1 files changed, 67 insertions, 0 deletions
diff --git a/arch/Kconfig b/arch/Kconfig
index f1cf895c040f..80bbb8ccd0d1 100644
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -336,6 +336,73 @@ config SECCOMP_FILTER
          See Documentation/prctl/seccomp_filter.txt for details.
+config HAVE_CC_STACKPROTECTOR
+        bool
+        help
+          An arch should select this symbol if:
+          - its compiler supports the -fstack-protector option
+          - it has implemented a stack canary (e.g. __stack_chk_guard)
+config CC_STACKPROTECTOR
+        def_bool n
+        help
+          Set when a stack-protector mode is enabled, so that the build
+          can enable kernel-side support for the GCC feature.
+choice
+        prompt "Stack Protector buffer overflow detection"
+        depends on HAVE_CC_STACKPROTECTOR
+        default CC_STACKPROTECTOR_NONE
+        help
+          This option turns on the "stack-protector" GCC feature. This
+          feature puts, at the beginning of functions, a canary value on
+          the stack just before the return address, and validates
+          the value just before actually returning.  Stack based buffer
+          overflows (that need to overwrite this return address) now also
+          overwrite the canary, which gets detected and the attack is then
+          neutralized via a kernel panic.
+config CC_STACKPROTECTOR_NONE
+        bool "None"
+        help
+          Disable "stack-protector" GCC feature.
+config CC_STACKPROTECTOR_REGULAR
+        bool "Regular"
+        select CC_STACKPROTECTOR
+        help
+          Functions will have the stack-protector canary logic added if they
+          have an 8-byte or larger character array on the stack.
+          This feature requires gcc version 4.2 or above, or a distribution
+          gcc with the feature backported ("-fstack-protector").
+          On an x86 "defconfig" build, this feature adds canary checks to
+          about 3% of all kernel functions, which increases kernel code size
+          by about 0.3%.
+config CC_STACKPROTECTOR_STRONG
+        bool "Strong"
+        select CC_STACKPROTECTOR
+        help
+          Functions will have the stack-protector canary logic added in any
+          of the following conditions:
+          - local variable's address used as part of the right hand side of an
+            assignment or function argument
+          - local variable is an array (or union containing an array),
+            regardless of array type or length
+          - uses register local variables
+          This feature requires gcc version 4.9 or above, or a distribution
+          gcc with the feature backported ("-fstack-protector-strong").
+          On an x86 "defconfig" build, this feature adds canary checks to
+          about 20% of all kernel functions, which increases the kernel code
+          size by about 2%.
+endchoice
 config HAVE_CONTEXT_TRACKING
        bool
        help

diff --git a/arch/Kconfig b/arch/Kconfig index f1cf895c040f..80bbb8ccd0d1 100644 --- a/arch/Kconfig +++ b/arch/Kconfig
@@ -336,6 +336,73 @@ config SECCOMP_FILTER
336		336
337	See Documentation/prctl/seccomp_filter.txt for details.	337	See Documentation/prctl/seccomp_filter.txt for details.
338		338
		339	config HAVE_CC_STACKPROTECTOR
		340	bool
		341	help
		342	An arch should select this symbol if:
		343	- its compiler supports the -fstack-protector option
		344	- it has implemented a stack canary (e.g. __stack_chk_guard)
		345
		346	config CC_STACKPROTECTOR
		347	def_bool n
		348	help
		349	Set when a stack-protector mode is enabled, so that the build
		350	can enable kernel-side support for the GCC feature.
		351
		352	choice
		353	prompt "Stack Protector buffer overflow detection"
		354	depends on HAVE_CC_STACKPROTECTOR
		355	default CC_STACKPROTECTOR_NONE
		356	help
		357	This option turns on the "stack-protector" GCC feature. This
		358	feature puts, at the beginning of functions, a canary value on
		359	the stack just before the return address, and validates
		360	the value just before actually returning. Stack based buffer
		361	overflows (that need to overwrite this return address) now also
		362	overwrite the canary, which gets detected and the attack is then
		363	neutralized via a kernel panic.
		364
		365	config CC_STACKPROTECTOR_NONE
		366	bool "None"
		367	help
		368	Disable "stack-protector" GCC feature.
		369
		370	config CC_STACKPROTECTOR_REGULAR
		371	bool "Regular"
		372	select CC_STACKPROTECTOR
		373	help
		374	Functions will have the stack-protector canary logic added if they
		375	have an 8-byte or larger character array on the stack.
		376
		377	This feature requires gcc version 4.2 or above, or a distribution
		378	gcc with the feature backported ("-fstack-protector").
		379
		380	On an x86 "defconfig" build, this feature adds canary checks to
		381	about 3% of all kernel functions, which increases kernel code size
		382	by about 0.3%.
		383
		384	config CC_STACKPROTECTOR_STRONG
		385	bool "Strong"
		386	select CC_STACKPROTECTOR
		387	help
		388	Functions will have the stack-protector canary logic added in any
		389	of the following conditions:
		390
		391	- local variable's address used as part of the right hand side of an
		392	assignment or function argument
		393	- local variable is an array (or union containing an array),
		394	regardless of array type or length
		395	- uses register local variables
		396
		397	This feature requires gcc version 4.9 or above, or a distribution
		398	gcc with the feature backported ("-fstack-protector-strong").
		399
		400	On an x86 "defconfig" build, this feature adds canary checks to
		401	about 20% of all kernel functions, which increases the kernel code
		402	size by about 2%.
		403
		404	endchoice
		405
339	config HAVE_CONTEXT_TRACKING	406	config HAVE_CONTEXT_TRACKING
340	bool	407	bool
341	help	408	help