[PATCH v3 0/3] Detect changed compiler dependencies for full rebuild

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild
@ 2025-05-03 18:46 Kees Cook
  2025-05-03 18:46 ` [PATCH v3 1/3] gcc-plugins: Force full rebuild when plugins change Kees Cook
                   ` (3 more replies)
  0 siblings, 4 replies; 12+ messages in thread
From: Kees Cook @ 2025-05-03 18:46 UTC (permalink / raw)
  To: Masahiro Yamada
  Cc: Kees Cook, Nicolas Schier, Nathan Chancellor, Petr Pavlu,
	Sebastian Andrzej Siewior, Justin Stitt, Marco Elver,
	Andrey Konovalov, Andrey Ryabinin, Nick Desaulniers,
	Bill Wendling, linux-kernel, linux-hardening, linux-kbuild,
	kasan-dev, llvm

 v3: move to include/generated, add touch helper
 v2: https://lore.kernel.org/lkml/20250502224512.it.706-kees@kernel.org/
 v1: https://lore.kernel.org/lkml/20250501193839.work.525-kees@kernel.org/

Hi,

This is my attempt to introduce dependencies that track the various
compiler behaviors that may globally change the build that aren't
represented by either compiler flags nor the compiler version
(CC_VERSION_TEXT). Namely, this is to detect when the contents of a
file the compiler uses changes. We have 3 such situations currently in
the tree:

- If any of the GCC plugins change, we need to rebuild everything that
  was built with them, as they may have changed their behavior and those
  behaviors may need to be synchronized across all translation units.
  (The most obvious of these is the randstruct GCC plugin, but is true
  for most of them.)

- If the randstruct seed itself changes (whether for GCC plugins or
  Clang), the entire tree needs to be rebuilt since the randomization of
  structures may change between compilation units if not.

- If the integer-wrap-ignore.scl file for Clang's integer wrapping
  sanitizer changes, a full rebuild is needed as the coverage for wrapping
  types may have changed, once again cause behavior differences between
  compilation units.

The current solution is to:
- Touch a .h file in include/generated that is updated when the specific
  dependencies change.
  e.g.: randstruct_hash.h depends on randstruct.seed

- Add a conditional -D argument for each separate case
  e.g.: RANDSTRUCT_CFLAGS += -DRANDSTRUCT

- Include the .h file from compiler-version.h through an #ifdef for the define
  e.g.:
  #ifdef RANDSTUCT
  #include <generated/randstruct_hash.h>
  #endif

This means that all targets gain the dependency (via fixdep), but only
when the defines are active, which means they are trivially controlled
by the existing CFLAGS removal mechanisms that are already being used
to turn off each of the above features.

-Kees

Kees Cook (3):
  gcc-plugins: Force full rebuild when plugins change
  randstruct: Force full rebuild when seed changes
  integer-wrap: Force full rebuild when .scl file changes

 include/linux/compiler-version.h | 10 ++++++++++
 include/linux/vermagic.h         |  1 -
 scripts/Makefile.gcc-plugins     |  2 +-
 scripts/Makefile.lib             | 18 ++++++++++++++++++
 scripts/Makefile.ubsan           |  1 +
 scripts/basic/Makefile           |  5 +++++
 scripts/gcc-plugins/Makefile     |  4 ++++
 7 files changed, 39 insertions(+), 2 deletions(-)

-- 
2.34.1


^ permalink raw reply	[flat|nested] 12+ messages in thread

* [PATCH v3 1/3] gcc-plugins: Force full rebuild when plugins change
  2025-05-03 18:46 [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild Kees Cook
@ 2025-05-03 18:46 ` Kees Cook
  2025-05-07 12:01   ` Nicolas Schier
  2025-05-03 18:46 ` [PATCH v3 2/3] randstruct: Force full rebuild when seed changes Kees Cook
                   ` (2 subsequent siblings)
  3 siblings, 1 reply; 12+ messages in thread
From: Kees Cook @ 2025-05-03 18:46 UTC (permalink / raw)
  To: Masahiro Yamada
  Cc: Kees Cook, Nicolas Schier, Nathan Chancellor, linux-hardening,
	linux-kbuild, Petr Pavlu, Sebastian Andrzej Siewior, Justin Stitt,
	Marco Elver, Andrey Konovalov, Andrey Ryabinin, Nick Desaulniers,
	Bill Wendling, linux-kernel, kasan-dev, llvm

There was no dependency between the plugins changing and the rest of the
kernel being built. This could cause strange behaviors as instrumentation
could vary between targets depending on when they were built.

