1 # SPDX-License-Identifier: GPL-2.0-only !! 1 preferred-plugin-hostcc := $(if-success,[ $(gcc-version) -ge 40800 ],$(HOSTCXX),$(HOSTCC))
>> 2
>> 3 config PLUGIN_HOSTCC
>> 4 string
>> 5 default "$(shell,$(srctree)/scripts/gcc-plugin.sh "$(preferred-plugin-hostcc)" "$(HOSTCXX)" "$(CC)")" if CC_IS_GCC
>> 6 help
>> 7 Host compiler used to build GCC plugins. This can be $(HOSTCXX),
>> 8 $(HOSTCC), or a null string if GCC plugin is unsupported.
>> 9
2 config HAVE_GCC_PLUGINS 10 config HAVE_GCC_PLUGINS
3 bool 11 bool
4 help 12 help
5 An arch should select this symbol if 13 An arch should select this symbol if it supports building with
6 GCC plugins. 14 GCC plugins.
7 15
8 menuconfig GCC_PLUGINS 16 menuconfig GCC_PLUGINS
9 bool "GCC plugins" 17 bool "GCC plugins"
10 depends on HAVE_GCC_PLUGINS 18 depends on HAVE_GCC_PLUGINS
11 depends on CC_IS_GCC !! 19 depends on PLUGIN_HOSTCC != ""
12 depends on $(success,test -e $(shell,$ <<
13 default y <<
14 help 20 help
15 GCC plugins are loadable modules tha 21 GCC plugins are loadable modules that provide extra features to the
16 compiler. They are useful for runtim 22 compiler. They are useful for runtime instrumentation and static analysis.
17 23
18 See Documentation/kbuild/gcc-plugins !! 24 See Documentation/gcc-plugins.txt for details.
19 25
20 if GCC_PLUGINS 26 if GCC_PLUGINS
21 27
>> 28 config GCC_PLUGIN_CYC_COMPLEXITY
>> 29 bool "Compute the cyclomatic complexity of a function" if EXPERT
>> 30 depends on !COMPILE_TEST # too noisy
>> 31 help
>> 32 The complexity M of a function's control flow graph is defined as:
>> 33 M = E - N + 2P
>> 34 where
>> 35
>> 36 E = the number of edges
>> 37 N = the number of nodes
>> 38 P = the number of connected components (exit nodes).
>> 39
>> 40 Enabling this plugin reports the complexity to stderr during the
>> 41 build. It mainly serves as a simple example of how to create a
>> 42 gcc plugin for the kernel.
>> 43
22 config GCC_PLUGIN_SANCOV 44 config GCC_PLUGIN_SANCOV
23 bool 45 bool
24 # Plugin can be removed once the kerne <<
25 depends on !CC_HAS_SANCOV_TRACE_PC <<
26 help 46 help
27 This plugin inserts a __sanitizer_co 47 This plugin inserts a __sanitizer_cov_trace_pc() call at the start of
28 basic blocks. It supports all gcc ve 48 basic blocks. It supports all gcc versions with plugin support (from
29 gcc-4.5 on). It is based on the comm 49 gcc-4.5 on). It is based on the commit "Add fuzzing coverage support"
30 by Dmitry Vyukov <dvyukov@google.com> 50 by Dmitry Vyukov <dvyukov@google.com>.
31 51
32 config GCC_PLUGIN_LATENT_ENTROPY 52 config GCC_PLUGIN_LATENT_ENTROPY
33 bool "Generate some entropy during boo 53 bool "Generate some entropy during boot and runtime"
34 help 54 help
35 By saying Y here the kernel will ins 55 By saying Y here the kernel will instrument some kernel code to
36 extract some entropy from both origi 56 extract some entropy from both original and artificially created
37 program state. This will help espec 57 program state. This will help especially embedded systems where
38 there is little 'natural' source of 58 there is little 'natural' source of entropy normally. The cost
39 is some slowdown of the boot process 59 is some slowdown of the boot process (about 0.5%) and fork and
40 irq processing. 60 irq processing.
41 61
42 Note that entropy extracted this way 62 Note that entropy extracted this way is not cryptographically
43 secure! 63 secure!
44 64
45 This plugin was ported from grsecuri 65 This plugin was ported from grsecurity/PaX. More information at:
46 * https://grsecurity.net/ 66 * https://grsecurity.net/
47 * https://pax.grsecurity.net/ 67 * https://pax.grsecurity.net/
48 68
49 config GCC_PLUGIN_ARM_SSP_PER_TASK !! 69 config GCC_PLUGIN_STRUCTLEAK
50 bool !! 70 bool "Force initialization of variables containing userspace addresses"
51 depends on GCC_PLUGINS && ARM !! 71 # Currently STRUCTLEAK inserts initialization out of live scope of
>> 72 # variables from KASAN point of view. This leads to KASAN false
>> 73 # positive reports. Prohibit this combination for now.
>> 74 depends on !KASAN_EXTRA
>> 75 help
>> 76 This plugin zero-initializes any structures containing a
>> 77 __user attribute. This can prevent some classes of information
>> 78 exposures.
>> 79
>> 80 This plugin was ported from grsecurity/PaX. More information at:
>> 81 * https://grsecurity.net/
>> 82 * https://pax.grsecurity.net/
>> 83
>> 84 config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL
>> 85 bool "Force initialize all struct type variables passed by reference"
>> 86 depends on GCC_PLUGIN_STRUCTLEAK
>> 87 depends on !COMPILE_TEST
>> 88 help
>> 89 Zero initialize any struct type local variable that may be passed by
>> 90 reference without having been initialized.
