From: Emese Revfy <re.emese@gmail.com>
To: Michal Marek <mmarek@suse.com>
Cc: linux-kbuild@vger.kernel.org, pageexec@freemail.hu,
spender@grsecurity.net, kernel-hardening@lists.openwall.com,
keescook@chromium.org
Subject: [kernel-hardening] Re: [PATCH 1/3] GCC plugin infrastructure
Date: Mon, 8 Feb 2016 22:31:23 +0100 [thread overview]
Message-ID: <20160208223123.dae6ad74cde807f3c721f580@gmail.com> (raw)
In-Reply-To: <56B8FA5D.20104@suse.com>
On Mon, 8 Feb 2016 21:28:13 +0100
Michal Marek <mmarek@suse.com> wrote:
> Dne 7.2.2016 v 22:28 Emese Revfy napsal(a):
> > This patch allows to build the whole kernel with GCC plugins. It was ported from
> > grsecurity/PaX. The infrastructure supports building out-of-tree modules and
> > building in a separate directory. Cross-compilation is supported too but
> > currently only the x86 architecture enables plugins.
> >
> > The directory of the gcc plugins is tools/gcc. You can use a file or a directory
> > there. The plugins compile with these options:
> > * -fno-rtti: gcc is compiled with this option so the plugins must use it too
> > * -fno-exceptions: this is inherited from gcc too
> > * -fasynchronous-unwind-tables: this is inherited from gcc too
> > * -ggdb: it is useful for debugging a plugin (better backtrace on internal
> > errors)
> > * -Wno-narrowing: to suppress warnings from gcc headers (ipa-utils.h)
> > * -Wno-unused-variable: to suppress warnings from gcc headers (gcc_version
> > variable, plugin-version.h)
> >
> > The infrastructure introduces a new Makefile target called gcc-plugins. It
> > supports all gcc versions from 4.5 to 6.0. The scripts/gcc-plugin.sh script
> > chooses the proper host compiler (gcc-4.7 can be built by either gcc or g++).
> > This script also checks the availability of the included headers in
> > tools/gcc/gcc-common.h.
> >
> > The gcc-common.h header contains frequently included headers for GCC plugins
> > and it has a compatibility layer for the supported gcc versions.
>
> The changelog is missing an explanation as to why this needs to be part
> of the kernel build system. To me it looks like building the kernel with
> a modified build system and non-default compiler flags, which can be
> achieved by doing make CC=my-gcc-wrapper or somesuch. But I'd love to be
> corrected.
These compiler options compile the gcc plugins not the kernel. The new gcc option
used for building the kernel is the -fplugin option.
--
Emese
next prev parent reply other threads:[~2016-02-08 21:31 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-07 21:27 [kernel-hardening] [PATCH 0/3] Introduce GCC plugin infrastructure Emese Revfy
2016-02-07 21:28 ` [kernel-hardening] [PATCH 1/3] " Emese Revfy
2016-02-08 20:28 ` [kernel-hardening] " Michal Marek
2016-02-08 21:31 ` Emese Revfy [this message]
2016-02-07 21:31 ` [kernel-hardening] [PATCH 2/3] Add Cyclomatic complexity GCC plugin Emese Revfy
2016-02-07 23:05 ` [kernel-hardening] " Rasmus Villemoes
2016-02-08 21:20 ` Emese Revfy
2016-02-09 4:23 ` Kees Cook
2016-02-09 18:55 ` Emese Revfy
2016-02-07 21:32 ` [kernel-hardening] [PATCH 3/3] Documentation for the GCC plugin infrastructure Emese Revfy
2016-02-09 4:27 ` [kernel-hardening] " Kees Cook
2016-02-09 19:14 ` Emese Revfy
-- strict thread matches above, loose matches on Subject: below --
2016-02-09 4:20 [kernel-hardening] Re: [PATCH 1/3] " Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160208223123.dae6ad74cde807f3c721f580@gmail.com \
--to=re.emese@gmail.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kbuild@vger.kernel.org \
--cc=mmarek@suse.com \
--cc=pageexec@freemail.hu \
--cc=spender@grsecurity.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).