redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/arch/arm64/kernel
History
Linus Torvalds 050e9baa9d Kbuild: rename CC_STACKPROTECTOR[_STRONG] config variables 
The changes to automatically test for working stack protector compiler
support in the Kconfig files removed the special STACKPROTECTOR_AUTO
option that picked the strongest stack protector that the compiler
supported.

That was all a nice cleanup - it makes no sense to have the AUTO case
now that the Kconfig phase can just determine the compiler support
directly.

HOWEVER.

It also meant that doing "make oldconfig" would now _disable_ the strong
stackprotector if you had AUTO enabled, because in a legacy config file,
the sane stack protector configuration would look like

  CONFIG_HAVE_CC_STACKPROTECTOR=y
  # CONFIG_CC_STACKPROTECTOR_NONE is not set
  # CONFIG_CC_STACKPROTECTOR_REGULAR is not set
  # CONFIG_CC_STACKPROTECTOR_STRONG is not set
  CONFIG_CC_STACKPROTECTOR_AUTO=y

and when you ran this through "make oldconfig" with the Kbuild changes,
it would ask you about the regular CONFIG_CC_STACKPROTECTOR (that had
been renamed from CONFIG_CC_STACKPROTECTOR_REGULAR to just
CONFIG_CC_STACKPROTECTOR), but it would think that the STRONG version
used to be disabled (because it was really enabled by AUTO), and would
disable it in the new config, resulting in:

  CONFIG_HAVE_CC_STACKPROTECTOR=y
  CONFIG_CC_HAS_STACKPROTECTOR_NONE=y
  CONFIG_CC_STACKPROTECTOR=y
  # CONFIG_CC_STACKPROTECTOR_STRONG is not set
  CONFIG_CC_HAS_SANE_STACKPROTECTOR=y

That's dangerously subtle - people could suddenly find themselves with
the weaker stack protector setup without even realizing.

The solution here is to just rename not just the old RECULAR stack
protector option, but also the strong one.  This does that by just
removing the CC_ prefix entirely for the user choices, because it really
is not about the compiler support (the compiler support now instead
automatially impacts _visibility_ of the options to users).

This results in "make oldconfig" actually asking the user for their
choice, so that we don't have any silent subtle security model changes.
The end result would generally look like this:

  CONFIG_HAVE_CC_STACKPROTECTOR=y
  CONFIG_CC_HAS_STACKPROTECTOR_NONE=y
  CONFIG_STACKPROTECTOR=y
  CONFIG_STACKPROTECTOR_STRONG=y
  CONFIG_CC_HAS_SANE_STACKPROTECTOR=y

where the "CC_" versions really are about internal compiler
infrastructure, not the user selections.

