1 files changed, 142 insertions, 0 deletions
diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig
new file mode 100644
index 000000000000..7430a7c77a4a
--- /dev/null
+++ b/scripts/gcc-plugins/Kconfig
@@ -0,0 +1,142 @@
+preferred-plugin-hostcc := $(if-success,[ $(gcc-version) -ge 40800 ],$(HOSTCXX),$(HOSTCC))
+config PLUGIN_HOSTCC
+        string
+        default "$(shell,$(srctree)/scripts/gcc-plugin.sh "$(preferred-plugin-hostcc)" "$(HOSTCXX)" "$(CC)")"
+        help
+          Host compiler used to build GCC plugins.  This can be $(HOSTCXX),
+          $(HOSTCC), or a null string if GCC plugin is unsupported.
+config HAVE_GCC_PLUGINS
+        bool
+        help
+          An arch should select this symbol if it supports building with
+          GCC plugins.
+menuconfig GCC_PLUGINS
+        bool "GCC plugins"
+        depends on HAVE_GCC_PLUGINS
+        depends on PLUGIN_HOSTCC != ""
+        help
+          GCC plugins are loadable modules that provide extra features to the
+          compiler. They are useful for runtime instrumentation and static analysis.
+          See Documentation/gcc-plugins.txt for details.
+if GCC_PLUGINS
+config GCC_PLUGIN_CYC_COMPLEXITY
+        bool "Compute the cyclomatic complexity of a function" if EXPERT
+        depends on !COMPILE_TEST        # too noisy
+        help
+          The complexity M of a function's control flow graph is defined as:
+           M = E - N + 2P
+          where
+          E = the number of edges
+          N = the number of nodes
+          P = the number of connected components (exit nodes).
+          Enabling this plugin reports the complexity to stderr during the
+          build. It mainly serves as a simple example of how to create a
+          gcc plugin for the kernel.
+config GCC_PLUGIN_SANCOV
+        bool
+        help
+          This plugin inserts a __sanitizer_cov_trace_pc() call at the start of
+          basic blocks. It supports all gcc versions with plugin support (from
+          gcc-4.5 on). It is based on the commit "Add fuzzing coverage support"
+          by Dmitry Vyukov <dvyukov@google.com>.
+config GCC_PLUGIN_LATENT_ENTROPY
+        bool "Generate some entropy during boot and runtime"
+        help
+          By saying Y here the kernel will instrument some kernel code to
+          extract some entropy from both original and artificially created
+          program state.  This will help especially embedded systems where
+          there is little 'natural' source of entropy normally.  The cost
+          is some slowdown of the boot process (about 0.5%) and fork and
+          irq processing.
+          Note that entropy extracted this way is not cryptographically
+          secure!
+          This plugin was ported from grsecurity/PaX. More information at:
+           * https://grsecurity.net/
+           * https://pax.grsecurity.net/
+config GCC_PLUGIN_STRUCTLEAK
+        bool "Force initialization of variables containing userspace addresses"
+        # Currently STRUCTLEAK inserts initialization out of live scope of
+        # variables from KASAN point of view. This leads to KASAN false
+        # positive reports. Prohibit this combination for now.
+        depends on !KASAN_EXTRA
+        help
+          This plugin zero-initializes any structures containing a
+          __user attribute. This can prevent some classes of information
+          exposures.
+          This plugin was ported from grsecurity/PaX. More information at:
+           * https://grsecurity.net/
+           * https://pax.grsecurity.net/
+config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL
+        bool "Force initialize all struct type variables passed by reference"
+        depends on GCC_PLUGIN_STRUCTLEAK
+        depends on !COMPILE_TEST
+        help
+          Zero initialize any struct type local variable that may be passed by
+          reference without having been initialized.
+config GCC_PLUGIN_STRUCTLEAK_VERBOSE
+        bool "Report forcefully initialized variables"
+        depends on GCC_PLUGIN_STRUCTLEAK
+        depends on !COMPILE_TEST        # too noisy
+        help
+          This option will cause a warning to be printed each time the
+          structleak plugin finds a variable it thinks needs to be
+          initialized. Since not all existing initializers are detected
+          by the plugin, this can produce false positive warnings.
