3da82:
Linux 5.15-rc2 (2021-09-19 17:28:22 -0700)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/hardening-v5.16-rc1
for you to fetch changes up to 6425392acf24b6d469932dd1b217dc7b20d6447f:
gcc-plugins: remove duplicate include in gcc-common.h (2021-10-21 08:41:51 -0700)
----------------------------------------------------------------
compiler hardening updates for v5.16-rc1
This collects various compiler hardening feature related updates:
- gcc-plugins:
- remove support for GCC 4.9 and older (Ard Biesheuvel)
- remove duplicate include in gcc-common.h (Ye Guojin)
- Explicitly document purpose and deprecation schedule (Kees Cook)
- Remove cyc_complexity (Kees Cook)
- instrumentation:
- Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO (Kees Cook)
- Clang LTO:
- kallsyms: strip LTO suffixes from static functions (Nick Desaulniers)
----------------------------------------------------------------
Ard Biesheuvel (1):
gcc-plugins: remove support for GCC 4.9 and older
Kees Cook (3):
hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO
gcc-plugins: Explicitly document purpose and deprecation schedule
gcc-plugins: Remove cyc_complexity
Nick Desaulniers (1):
kallsyms: strip LTO suffixes from static functions
Ye Guojin (1):
gcc-plugins: remove duplicate include in gcc-common.h
Documentation/kbuild/gcc-plugins.rst | 28 ++++-
Makefile | 6 +-
kernel/kallsyms.c | 46 +++++--
scripts/Makefile.gcc-plugins | 2 -
scripts/gcc-plugins/Kconfig | 20 +---
scripts/gcc-plugins/cyc_complexity_plugin.c | 69 -----------
scripts/gcc-plugins/gcc-common.h | 132 +--------------------
scripts/gcc-plugins/gcc-generate-gimple-pass.h | 19 ---
scripts/gcc-plugins/gcc-generate-ipa-pass.h | 19 ---
scripts/gcc-plugins/gcc-generate-rtl-pass.h | 19 ---
scripts/gcc-plugins/gcc-generate-simple_ipa-pass.h | 19 ---
scripts/gcc-plugins/structleak_plugin.c | 2 -
security/Kconfig.hardening | 14 ++-
13 files changed, 75 insertions(+), 320 deletions(-)
delete mode 100644 scripts/gcc-plugins/cyc_complexity_plugin.c
--
Kees Cook
Powered by blists - more mailing lists