Acked-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
 		2018-06-14 12:21:18 +09:00
..
probes License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vdso arm64 updates for 4.15 2017-11-15 10:56:56 -08:00
.gitignore arm64: Build infrastructure 2012-09-17 13:42:21 +01:00
Makefile arm64: ssbd: Add prctl interface for per-thread mitigation 2018-05-31 18:00:52 +01:00
acpi.c More ACPI updates for v4.16-rc1 2018-02-09 09:44:25 -08:00
acpi_numa.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
acpi_parking_protocol.c arm64: fix endianness annotation in acpi_parking_protocol.c 2017-06-29 11:33:15 +01:00
alternative.c arm64: alternatives: Add dynamic patching feature 2018-03-19 13:03:17 +00:00
arm64ksyms.c arm64: export tishift functions to modules 2018-05-21 19:00:48 +01:00
armv8_deprecated.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
asm-offsets.c arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests 2018-05-31 18:00:57 +01:00
cacheinfo.c arm64: Add support for ACPI based firmware tables 2018-05-17 17:28:09 +01:00
cpu-reset.S arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives 2018-02-06 22:53:27 +00:00
cpu-reset.h arm64: Use __pa_symbol for kernel symbols 2017-01-12 15:05:39 +00:00
cpu_errata.c arm64 updates for 4.18: 2018-06-08 11:10:58 -07:00
cpu_ops.c arm64: cpu_ops: Add missing 'const' qualifiers 2017-12-01 13:05:08 +00:00
cpufeature.c arm64: signal: Report signal frame size to userspace via auxv 2018-06-01 15:53:10 +01:00
cpuidle.c ARM64 / cpuidle: Use new cpuidle macro for entering retention state 2018-01-02 13:50:34 +00:00
cpuinfo.c arm64: Expose Arm v8.4 features 2018-03-19 18:14:27 +00:00
crash_dump.c arm64: kdump: provide /proc/vmcore file 2017-04-05 18:31:38 +01:00
debug-monitors.c arm64: Use arm64_force_sig_info instead of force_sig_info 2018-03-06 18:52:32 +00:00
efi-entry.S arm64: Add software workaround for Falkor erratum 1041 2018-02-06 22:53:13 +00:00
efi-header.S arm64: efi: split Image code and data into separate PE/COFF sections 2017-04-04 17:50:59 +01:00
efi-rt-wrapper.S efi/arm64: Check whether x18 is preserved by runtime services calls 2018-03-09 08:58:22 +01:00
efi.c efi/arm64: Check whether x18 is preserved by runtime services calls 2018-03-09 08:58:22 +01:00
entry-fpsimd.S arm64/sve: Write ZCR_EL1 on context switch only if changed 2018-05-17 18:19:53 +01:00
entry-ftrace.S arm64: Fix static use of function graph 2017-11-03 12:05:23 +00:00
entry.S arm64: ssbd: Introduce thread flag to control userspace mitigation 2018-05-31 17:35:32 +01:00
entry32.S arm64: entry32: remove pointless register assignment 2015-07-10 16:47:13 +01:00
fpsimd.c Small update for KVM. 2018-06-12 11:34:04 -07:00
ftrace.c arm64: ftrace: emit ftrace-mod.o contents through code 2017-12-01 13:04:59 +00:00
head.S arm64/kvm: Prohibit guest LOR accesses 2018-02-26 10:48:01 +01:00
hibernate-asm.S arm64: assembler: Change order of macro arguments in phys_to_ttbr 2018-02-06 22:53:21 +00:00
hibernate.c arm64: ssbd: Restore mitigation status on CPU resume 2018-05-31 17:35:19 +01:00
hw_breakpoint.c compat: Move compat_timespec/ timeval to compat_time.h 2018-04-19 13:29:54 +02:00
hyp-stub.S arm64: hyp-stub: Zero x0 on successful stub handling 2017-04-09 07:49:35 -07:00
image.h arm64/efi: Make strrchr() available to the EFI namespace 2018-03-05 13:45:38 -06:00
insn.c arm64: insn: Allow ADD/SUB (immediate) with LSL #12 2018-03-19 13:05:13 +00:00
io.c arm64: Avoid aligning normal memory pointers in __memcpy_{to,from}io 2017-10-24 16:23:07 +01:00
irq.c arm64: Add vmap_stack header file 2018-01-13 10:45:03 +00:00
