Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 8 Feb 2016 22:31:23 +0100
From: Emese Revfy <re.emese@...il.com>
To: Michal Marek <mmarek@...e.com>
Cc: linux-kbuild@...r.kernel.org, pageexec@...email.hu,
 spender@...ecurity.net, kernel-hardening@...ts.openwall.com,
 keescook@...omium.org
Subject: Re: [PATCH 1/3] GCC plugin infrastructure

On Mon, 8 Feb 2016 21:28:13 +0100
Michal Marek <mmarek@...e.com> wrote:

> Dne 7.2.2016 v 22:28 Emese Revfy napsal(a):
> > This patch allows to build the whole kernel with GCC plugins. It was ported from
> > grsecurity/PaX. The infrastructure supports building out-of-tree modules and
> > building in a separate directory. Cross-compilation is supported too but
> > currently only the x86 architecture enables plugins.
> > 
> > The directory of the gcc plugins is tools/gcc. You can use a file or a directory
> > there. The plugins compile with these options:
> >  * -fno-rtti: gcc is compiled with this option so the plugins must use it too
> >  * -fno-exceptions: this is inherited from gcc too
> >  * -fasynchronous-unwind-tables: this is inherited from gcc too
> >  * -ggdb: it is useful for debugging a plugin (better backtrace on internal
> >     errors)
> >  * -Wno-narrowing: to suppress warnings from gcc headers (ipa-utils.h)
> >  * -Wno-unused-variable: to suppress warnings from gcc headers (gcc_version
> >     variable, plugin-version.h)
> > 
> > The infrastructure introduces a new Makefile target called gcc-plugins. It
> > supports all gcc versions from 4.5 to 6.0. The scripts/gcc-plugin.sh script
> > chooses the proper host compiler (gcc-4.7 can be built by either gcc or g++).
> > This script also checks the availability of the included headers in
> > tools/gcc/gcc-common.h.
> > 
> > The gcc-common.h header contains frequently included headers for GCC plugins
> > and it has a compatibility layer for the supported gcc versions.
> 
> The changelog is missing an explanation as to why this needs to be part
> of the kernel build system. To me it looks like building the kernel with
> a modified build system and non-default compiler flags, which can be
> achieved by doing make CC=my-gcc-wrapper or somesuch. But I'd love to be
> corrected.

These compiler options compile the gcc plugins not the kernel. The new gcc option
used for building the kernel is the -fplugin option.

-- 
Emese

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.