linux-toradex.git/scripts/gcc-plugins, branch v6.11-rc5 Linux kernel for Apalis and Colibri modules gcc-plugins: randstruct: Remove GCC 4.7 or newer requirement 2024-08-05T21:34:23+00:00 Thorsten Blum thorsten.blum@toblux.com 2024-07-23T16:53:31+00:00 f32e90c0688a3d1f8079ac18ed39b752d22e92bd Since the kernel currently requires GCC 5.1 as a minimum, remove the unnecessary GCC version >= 4.7 check. Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com> Link: https://lore.kernel.org/r/20240723165332.1947-1-thorsten.blum@toblux.com Signed-off-by: Kees Cook <kees@kernel.org> 
Since the kernel currently requires GCC 5.1 as a minimum, remove the
unnecessary GCC version >= 4.7 check.

Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com>
Link: https://lore.kernel.org/r/20240723165332.1947-1-thorsten.blum@toblux.com
Signed-off-by: Kees Cook <kees@kernel.org>
gcc-plugins: Remove duplicate included header file stringpool.h 2024-07-08T19:20:32+00:00 Thorsten Blum thorsten.blum@toblux.com 2024-06-29T23:36:09+00:00 18c18b1ff6c648ea62571554dfd698110757f894 The header file stringpool.h is included for GCC version >= 8 and then again for all versions. Since the header file stringpool.h was added in GCC 4.9 and the kernel currently requires GCC 5.1 as a minimum, remove the conditional include. Including the header file only once removes the following warning reported by make includecheck: stringpool.h is included more than once However, it's important to include stringpool.h before attribs.h because attribs.h uses some of its functions. Compile-tested with GCC 14. Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com> Link: https://lore.kernel.org/r/20240629233608.278028-2-thorsten.blum@toblux.com Signed-off-by: Kees Cook <kees@kernel.org> 
The header file stringpool.h is included for GCC version >= 8 and then
again for all versions.

Since the header file stringpool.h was added in GCC 4.9 and the kernel
currently requires GCC 5.1 as a minimum, remove the conditional include.

Including the header file only once removes the following warning
reported by make includecheck:

  stringpool.h is included more than once

However, it's important to include stringpool.h before attribs.h
because attribs.h uses some of its functions.

Compile-tested with GCC 14.

Signed-off-by: Thorsten Blum <thorsten.blum@toblux.com>
Link: https://lore.kernel.org/r/20240629233608.278028-2-thorsten.blum@toblux.com
Signed-off-by: Kees Cook <kees@kernel.org>
gcc-plugins/stackleak: Avoid .head.text section 2024-04-03T21:35:49+00:00 Ard Biesheuvel ardb@kernel.org 2024-03-28T06:42:57+00:00 e7d24c0aa8e678f41457d1304e2091cac6fd1a2e The .head.text section carries the startup code that runs with the MMU off or with a translation of memory that deviates from the ordinary one. So avoid instrumentation with the stackleak plugin, which already avoids .init.text and .noinstr.text entirely. Fixes: 48204aba801f1b51 ("x86/sme: Move early SME kernel encryption handling into .head.text") Reported-by: kernel test robot <oliver.sang@intel.com> Closes: https://lore.kernel.org/oe-lkp/202403221630.2692c998-oliver.sang@intel.com Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Link: https://lore.kernel.org/r/20240328064256.2358634-2-ardb+git@google.com Signed-off-by: Kees Cook <keescook@chromium.org> 
The .head.text section carries the startup code that runs with the MMU
off or with a translation of memory that deviates from the ordinary one.
So avoid instrumentation with the stackleak plugin, which already avoids
.init.text and .noinstr.text entirely.

