Merge tag 'hardening-v6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux (a5ba183b) · Commits · git / linux-nf

Documentation/kbuild/kconfig-language.rst

+32 −0

Original line number	Diff line number	Diff line
		@@ -232,6 +232,38 @@ applicable everywhere (see syntax).
		enables the third modular state for all config symbols.
		At most one symbol may have the "modules" option set.

		- transitional attribute: "transitional"
		This declares the symbol as transitional, meaning it should be processed
		during configuration but omitted from newly written .config files.
		Transitional symbols are useful for backward compatibility during config
		option migrations - they allow olddefconfig to process existing .config
		files while ensuring the old option doesn't appear in new configurations.

		A transitional symbol:
		- Has no prompt (is not visible to users in menus)
		- Is processed normally during configuration (values are read and used)
		- Can be referenced in default expressions of other symbols
		- Is not written to new .config files
		- Cannot have any other properties (it is a pass-through option)

		Example migration from OLD_NAME to NEW_NAME::

		config NEW_NAME
		bool "New option name"
		default OLD_NAME
		help
		This replaces the old CONFIG_OLD_NAME option.

		config OLD_NAME
		bool
		transitional
		help
		Transitional config for OLD_NAME to NEW_NAME migration.

		With this setup, existing .config files with "CONFIG_OLD_NAME=y" will
		result in "CONFIG_NEW_NAME=y" being set, while CONFIG_OLD_NAME will be
		omitted from newly written .config files.

		Menu dependencies
		-----------------

Makefile

+1 −1

Original line number	Diff line number	Diff line
		@@ -1020,7 +1020,7 @@ KBUILD_AFLAGS += -fno-lto
		export CC_FLAGS_LTO
		endif

		ifdef CONFIG_CFI_CLANG
		ifdef CONFIG_CFI
		CC_FLAGS_CFI := -fsanitize=kcfi
		ifdef CONFIG_CFI_ICALL_NORMALIZE_INTEGERS
		CC_FLAGS_CFI += -fsanitize-cfi-icall-experimental-normalize-integers

arch/Kconfig

+23 −13

Original line number	Diff line number	Diff line
		@@ -867,22 +867,26 @@ config PROPELLER_CLANG

		If unsure, say N.

		config ARCH_SUPPORTS_CFI_CLANG
		config ARCH_SUPPORTS_CFI
		bool
		help
		An architecture should select this option if it can support Clang's
		Control-Flow Integrity (CFI) checking.
		An architecture should select this option if it can support Kernel
		Control-Flow Integrity (CFI) checking (-fsanitize=kcfi).

		config ARCH_USES_CFI_TRAPS
		bool
		help
		An architecture should select this option if it requires the
		.kcfi_traps section for KCFI trap handling.

		config CFI_CLANG
		bool "Use Clang's Control Flow Integrity (CFI)"
		depends on ARCH_SUPPORTS_CFI_CLANG
		config CFI
		bool "Use Kernel Control Flow Integrity (kCFI)"
		default CFI_CLANG
		depends on ARCH_SUPPORTS_CFI
		depends on $(cc-option,-fsanitize=kcfi)
		help
		This option enables Clang's forward-edge Control Flow Integrity
		(CFI) checking, where the compiler injects a runtime check to each
		This option enables forward-edge Control Flow Integrity (CFI)
		checking, where the compiler injects a runtime check to each
		indirect function call to ensure the target is a valid function with
		the correct static type. This restricts possible call targets and
		makes it more difficult for an attacker to exploit bugs that allow
		@@ -891,10 +895,16 @@ config CFI_CLANG

		https://clang.llvm.org/docs/ControlFlowIntegrity.html

		config CFI_CLANG
		bool
		transitional
		help
		Transitional config for CFI_CLANG to CFI migration.

		config CFI_ICALL_NORMALIZE_INTEGERS
		bool "Normalize CFI tags for integers"
		depends on CFI_CLANG
		depends on HAVE_CFI_ICALL_NORMALIZE_INTEGERS_CLANG
		depends on CFI
		depends on HAVE_CFI_ICALL_NORMALIZE_INTEGERS
		help
		This option normalizes the CFI tags for integer types so that all
		integer types of the same size and signedness receive the same CFI
		@@ -907,7 +917,7 @@ config CFI_ICALL_NORMALIZE_INTEGERS

		This option is necessary for using CFI with Rust. If unsure, say N.

		config HAVE_CFI_ICALL_NORMALIZE_INTEGERS_CLANG
		config HAVE_CFI_ICALL_NORMALIZE_INTEGERS
		def_bool y
		depends on $(cc-option,-fsanitize=kcfi -fsanitize-cfi-icall-experimental-normalize-integers)
		# With GCOV/KASAN we need this fix: https://github.com/llvm/llvm-project/pull/104826
		@@ -915,7 +925,7 @@ config HAVE_CFI_ICALL_NORMALIZE_INTEGERS_CLANG

		config HAVE_CFI_ICALL_NORMALIZE_INTEGERS_RUSTC
		def_bool y
		depends on HAVE_CFI_ICALL_NORMALIZE_INTEGERS_CLANG
		depends on HAVE_CFI_ICALL_NORMALIZE_INTEGERS
		depends on RUSTC_VERSION >= 107900
		# With GCOV/KASAN we need this fix: https://github.com/rust-lang/rust/pull/129373
		depends on (RUSTC_LLVM_VERSION >= 190103 && RUSTC_VERSION >= 108200) \|\| \
		@@ -923,7 +933,7 @@ config HAVE_CFI_ICALL_NORMALIZE_INTEGERS_RUSTC

		config CFI_PERMISSIVE
		bool "Use CFI in permissive mode"
		depends on CFI_CLANG
		depends on CFI
		help
		When selected, Control Flow Integrity (CFI) violations result in a
		warning instead of a kernel panic. This option should only be used

arch/arm/Kconfig

+1 −1

Original line number	Diff line number	Diff line
		@@ -38,7 +38,7 @@ config ARM
		select ARCH_OPTIONAL_KERNEL_RWX_DEFAULT if CPU_V7
		select ARCH_NEED_CMPXCHG_1_EMU if CPU_V6
		select ARCH_SUPPORTS_ATOMIC_RMW
		select ARCH_SUPPORTS_CFI_CLANG
		select ARCH_SUPPORTS_CFI
		select ARCH_SUPPORTS_HUGETLBFS if ARM_LPAE
		select ARCH_SUPPORTS_PER_VMA_LOCK
		select ARCH_USE_BUILTIN_BSWAP

arch/arm/kernel/hw_breakpoint.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -904,7 +904,7 @@ static void breakpoint_handler(unsigned long unknown, struct pt_regs *regs)
		watchpoint_single_step_handler(addr);
		}

		#ifdef CONFIG_CFI_CLANG
		#ifdef CONFIG_CFI
		static void hw_breakpoint_cfi_handler(struct pt_regs *regs)
		{
		/*