>> 91
>> 92 config GCC_PLUGIN_STRUCTLEAK_VERBOSE
>> 93 bool "Report forcefully initialized variables"
>> 94 depends on GCC_PLUGIN_STRUCTLEAK
>> 95 depends on !COMPILE_TEST # too noisy
>> 96 help
>> 97 This option will cause a warning to be printed each time the
>> 98 structleak plugin finds a variable it thinks needs to be
>> 99 initialized. Since not all existing initializers are detected
>> 100 by the plugin, this can produce false positive warnings.
>> 101
>> 102 config GCC_PLUGIN_RANDSTRUCT
>> 103 bool "Randomize layout of sensitive kernel structures"
>> 104 select MODVERSIONS if MODULES
>> 105 help
>> 106 If you say Y here, the layouts of structures that are entirely
>> 107 function pointers (and have not been manually annotated with
>> 108 __no_randomize_layout), or structures that have been explicitly
>> 109 marked with __randomize_layout, will be randomized at compile-time.
>> 110 This can introduce the requirement of an additional information
>> 111 exposure vulnerability for exploits targeting these structure
>> 112 types.
>> 113
>> 114 Enabling this feature will introduce some performance impact,
>> 115 slightly increase memory usage, and prevent the use of forensic
>> 116 tools like Volatility against the system (unless the kernel
>> 117 source tree isn't cleaned after kernel installation).
>> 118
>> 119 The seed used for compilation is located at
>> 120 scripts/gcc-plgins/randomize_layout_seed.h. It remains after
>> 121 a make clean to allow for external modules to be compiled with
>> 122 the existing seed and will be removed by a make mrproper or
>> 123 make distclean.
>> 124
>> 125 Note that the implementation requires gcc 4.7 or newer.
>> 126
>> 127 This plugin was ported from grsecurity/PaX. More information at:
>> 128 * https://grsecurity.net/
>> 129 * https://pax.grsecurity.net/
>> 130
>> 131 config GCC_PLUGIN_RANDSTRUCT_PERFORMANCE
>> 132 bool "Use cacheline-aware structure randomization"
>> 133 depends on GCC_PLUGIN_RANDSTRUCT
>> 134 depends on !COMPILE_TEST # do not reduce test coverage
>> 135 help
>> 136 If you say Y here, the RANDSTRUCT randomization will make a
>> 137 best effort at restricting randomization to cacheline-sized
>> 138 groups of elements. It will further not randomize bitfields
>> 139 in structures. This reduces the performance hit of RANDSTRUCT
>> 140 at the cost of weakened randomization.
>> 141
>> 142 config GCC_PLUGIN_STACKLEAK
>> 143 bool "Erase the kernel stack before returning from syscalls"
>> 144 depends on GCC_PLUGINS
>> 145 depends on HAVE_ARCH_STACKLEAK
>> 146 help
>> 147 This option makes the kernel erase the kernel stack before
>> 148 returning from system calls. That reduces the information which
>> 149 kernel stack leak bugs can reveal and blocks some uninitialized
>> 150 stack variable attacks.
>> 151
>> 152 The tradeoff is the performance impact: on a single CPU system kernel
>> 153 compilation sees a 1% slowdown, other systems and workloads may vary
>> 154 and you are advised to test this feature on your expected workload
>> 155 before deploying it.
>> 156
>> 157 This plugin was ported from grsecurity/PaX. More information at:
>> 158 * https://grsecurity.net/
>> 159 * https://pax.grsecurity.net/
>> 160
>> 161 config STACKLEAK_TRACK_MIN_SIZE
>> 162 int "Minimum stack frame size of functions tracked by STACKLEAK"
>> 163 default 100
>> 164 range 0 4096
>> 165 depends on GCC_PLUGIN_STACKLEAK
>> 166 help
>> 167 The STACKLEAK gcc plugin instruments the kernel code for tracking
>> 168 the lowest border of the kernel stack (and for some other purposes).
>> 169 It inserts the stackleak_track_stack() call for the functions with
>> 170 a stack frame size greater than or equal to this parameter.
>> 171 If unsure, leave the default value 100.
>> 172
>> 173 config STACKLEAK_METRICS
>> 174 bool "Show STACKLEAK metrics in the /proc file system"
>> 175 depends on GCC_PLUGIN_STACKLEAK
>> 176 depends on PROC_FS
>> 177 help
>> 178 If this is set, STACKLEAK metrics for every task are available in
>> 179 the /proc file system. In particular, /proc/<pid>/stack_depth
>> 180 shows the maximum kernel stack consumption for the current and
>> 181 previous syscalls. Although this information is not precise, it
>> 182 can be useful for estimating the STACKLEAK performance impact for
>> 183 your workloads.
>> 184
>> 185 config STACKLEAK_RUNTIME_DISABLE
>> 186 bool "Allow runtime disabling of kernel stack erasing"
>> 187 depends on GCC_PLUGIN_STACKLEAK
>> 188 help
>> 189 This option provides 'stack_erasing' sysctl, which can be used in
>> 190 runtime to control kernel stack erasing for kernels built with
>> 191 CONFIG_GCC_PLUGIN_STACKLEAK.
52 192
53 endif 193 endif
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.