+config GCC_PLUGIN_RANDSTRUCT
+        bool "Randomize layout of sensitive kernel structures"
+        select MODVERSIONS if MODULES
+        help
+          If you say Y here, the layouts of structures that are entirely
+          function pointers (and have not been manually annotated with
+          __no_randomize_layout), or structures that have been explicitly
+          marked with __randomize_layout, will be randomized at compile-time.
+          This can introduce the requirement of an additional information
+          exposure vulnerability for exploits targeting these structure
+          types.
+          Enabling this feature will introduce some performance impact,
+          slightly increase memory usage, and prevent the use of forensic
+          tools like Volatility against the system (unless the kernel
+          source tree isn't cleaned after kernel installation).
+          The seed used for compilation is located at
+          scripts/gcc-plgins/randomize_layout_seed.h.  It remains after
+          a make clean to allow for external modules to be compiled with
+          the existing seed and will be removed by a make mrproper or
+          make distclean.
+          Note that the implementation requires gcc 4.7 or newer.
+          This plugin was ported from grsecurity/PaX. More information at:
+           * https://grsecurity.net/
+           * https://pax.grsecurity.net/
+config GCC_PLUGIN_RANDSTRUCT_PERFORMANCE
+        bool "Use cacheline-aware structure randomization"
+        depends on GCC_PLUGIN_RANDSTRUCT
+        depends on !COMPILE_TEST        # do not reduce test coverage
+        help
+          If you say Y here, the RANDSTRUCT randomization will make a
+          best effort at restricting randomization to cacheline-sized
+          groups of elements.  It will further not randomize bitfields
+          in structures.  This reduces the performance hit of RANDSTRUCT
+          at the cost of weakened randomization.
+endif

diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig new file mode 100644 index 000000000000..7430a7c77a4a --- /dev/null +++ b/scripts/gcc-plugins/Kconfig
@@ -0,0 +1,142 @@
	1	preferred-plugin-hostcc := $(if-success,[ $(gcc-version) -ge 40800 ],$(HOSTCXX),$(HOSTCC))
	2
	3	config PLUGIN_HOSTCC
	4	string
	5	default "$(shell,$(srctree)/scripts/gcc-plugin.sh "$(preferred-plugin-hostcc)" "$(HOSTCXX)" "$(CC)")"
	6	help
	7	Host compiler used to build GCC plugins. This can be $(HOSTCXX),
	8	$(HOSTCC), or a null string if GCC plugin is unsupported.
	9
	10	config HAVE_GCC_PLUGINS
	11	bool
	12	help
	13	An arch should select this symbol if it supports building with
	14	GCC plugins.
	15
	16	menuconfig GCC_PLUGINS
	17	bool "GCC plugins"
	18	depends on HAVE_GCC_PLUGINS
	19	depends on PLUGIN_HOSTCC != ""
	20	help
	21	GCC plugins are loadable modules that provide extra features to the
	22	compiler. They are useful for runtime instrumentation and static analysis.
	23
	24	See Documentation/gcc-plugins.txt for details.
	25
	26	if GCC_PLUGINS
	27
	28	config GCC_PLUGIN_CYC_COMPLEXITY
	29	bool "Compute the cyclomatic complexity of a function" if EXPERT
	30	depends on !COMPILE_TEST # too noisy
	31	help
	32	The complexity M of a function's control flow graph is defined as:
	33	M = E - N + 2P
	34	where
	35
	36	E = the number of edges
	37	N = the number of nodes
	38	P = the number of connected components (exit nodes).
	39
	40	Enabling this plugin reports the complexity to stderr during the
	41	build. It mainly serves as a simple example of how to create a
	42	gcc plugin for the kernel.
	43
	44	config GCC_PLUGIN_SANCOV
	45	bool
	46	help
	47	This plugin inserts a __sanitizer_cov_trace_pc() call at the start of
	48	basic blocks. It supports all gcc versions with plugin support (from
	49	gcc-4.5 on). It is based on the commit "Add fuzzing coverage support"
	50	by Dmitry Vyukov <dvyukov@google.com>.