Fixes: 48204aba801f1b51 ("x86/sme: Move early SME kernel encryption handling into .head.text")
Reported-by: kernel test robot <oliver.sang@intel.com>
Closes: https://lore.kernel.org/oe-lkp/202403221630.2692c998-oliver.sang@intel.com
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Link: https://lore.kernel.org/r/20240328064256.2358634-2-ardb+git@google.com
Signed-off-by: Kees Cook <keescook@chromium.org>
gcc-plugins: randstruct: Update code comment in relayout_struct() 2023-11-28T00:30:05+00:00 Gustavo A. R. Silva gustavoars@kernel.org 2023-11-25T21:49:12+00:00 d71f22365a9caca82d424f3a33445de46567e198 Update code comment to clarify that the only element whose layout is not randomized is a proper C99 flexible-array member. This update is complementary to commit 1ee60356c2dc ("gcc-plugins: randstruct: Only warn about true flexible arrays") Signed-off-by: "Gustavo A. R. Silva" <gustavoars@kernel.org> Link: https://lore.kernel.org/r/ZWJr2MWDjXLHE8ap@work Fixes: 1ee60356c2dc ("gcc-plugins: randstruct: Only warn about true flexible arrays") Signed-off-by: Kees Cook <keescook@chromium.org> 
Update code comment to clarify that the only element whose layout is
not randomized is a proper C99 flexible-array member. This update is
complementary to commit 1ee60356c2dc ("gcc-plugins: randstruct: Only
warn about true flexible arrays")

Signed-off-by: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/ZWJr2MWDjXLHE8ap@work
Fixes: 1ee60356c2dc ("gcc-plugins: randstruct: Only warn about true flexible arrays")
Signed-off-by: Kees Cook <keescook@chromium.org>
gcc-plugins: latent_entropy: Fix typo (args -> argc) in plugin description 2023-11-14T17:32:47+00:00 Konstantin Runov runebone1@gmail.com 2023-10-30T09:45:08+00:00 782ce431613cf08c3a00dca42ad925c3b1108d09 Fix the typo in the plugin description comment. Clearly, "argc" should be used. Signed-off-by: Konstantin Runov <runebone1@gmail.com> Link: https://lore.kernel.org/r/20231030094508.245432-1-runebone1@gmail.com Signed-off-by: Kees Cook <keescook@chromium.org> 
Fix the typo in the plugin description comment. Clearly, "argc" should
be used.

Signed-off-by: Konstantin Runov <runebone1@gmail.com>
Link: https://lore.kernel.org/r/20231030094508.245432-1-runebone1@gmail.com
Signed-off-by: Kees Cook <keescook@chromium.org>
gcc-plugins: randstruct: Only warn about true flexible arrays 2023-11-08T22:18:57+00:00 Kees Cook keescook@chromium.org 2023-11-04T20:43:37+00:00 1ee60356c2dca938362528404af95b8ef3e49b6a The randstruct GCC plugin tried to discover "fake" flexible arrays to issue warnings about them in randomized structs. In the future LSM overhead reduction series, it would be legal to have a randomized struct with a 1-element array, and this should _not_ be treated as a flexible array, especially since commit df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3"). Disable the 0-sized and 1-element array discovery logic in the plugin, but keep the "true" flexible array check. Cc: KP Singh <kpsingh@kernel.org> Cc: linux-hardening@vger.kernel.org Reported-by: kernel test robot <lkp@intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202311021532.iBwuZUZ0-lkp@intel.com/ Fixes: df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3") Reviewed-by: Bill Wendling <morbo@google.com> Acked-by: "Gustavo A. R. Silva" <gustavoars@kernel.org> Link: https://lore.kernel.org/r/20231104204334.work.160-kees@kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> 
The randstruct GCC plugin tried to discover "fake" flexible arrays
to issue warnings about them in randomized structs. In the future
LSM overhead reduction series, it would be legal to have a randomized
struct with a 1-element array, and this should _not_ be treated as a
flexible array, especially since commit df8fc4e934c1 ("kbuild: Enable
-fstrict-flex-arrays=3"). Disable the 0-sized and 1-element array
discovery logic in the plugin, but keep the "true" flexible array check.

