[PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST"

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Kees Cook <kees@kernel.org>
To: Arnd Bergmann <arnd@arndb.de>
Cc: "Kees Cook" <kees@kernel.org>,
	"Dr. David Alan Gilbert" <linux@treblig.org>,
	"Mark Brown" <broonie@kernel.org>,
	WangYuli <wangyuli@uniontech.com>,
	"Mickaël Salaün" <mic@digikod.net>,
	"Günther Noack" <gnoack@google.com>,
	"Bill Wendling" <morbo@google.com>,
	"Andrew Morton" <akpm@linux-foundation.org>,
	"Nathan Chancellor" <nathan@kernel.org>,
	"Nick Desaulniers" <nick.desaulniers+lkml@gmail.com>,
	"Justin Stitt" <justinstitt@google.com>,
	"Petr Mladek" <pmladek@suse.com>,
	"David Gow" <davidgow@google.com>, "Rae Moar" <rmoar@google.com>,
	"Tamir Duberstein" <tamird@gmail.com>,
	"Diego Vieira" <diego.daniel.professional@gmail.com>,
	"Luis Chamberlain" <mcgrof@kernel.org>,
	"Gustavo A. R. Silva" <gustavoars@kernel.org>,
	"Paul Moore" <paul@paul-moore.com>,
	"James Morris" <jmorris@namei.org>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	linux-kernel@vger.kernel.org, llvm@lists.linux.dev,
	linux-hardening@vger.kernel.org,
	linux-security-module@vger.kernel.org
Subject: [PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST"
Date: Sat, 26 Apr 2025 18:38:35 -0700	[thread overview]
Message-ID: <20250427013836.877214-3-kees@kernel.org> (raw)
In-Reply-To: <20250427013604.work.926-kees@kernel.org>

This reverts commit f5c68a4e84f9feca3be578199ec648b676db2030.

It is again possible to build "allmodconfig" with the randstruct GCC
plugin, so enable it for COMPILE_TEST to catch future bugs.

Signed-off-by: Kees Cook <kees@kernel.org>
---
 security/Kconfig.hardening | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening
index 3fe9d7b945c4..c17366ce8224 100644
--- a/security/Kconfig.hardening
+++ b/security/Kconfig.hardening
@@ -344,7 +344,7 @@ config CC_HAS_RANDSTRUCT
 
 choice
 	prompt "Randomize layout of sensitive kernel structures"
-	default RANDSTRUCT_FULL if COMPILE_TEST && CC_HAS_RANDSTRUCT
+	default RANDSTRUCT_FULL if COMPILE_TEST && (GCC_PLUGINS || CC_HAS_RANDSTRUCT)
 	default RANDSTRUCT_NONE
 	help
 	  If you enable this, the layouts of structures that are entirely
-- 
2.34.1

next prev parent reply	other threads:[~2025-04-27  1:38 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-04-27  1:38 [PATCH 0/3] randstruct: gcc-plugin: Remove bogus void member Kees Cook
2025-04-27  1:38 ` [PATCH 1/3] " Kees Cook
2025-04-27  1:38 ` [PATCH 2/3] lib/tests: Add randstruct KUnit test Kees Cook
2025-04-27  3:47   ` kernel test robot
2025-04-27  3:47   ` kernel test robot
2025-04-30 18:56     ` Kees Cook
2025-04-27  6:04   ` kernel test robot
2025-04-29  7:44   ` David Gow
2025-04-30 18:56     ` Kees Cook
2025-04-27  1:38 ` Kees Cook [this message]
2025-05-30  0:06   ` [PATCH 3/3] Revert "hardening: Disable GCC randstruct for COMPILE_TEST" Thiago Jung Bauermann
2025-05-30  5:12     ` Kees Cook
2025-05-30 19:09       ` Nathan Chancellor
2025-05-30 19:37         ` Kees Cook
2025-05-30 22:31         ` Kees Cook
2025-05-20 15:18 ` [PATCH 0/3] randstruct: gcc-plugin: Remove bogus void member Mickaël Salaün
2025-05-20 16:14   ` Kees Cook

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3fe9d7b945c dfblob:c17366ce822 )
 OR (
bs:"[PATCH 3/3] Revert "
bs:"hardening: Disable GCC randstruct for COMPILE_TEST" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250427013836.877214-3-kees@kernel.org \
    --to=kees@kernel.org \
    --cc=akpm@linux-foundation.org \
    --cc=arnd@arndb.de \
    --cc=broonie@kernel.org \
    --cc=davidgow@google.com \
    --cc=diego.daniel.professional@gmail.com \
    --cc=gnoack@google.com \
    --cc=gustavoars@kernel.org \
    --cc=jmorris@namei.org \
    --cc=justinstitt@google.com \
    --cc=linux-hardening@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=linux@treblig.org \
    --cc=llvm@lists.linux.dev \
    --cc=mcgrof@kernel.org \
    --cc=mic@digikod.net \
    --cc=morbo@google.com \
    --cc=nathan@kernel.org \
    --cc=nick.desaulniers+lkml@gmail.com \
    --cc=paul@paul-moore.com \
    --cc=pmladek@suse.com \
    --cc=rmoar@google.com \
    --cc=serge@hallyn.com \
    --cc=tamird@gmail.com \
    --cc=wangyuli@uniontech.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.