| Kconfig (82ffd0454bd9bd57780966d47bfd56d579dd4fb3) | Kconfig (81a56f6dcd20325607d6008f4bb560c96f4c821a) |
|---|---|
| 1preferred-plugin-hostcc := $(if-success,[ $(gcc-version) -ge 40800 ],$(HOSTCXX),$(HOSTCC)) 2 3config PLUGIN_HOSTCC 4 string 5 default "$(shell,$(srctree)/scripts/gcc-plugin.sh "$(preferred-plugin-hostcc)" "$(HOSTCXX)" "$(CC)")" if CC_IS_GCC 6 help 7 Host compiler used to build GCC plugins. This can be $(HOSTCXX), 8 $(HOSTCC), or a null string if GCC plugin is unsupported. --- 53 unchanged lines hidden (view full) --- 62 Note that entropy extracted this way is not cryptographically 63 secure! 64 65 This plugin was ported from grsecurity/PaX. More information at: 66 * https://grsecurity.net/ 67 * https://pax.grsecurity.net/ 68 69config GCC_PLUGIN_STRUCTLEAK | 1preferred-plugin-hostcc := $(if-success,[ $(gcc-version) -ge 40800 ],$(HOSTCXX),$(HOSTCC)) 2 3config PLUGIN_HOSTCC 4 string 5 default "$(shell,$(srctree)/scripts/gcc-plugin.sh "$(preferred-plugin-hostcc)" "$(HOSTCXX)" "$(CC)")" if CC_IS_GCC 6 help 7 Host compiler used to build GCC plugins. This can be $(HOSTCXX), 8 $(HOSTCC), or a null string if GCC plugin is unsupported. --- 53 unchanged lines hidden (view full) --- 62 Note that entropy extracted this way is not cryptographically 63 secure! 64 65 This plugin was ported from grsecurity/PaX. More information at: 66 * https://grsecurity.net/ 67 * https://pax.grsecurity.net/ 68 69config GCC_PLUGIN_STRUCTLEAK |
| 70 bool "Force initialization of variables containing userspace addresses" | 70 bool "Zero initialize stack variables" |
| 71 # Currently STRUCTLEAK inserts initialization out of live scope of 72 # variables from KASAN point of view. This leads to KASAN false 73 # positive reports. Prohibit this combination for now. 74 depends on !KASAN_EXTRA 75 help | 71 # Currently STRUCTLEAK inserts initialization out of live scope of 72 # variables from KASAN point of view. This leads to KASAN false 73 # positive reports. Prohibit this combination for now. 74 depends on !KASAN_EXTRA 75 help |
| 76 This plugin zero-initializes any structures containing a 77 __user attribute. This can prevent some classes of information 78 exposures. | 76 While the kernel is built with warnings enabled for any missed 77 stack variable initializations, this warning is silenced for 78 anything passed by reference to another function, under the 79 occasionally misguided assumption that the function will do 80 the initialization. As this regularly leads to exploitable 81 flaws, this plugin is available to identify and zero-initialize 82 such variables, depending on the chosen level of coverage. |
| 79 | 83 |
| 80 This plugin was ported from grsecurity/PaX. More information at: | 84 This plugin was originally ported from grsecurity/PaX. More 85 information at: |
| 81 * https://grsecurity.net/ 82 * https://pax.grsecurity.net/ 83 | 86 * https://grsecurity.net/ 87 * https://pax.grsecurity.net/ 88 |
| 84config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL 85 bool "Force initialize all struct type variables passed by reference" | 89choice 90 prompt "Coverage" |
| 86 depends on GCC_PLUGIN_STRUCTLEAK | 91 depends on GCC_PLUGIN_STRUCTLEAK |
| 87 depends on !COMPILE_TEST | 92 default GCC_PLUGIN_STRUCTLEAK_BYREF_ALL |
| 88 help | 93 help |
| 89 Zero initialize any struct type local variable that may be passed by 90 reference without having been initialized. | 94 This chooses the level of coverage over classes of potentially 95 uninitialized variables. The selected class will be 96 zero-initialized before use. |
| 91 | 97 |
| 98 config GCC_PLUGIN_STRUCTLEAK_USER 99 bool "structs marked for userspace" 100 help 101 Zero-initialize any structures on the stack containing 102 a __user attribute. This can prevent some classes of 103 uninitialized stack variable exploits and information 104 exposures, like CVE-2013-2141: 105 https://git.kernel.org/linus/b9e146d8eb3b9eca 106 107 config GCC_PLUGIN_STRUCTLEAK_BYREF 108 bool "structs passed by reference" 109 help 110 Zero-initialize any structures on the stack that may 111 be passed by reference and had not already been 112 explicitly initialized. This can prevent most classes 113 of uninitialized stack variable exploits and information 114 exposures, like CVE-2017-1000410: 115 https://git.kernel.org/linus/06e7e776ca4d3654 116 117 config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL 118 bool "anything passed by reference" 119 help 120 Zero-initialize any stack variables that may be passed 121 by reference and had not already been explicitly 122 initialized. This is intended to eliminate all classes 123 of uninitialized stack variable exploits and information 124 exposures. 125 126endchoice 127 |
|
| 92config GCC_PLUGIN_STRUCTLEAK_VERBOSE 93 bool "Report forcefully initialized variables" 94 depends on GCC_PLUGIN_STRUCTLEAK 95 depends on !COMPILE_TEST # too noisy 96 help 97 This option will cause a warning to be printed each time the 98 structleak plugin finds a variable it thinks needs to be 99 initialized. Since not all existing initializers are detected --- 98 unchanged lines hidden --- | 128config GCC_PLUGIN_STRUCTLEAK_VERBOSE 129 bool "Report forcefully initialized variables" 130 depends on GCC_PLUGIN_STRUCTLEAK 131 depends on !COMPILE_TEST # too noisy 132 help 133 This option will cause a warning to be printed each time the 134 structleak plugin finds a variable it thinks needs to be 135 initialized. Since not all existing initializers are detected --- 98 unchanged lines hidden --- |