	51
	52	config GCC_PLUGIN_LATENT_ENTROPY
	53	bool "Generate some entropy during boot and runtime"
	54	help
	55	By saying Y here the kernel will instrument some kernel code to
	56	extract some entropy from both original and artificially created
	57	program state. This will help especially embedded systems where
	58	there is little 'natural' source of entropy normally. The cost
	59	is some slowdown of the boot process (about 0.5%) and fork and
	60	irq processing.
	61
	62	Note that entropy extracted this way is not cryptographically
	63	secure!
	64
	65	This plugin was ported from grsecurity/PaX. More information at:
	66	* https://grsecurity.net/
	67	* https://pax.grsecurity.net/
	68
	69	config GCC_PLUGIN_STRUCTLEAK
	70	bool "Force initialization of variables containing userspace addresses"
	71	# Currently STRUCTLEAK inserts initialization out of live scope of
	72	# variables from KASAN point of view. This leads to KASAN false
	73	# positive reports. Prohibit this combination for now.
	74	depends on !KASAN_EXTRA
	75	help
	76	This plugin zero-initializes any structures containing a
	77	__user attribute. This can prevent some classes of information
	78	exposures.
	79
	80	This plugin was ported from grsecurity/PaX. More information at:
	81	* https://grsecurity.net/
	82	* https://pax.grsecurity.net/
	83
	84	config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL
	85	bool "Force initialize all struct type variables passed by reference"
	86	depends on GCC_PLUGIN_STRUCTLEAK
	87	depends on !COMPILE_TEST
	88	help
	89	Zero initialize any struct type local variable that may be passed by
	90	reference without having been initialized.
	91
	92	config GCC_PLUGIN_STRUCTLEAK_VERBOSE
	93	bool "Report forcefully initialized variables"
	94	depends on GCC_PLUGIN_STRUCTLEAK
	95	depends on !COMPILE_TEST # too noisy
	96	help
	97	This option will cause a warning to be printed each time the
	98	structleak plugin finds a variable it thinks needs to be
	99	initialized. Since not all existing initializers are detected
	100	by the plugin, this can produce false positive warnings.
	101
	102	config GCC_PLUGIN_RANDSTRUCT
	103	bool "Randomize layout of sensitive kernel structures"
	104	select MODVERSIONS if MODULES
	105	help
	106	If you say Y here, the layouts of structures that are entirely
	107	function pointers (and have not been manually annotated with
	108	__no_randomize_layout), or structures that have been explicitly
	109	marked with __randomize_layout, will be randomized at compile-time.
	110	This can introduce the requirement of an additional information
	111	exposure vulnerability for exploits targeting these structure
	112	types.
	113
	114	Enabling this feature will introduce some performance impact,
	115	slightly increase memory usage, and prevent the use of forensic
	116	tools like Volatility against the system (unless the kernel
	117	source tree isn't cleaned after kernel installation).
	118
	119	The seed used for compilation is located at
	120	scripts/gcc-plgins/randomize_layout_seed.h. It remains after
	121	a make clean to allow for external modules to be compiled with
	122	the existing seed and will be removed by a make mrproper or
	123	make distclean.
	124
	125	Note that the implementation requires gcc 4.7 or newer.
	126
	127	This plugin was ported from grsecurity/PaX. More information at:
	128	* https://grsecurity.net/
	129	* https://pax.grsecurity.net/
	130
	131	config GCC_PLUGIN_RANDSTRUCT_PERFORMANCE
	132	bool "Use cacheline-aware structure randomization"
	133	depends on GCC_PLUGIN_RANDSTRUCT
	134	depends on !COMPILE_TEST # do not reduce test coverage
	135	help
	136	If you say Y here, the RANDSTRUCT randomization will make a
	137	best effort at restricting randomization to cacheline-sized
	138	groups of elements. It will further not randomize bitfields
	139	in structures. This reduces the performance hit of RANDSTRUCT
	140	at the cost of weakened randomization.
	141
	142	endif