lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CANiq72mRKHunT2Zkdj4dS5yHrx==MsmY33BvBqOy52_pNqrZFw@mail.gmail.com>
Date: Fri, 29 Aug 2025 00:46:16 +0200
From: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To: Nathan Chancellor <nathan@...nel.org>
Cc: Randy Dunlap <rdunlap@...radead.org>, Kees Cook <kees@...flux.net>, Kees Cook <kees@...nel.org>, 
	Peter Zijlstra <peterz@...radead.org>, Sami Tolvanen <samitolvanen@...gle.com>, 
	Linus Walleij <linus.walleij@...aro.org>, Mark Rutland <mark.rutland@....com>, 
	Puranjay Mohan <puranjay@...nel.org>, David Woodhouse <dwmw2@...radead.org>, 
	Jonathan Corbet <corbet@....net>, x86@...nel.org, linux-doc@...r.kernel.org, 
	linux-kbuild@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, 
	linux-riscv@...ts.infradead.org, llvm@...ts.linux.dev, 
	linux-hardening@...r.kernel.org
Subject: Re: [PATCH 5/5] kcfi: Rename CONFIG_CFI_CLANG to CONFIG_CFI

On Thu, Aug 28, 2025 at 10:19 PM Nathan Chancellor <nathan@...nel.org> wrote:
>
> Ah yes, I reread your suggestion and that would probably be the best
> course of action, as it does avoid the extra symbol (although I am not
> sure what you mean by one less rename?). As I understand it:
>
>   config CFI_CLANG
>       bool "Use Kernel Control Flow Integrity (kCFI)"
>       depends on ARCH_SUPPORTS_CFI
>       depends on $(cc-option,-fsanitize=kcfi)
>       help
>         <generic help text>
>
>   config CFI
>       def_bool CFI_CLANG
>
> then keep the rest of the change the same with the rename? I guess the

Yeah, exactly. The name isn't great, though, as you mention, if users
with GCC see it early on.

By one less rename I just meant that we wouldn't have both CFI_GCC and
CFI_CLANG "moved"/"merged" into CFI later on (just 1).

Cheers,
Miguel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