Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/scripts/gcc-plugins/Kconfig 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) # SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) config HAVE_GCC_PLUGINS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3) 	bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4) 	help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5) 	  An arch should select this symbol if it supports building with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6) 	  GCC plugins.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8) menuconfig GCC_PLUGINS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9) 	bool "GCC plugins"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10) 	depends on HAVE_GCC_PLUGINS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) 	depends on CC_IS_GCC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) 	depends on $(success,test -e $(shell,$(CC) -print-file-name=plugin)/include/plugin-version.h)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) 	default y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) 	help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) 	  GCC plugins are loadable modules that provide extra features to the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) 	  compiler. They are useful for runtime instrumentation and static analysis.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) 	  See Documentation/kbuild/gcc-plugins.rst for details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) if GCC_PLUGINS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) config GCC_PLUGIN_CYC_COMPLEXITY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) 	bool "Compute the cyclomatic complexity of a function" if EXPERT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) 	depends on !COMPILE_TEST	# too noisy
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) 	help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 	  The complexity M of a function's control flow graph is defined as:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) 	   M = E - N + 2P
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 	  where
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 	  E = the number of edges
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 	  N = the number of nodes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 	  P = the number of connected components (exit nodes).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 	  Enabling this plugin reports the complexity to stderr during the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 	  build. It mainly serves as a simple example of how to create a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 	  gcc plugin for the kernel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) config GCC_PLUGIN_SANCOV
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 	bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 	help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 	  This plugin inserts a __sanitizer_cov_trace_pc() call at the start of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 	  basic blocks. It supports all gcc versions with plugin support (from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 	  gcc-4.5 on). It is based on the commit "Add fuzzing coverage support"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 	  by Dmitry Vyukov <dvyukov@google.com>.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) config GCC_PLUGIN_LATENT_ENTROPY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 	bool "Generate some entropy during boot and runtime"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 	help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 	  By saying Y here the kernel will instrument some kernel code to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 	  extract some entropy from both original and artificially created
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 	  program state.  This will help especially embedded systems where
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 	  there is little 'natural' source of entropy normally.  The cost
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 	  is some slowdown of the boot process (about 0.5%) and fork and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 	  irq processing.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 	  Note that entropy extracted this way is not cryptographically
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 	  secure!
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 	  This plugin was ported from grsecurity/PaX. More information at:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 	   * https://grsecurity.net/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 	   * https://pax.grsecurity.net/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) config GCC_PLUGIN_RANDSTRUCT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 	bool "Randomize layout of sensitive kernel structures"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 	select MODVERSIONS if MODULES
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 	help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 	  If you say Y here, the layouts of structures that are entirely
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 	  function pointers (and have not been manually annotated with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 	  __no_randomize_layout), or structures that have been explicitly
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 	  marked with __randomize_layout, will be randomized at compile-time.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 	  This can introduce the requirement of an additional information
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	  exposure vulnerability for exploits targeting these structure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 	  types.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 	  Enabling this feature will introduce some performance impact,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 	  slightly increase memory usage, and prevent the use of forensic
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 	  tools like Volatility against the system (unless the kernel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 	  source tree isn't cleaned after kernel installation).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 	  The seed used for compilation is located at
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 	  scripts/gcc-plugins/randomize_layout_seed.h.  It remains after
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 	  a make clean to allow for external modules to be compiled with
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 	  the existing seed and will be removed by a make mrproper or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 	  make distclean.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 	  Note that the implementation requires gcc 4.7 or newer.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 	  This plugin was ported from grsecurity/PaX. More information at:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 	   * https://grsecurity.net/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 	   * https://pax.grsecurity.net/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) config GCC_PLUGIN_RANDSTRUCT_PERFORMANCE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 	bool "Use cacheline-aware structure randomization"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 	depends on GCC_PLUGIN_RANDSTRUCT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 	depends on !COMPILE_TEST	# do not reduce test coverage
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 	help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 	  If you say Y here, the RANDSTRUCT randomization will make a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	  best effort at restricting randomization to cacheline-sized
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 	  groups of elements.  It will further not randomize bitfields
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 	  in structures.  This reduces the performance hit of RANDSTRUCT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 	  at the cost of weakened randomization.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) config GCC_PLUGIN_ARM_SSP_PER_TASK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 	bool
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 	depends on GCC_PLUGINS && ARM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) endif
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.