On Wed, Apr 24, 2019 at 4:49 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote: > > This refactors the stack memory initialization configs in order to > keep things together when adding Clang stack initialization, and in > preparation for future heap memory initialization configs. > > I intend to carry this in the gcc-plugins tree, but I'd really like > to get Acks from Masahiro (Kconfig changes, Makefile change), and > from James (adding the new Kconfig.hardening to security/Kconfig). If needed, Acked-by: Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx> > Thanks! > > -Kees > > v3: > - clean up menu/if with a merged "depends on" (masahiro) > - add CONFIG_COMPILE_TEST defaults (masahiro) > > v2: > - add plugin menu (masahiro) > - adjust patch subject prefixes (masahiro) > - drop redundent "depends" (masahiro) > - fixed early use of CC_HAS_AUTO_VAR_INIT (masahiro) > - dropped default-enabled for STACK_INIT_ALL (masahiro) > > > Kees Cook (3): > security: Create "kernel hardening" config area > security: Move stackleak config to Kconfig.hardening > security: Implement Clang's stack initialization > > Makefile | 5 ++ > scripts/gcc-plugins/Kconfig | 126 ++------------------------- > security/Kconfig | 2 + > security/Kconfig.hardening | 164 ++++++++++++++++++++++++++++++++++++ > 4 files changed, 177 insertions(+), 120 deletions(-) > create mode 100644 security/Kconfig.hardening > > -- > 2.17.1 > -- Best Regards Masahiro Yamada
