[PATCH v3 0/3] Refactor memory initialization hardening

From: Kees Cook
Date: Tue Apr 23 2019 - 15:49:34 EST

Next message: Kees Cook: "[PATCH v3 1/3] security: Create "kernel hardening" config area"
Previous message: Mauro Carvalho Chehab: "Re: [PATCH v2 31/79] docs: s390: convert docs to ReST and rename to *.rst"
Next in thread: Kees Cook: "[PATCH v3 1/3] security: Create "kernel hardening" config area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This refactors the stack memory initialization configs in order to
keep things together when adding Clang stack initialization, and in
preparation for future heap memory initialization configs.

I intend to carry this in the gcc-plugins tree, but I'd really like
to get Acks from Masahiro (Kconfig changes, Makefile change), and
from James (adding the new Kconfig.hardening to security/Kconfig).

Thanks!

-Kees

v3:
- clean up menu/if with a merged "depends on" (masahiro)
- add CONFIG_COMPILE_TEST defaults (masahiro)

v2:
- add plugin menu (masahiro)
- adjust patch subject prefixes (masahiro)
- drop redundent "depends" (masahiro)
- fixed early use of CC_HAS_AUTO_VAR_INIT (masahiro)
- dropped default-enabled for STACK_INIT_ALL (masahiro)

Kees Cook (3):
security: Create "kernel hardening" config area
security: Move stackleak config to Kconfig.hardening
security: Implement Clang's stack initialization

Makefile | 5 ++
scripts/gcc-plugins/Kconfig | 126 ++-------------------------
security/Kconfig | 2 +
security/Kconfig.hardening | 164 ++++++++++++++++++++++++++++++++++++
4 files changed, 177 insertions(+), 120 deletions(-)
create mode 100644 security/Kconfig.hardening

--
2.17.1

Next message: Kees Cook: "[PATCH v3 1/3] security: Create "kernel hardening" config area"
Previous message: Mauro Carvalho Chehab: "Re: [PATCH v2 31/79] docs: s390: convert docs to ReST and rename to *.rst"
Next in thread: Kees Cook: "[PATCH v3 1/3] security: Create "kernel hardening" config area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]