jump_label.c jump_label: Rename JUMP_LABEL_{EN,DIS}ABLE to JUMP_LABEL_{JMP,NOP} 2015-08-03 11:34:12 +02:00
kaslr.c arm64/kernel: kaslr: reduce module randomization range to 4 GB 2018-03-08 13:49:26 +00:00
kgdb.c arm64/debug: Fix registers on sleeping tasks 2018-03-06 18:52:34 +00:00
kuser32.S arm64: Add __NR_* definitions for compat syscalls 2014-07-10 11:02:40 +01:00
machine_kexec.c arm64: explicitly mask all exceptions 2017-11-02 15:55:40 +00:00
module-plts.c arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp 2018-04-24 19:07:35 +01:00
module.c arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp 2018-04-24 19:07:35 +01:00
module.lds arm64: ftrace: emit ftrace-mod.o contents through code 2017-12-01 13:04:59 +00:00
paravirt.c arm64: introduce CONFIG_PARAVIRT, PARAVIRT_TIME_ACCOUNTING and pv_time_ops 2015-12-21 14:40:54 +00:00
pci.c PCI: Add a generic weak pcibios_align_resource() 2017-08-02 14:53:16 -05:00
perf_callchain.c arm64: unwind: remove sp from struct stackframe 2017-08-09 14:10:29 +01:00
perf_event.c arm_pmu: simplify arm_pmu::handle_irq 2018-05-21 18:07:05 +01:00
perf_regs.c compat: Move compat_timespec/ timeval to compat_time.h 2018-04-19 13:29:54 +02:00
process.c Kbuild: rename CC_STACKPROTECTOR[_STRONG] config variables 2018-06-14 12:21:18 +09:00
psci.c arm64: Use __pa_symbol for kernel symbols 2017-01-12 15:05:39 +00:00
ptrace.c Small update for KVM. 2018-06-12 11:34:04 -07:00
reloc_test_core.c arm64: fix undefined reference to 'printk' 2018-03-19 18:14:25 +00:00
reloc_test_syms.S arm64: fix undefined reference to 'printk' 2018-03-19 18:14:25 +00:00
relocate_kernel.S arm64: Add software workaround for Falkor erratum 1041 2018-02-06 22:53:13 +00:00
return_address.c arm64: unwind: remove sp from struct stackframe 2017-08-09 14:10:29 +01:00
sdei.c arm64: sdei: Add trampoline code for remapping the kernel 2018-01-14 18:49:50 +00:00
setup.c arm64: Move the async/fiq helpers to explicitly set process context flags 2017-11-02 15:55:41 +00:00
signal.c arm64: Fix syscall restarting around signal suppressed by tracer 2018-06-08 13:21:39 +01:00
signal32.c arm64: uaccess: Fix omissions from usercopy whitelist 2018-03-28 15:25:44 +01:00
sleep.S arm64: idmap: Use "awx" flags for .idmap.text .pushsection directives 2018-02-06 22:53:27 +00:00
smccc-call.S firmware: qcom: scm: Fix interrupted SCM calls 2017-02-03 18:46:33 +00:00
smp.c arm64: capabilities: Change scope of VHE to Boot CPU feature 2018-03-26 18:01:41 +01:00
smp_spin_table.c arm64: Use __pa_symbol for kernel symbols 2017-01-12 15:05:39 +00:00
ssbd.c arm64: ssbd: Add prctl interface for per-thread mitigation 2018-05-31 18:00:52 +01:00
stacktrace.c arm64: fix unwind_frame() for filtered out fn for function graph tracing 2018-02-23 13:46:38 +00:00
suspend.c arm64: ssbd: Restore mitigation status on CPU resume 2018-05-31 17:35:19 +01:00
sys.c mm: add ksys_mmap_pgoff() helper; remove in-kernel calls to sys_mmap_pgoff() 2018-04-02 20:16:11 +02:00
sys32.c arm64: fix implementation of mmap2 compat syscall 2015-03-19 10:43:51 +00:00
sys_compat.c signal: Ensure every siginfo we send has all bits initialized 2018-04-25 10:40:51 -05:00
time.c arm64: fix unwind_frame() for filtered out fn for function graph tracing 2018-02-23 13:46:38 +00:00
topology.c arm64: topology: Avoid checking numa mask for scheduler MC selection 2018-06-07 17:42:11 +01:00
trace-events-emulation.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
traps.c Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2018-06-04 15:23:48 -07:00
vdso.c arm64/vdso: Support mremap() for vDSO 2017-08-09 12:16:28 +01:00
vmlinux.lds.S arm64: remove no-op macro VMLINUX_SYMBOL() 2018-05-15 18:14:24 +01:00