lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Nov 2021 09:20:52 -0700 From: Kees Cook <keescook@...omium.org> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: linux-kernel@...r.kernel.org, Ard Biesheuvel <ardb@...nel.org>, Fangrui Song <maskray@...gle.com>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, James Morris <jmorris@...ei.org>, Jonathan Corbet <corbet@....net>, Kees Cook <keescook@...omium.org>, "KE.LI" <like1@...o.com>, linux-doc@...r.kernel.org, linux-hardening@...r.kernel.org, linux-kbuild@...r.kernel.org, linux-security-module@...r.kernel.org, llvm@...ts.linux.dev, Masahiro Yamada <masahiroy@...nel.org>, Michal Marek <michal.lkml@...kovi.net>, Miguel Ojeda <ojeda@...nel.org>, Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Padmanabha Srinivasaiah <treasure4paddy@...il.com>, Sami Tolvanen <samitolvanen@...gle.com>, "Serge E. Hallyn" <serge@...lyn.com>, Will Deacon <will@...nel.org>, Ye Guojin <ye.guojin@....com.cn>, Zeal Robot <zealci@....com.cn> Subject: [GIT PULL] hardening updates for v5.16-rc1 Hi Linus, Please pull these hardening updates for v5.16-rc1. These are various compiler-related hardening feature updates. Notable is the addition of an explicit limited rationale for, and deprecation schedule of, gcc-plugins. More details in the tag below. Thanks! -Kees The following changes since commit e4e737bb5c170df6135a127739a9e6148ee3da82: Linux 5.15-rc2 (2021-09-19 17:28:22 -0700) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/hardening-v5.16-rc1 for you to fetch changes up to 6425392acf24b6d469932dd1b217dc7b20d6447f: gcc-plugins: remove duplicate include in gcc-common.h (2021-10-21 08:41:51 -0700) ---------------------------------------------------------------- compiler hardening updates for v5.16-rc1 This collects various compiler hardening feature related updates: - gcc-plugins: - remove support for GCC 4.9 and older (Ard Biesheuvel) - remove duplicate include in gcc-common.h (Ye Guojin) - Explicitly document purpose and deprecation schedule (Kees Cook) - Remove cyc_complexity (Kees Cook) - instrumentation: - Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO (Kees Cook) - Clang LTO: - kallsyms: strip LTO suffixes from static functions (Nick Desaulniers) ---------------------------------------------------------------- Ard Biesheuvel (1): gcc-plugins: remove support for GCC 4.9 and older Kees Cook (3): hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO gcc-plugins: Explicitly document purpose and deprecation schedule gcc-plugins: Remove cyc_complexity Nick Desaulniers (1): kallsyms: strip LTO suffixes from static functions Ye Guojin (1): gcc-plugins: remove duplicate include in gcc-common.h Documentation/kbuild/gcc-plugins.rst | 28 ++++- Makefile | 6 +- kernel/kallsyms.c | 46 +++++-- scripts/Makefile.gcc-plugins | 2 - scripts/gcc-plugins/Kconfig | 20 +--- scripts/gcc-plugins/cyc_complexity_plugin.c | 69 ----------- scripts/gcc-plugins/gcc-common.h | 132 +-------------------- scripts/gcc-plugins/gcc-generate-gimple-pass.h | 19 --- scripts/gcc-plugins/gcc-generate-ipa-pass.h | 19 --- scripts/gcc-plugins/gcc-generate-rtl-pass.h | 19 --- scripts/gcc-plugins/gcc-generate-simple_ipa-pass.h | 19 --- scripts/gcc-plugins/structleak_plugin.c | 2 - security/Kconfig.hardening | 14 ++- 13 files changed, 75 insertions(+), 320 deletions(-) delete mode 100644 scripts/gcc-plugins/cyc_complexity_plugin.c -- Kees Cook
Powered by blists - more mailing lists