Cc: KP Singh <kpsingh@kernel.org>
Cc: linux-hardening@vger.kernel.org
Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202311021532.iBwuZUZ0-lkp@intel.com/
Fixes: df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3")
Reviewed-by: Bill Wendling <morbo@google.com>
Acked-by: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/20231104204334.work.160-kees@kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
randstruct: Fix gcc-plugin performance mode to stay in group 2023-10-09T05:46:05+00:00 Kees Cook keescook@chromium.org 2023-10-07T04:09:28+00:00 381fdb73d1e2a48244de7260550e453d1003bb8e The performance mode of the gcc-plugin randstruct was shuffling struct members outside of the cache-line groups. Limit the range to the specified group indexes. Cc: linux-hardening@vger.kernel.org Cc: stable@vger.kernel.org Reported-by: Lukas Loidolt <e1634039@student.tuwien.ac.at> Closes: https://lore.kernel.org/all/f3ca77f0-e414-4065-83a5-ae4c4d25545d@student.tuwien.ac.at Fixes: 313dd1b62921 ("gcc-plugins: Add the randstruct plugin") Signed-off-by: Kees Cook <keescook@chromium.org> 
The performance mode of the gcc-plugin randstruct was shuffling struct
members outside of the cache-line groups. Limit the range to the
specified group indexes.

Cc: linux-hardening@vger.kernel.org
Cc: stable@vger.kernel.org
Reported-by: Lukas Loidolt <e1634039@student.tuwien.ac.at>
Closes: https://lore.kernel.org/all/f3ca77f0-e414-4065-83a5-ae4c4d25545d@student.tuwien.ac.at
Fixes: 313dd1b62921 ("gcc-plugins: Add the randstruct plugin")
Signed-off-by: Kees Cook <keescook@chromium.org>
gcc-plugins: Rename last_stmt() for GCC 14+ 2023-08-11T06:10:09+00:00 Kees Cook keescook@chromium.org 2023-08-07T16:41:19+00:00 2e3f65ccfe6b0778b261ad69c9603ae85f210334 In GCC 14, last_stmt() was renamed to last_nondebug_stmt(). Add a helper macro to handle the renaming. Cc: linux-hardening@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> 
In GCC 14, last_stmt() was renamed to last_nondebug_stmt(). Add a helper
macro to handle the renaming.

Cc: linux-hardening@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Merge branch 'for-linus/hardening' into for-next/hardening 2023-02-02T18:43:28+00:00 Kees Cook keescook@chromium.org 2023-02-02T18:43:28+00:00 5c0f220e1b2d349b6241375e19887b5c865a84a1 






gcc-plugins: drop -std=gnu++11 to fix GCC 13 build
2023-02-02T16:31:23+00:00

Sam James
sam@gentoo.org

2023-02-01T23:00:09+00:00

5a6b64adc18d9adfb497a529ff004d59b6df151f

The latest GCC 13 snapshot (13.0.1 20230129) gives the following:
```
cc1: error: cannot load plugin ./scripts/gcc-plugins/randomize_layout_plugin.so
 :./scripts/gcc-plugins/randomize_layout_plugin.so: undefined symbol: tree_code_type
```

This ends up being because of https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=b0241ce6e37031
upstream in GCC which changes the visibility of some types used by the kernel's
plugin infrastructure like tree_code_type.

After discussion with the GCC folks, we found that the kernel needs to be building
plugins with the same flags used to build GCC - and GCC defaults to gnu++17
right now. The minimum GCC version needed to build the kernel is GCC 5.1
and GCC 5.1 already defaults to gnu++14 anyway, so just drop the flag, as
all GCCs that could be used to build GCC already default to an acceptable
version which was >= the version we forced via flags until now.

Bug: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108634
Signed-off-by: Sam James <sam@gentoo.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20230201230009.2252783-1-sam@gentoo.org





The latest GCC 13 snapshot (13.0.1 20230129) gives the following:
```
cc1: error: cannot load plugin ./scripts/gcc-plugins/randomize_layout_plugin.so
 :./scripts/gcc-plugins/randomize_layout_plugin.so: undefined symbol: tree_code_type
```

This ends up being because of https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=b0241ce6e37031
upstream in GCC which changes the visibility of some types used by the kernel's
plugin infrastructure like tree_code_type.

After discussion with the GCC folks, we found that the kernel needs to be building
plugins with the same flags used to build GCC - and GCC defaults to gnu++17
right now. The minimum GCC version needed to build the kernel is GCC 5.1
and GCC 5.1 already defaults to gnu++14 anyway, so just drop the flag, as
all GCCs that could be used to build GCC already default to an acceptable
version which was >= the version we forced via flags until now.

Bug: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108634
Signed-off-by: Sam James <sam@gentoo.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20230201230009.2252783-1-sam@gentoo.org