Generate a new header file, gcc-plugins.h, any time the GCC plugins
change. Include the header file in compiler-version.h when its associated
feature name, GCC_PLUGINS, is defined. This will be picked up by fixdep
and force rebuilds where needed.

Add a generic "touch" kbuild command, which will be used again in
a following patch. Add a "normalize_path" string helper to make the
"TOUCH" output less ugly.

Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: Nicolas Schier <nicolas.schier@linux.dev>
Cc: Nathan Chancellor <nathan@kernel.org>
Cc: <linux-hardening@vger.kernel.org>
Cc: <linux-kbuild@vger.kernel.org>
---
 include/linux/compiler-version.h |  4 ++++
 scripts/Makefile.gcc-plugins     |  2 +-
 scripts/Makefile.lib             | 18 ++++++++++++++++++
 scripts/gcc-plugins/Makefile     |  4 ++++
 4 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/include/linux/compiler-version.h b/include/linux/compiler-version.h
index 573fa85b6c0c..74ea11563ce3 100644
--- a/include/linux/compiler-version.h
+++ b/include/linux/compiler-version.h
@@ -12,3 +12,7 @@
  * and add dependency on include/config/CC_VERSION_TEXT, which is touched
  * by Kconfig when the version string from the compiler changes.
  */
+
+#ifdef GCC_PLUGINS
+#include <generated/gcc-plugins.h>
+#endif
diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins
index 5b8a8378ca8a..e50dc931be49 100644
--- a/scripts/Makefile.gcc-plugins
+++ b/scripts/Makefile.gcc-plugins
@@ -38,7 +38,7 @@ export DISABLE_STACKLEAK_PLUGIN
 
 # All the plugin CFLAGS are collected here in case a build target needs to
 # filter them out of the KBUILD_CFLAGS.
-GCC_PLUGINS_CFLAGS := $(strip $(addprefix -fplugin=$(objtree)/scripts/gcc-plugins/, $(gcc-plugin-y)) $(gcc-plugin-cflags-y))
+GCC_PLUGINS_CFLAGS := $(strip $(addprefix -fplugin=$(objtree)/scripts/gcc-plugins/, $(gcc-plugin-y)) $(gcc-plugin-cflags-y)) -DGCC_PLUGINS
 export GCC_PLUGINS_CFLAGS
 
 # Add the flags to the build!
diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
index 2fe73cda0bdd..6fc2a82ee3bb 100644
--- a/scripts/Makefile.lib
+++ b/scripts/Makefile.lib
@@ -296,6 +296,19 @@ $(foreach m, $1, \
 	$(addprefix $(obj)/, $(call suffix-search, $(patsubst $(obj)/%,%,$m), $2, $3))))
 endef
 
+# Remove ".." and "." from a path, without using "realpath"
+# Usage:
+#   $(call normalize_path,path/to/../file)
+define normalize_path
+$(strip $(eval elements :=) \
+$(foreach elem,$(subst /, ,$1), \
+	$(if $(filter-out .,$(elem)), \
+	     $(if $(filter ..,$(elem)), \
+		  $(eval elements := $(wordlist 2,$(words $(elements)),x $(elements))), \
+		  $(eval elements := $(elements) $(elem))))) \
+$(subst $(space),/,$(elements)))
+endef
+
 # Build commands
 # ===========================================================================
 # These are shared by some Makefile.* files.
@@ -343,6 +356,11 @@ quiet_cmd_copy = COPY    $@
 $(obj)/%: $(src)/%_shipped
 	$(call cmd,copy)
 
+# Touch a file
+# ===========================================================================
+quiet_cmd_touch = TOUCH   $(call normalize_path,$@)
+      cmd_touch = touch $@
+
 # Commands useful for building a boot image
 # ===========================================================================
 #
diff --git a/scripts/gcc-plugins/Makefile b/scripts/gcc-plugins/Makefile
index 320afd3cf8e8..05b14aba41ef 100644
--- a/scripts/gcc-plugins/Makefile
+++ b/scripts/gcc-plugins/Makefile
@@ -66,3 +66,7 @@ quiet_cmd_plugin_cxx_o_c = HOSTCXX $@
 
 $(plugin-objs): $(obj)/%.o: $(src)/%.c FORCE
 	$(call if_changed_dep,plugin_cxx_o_c)
+
+$(obj)/../../include/generated/gcc-plugins.h: $(plugin-single) $(plugin-multi) FORCE
+	$(call if_changed,touch)
+always-y += ../../include/generated/gcc-plugins.h
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 12+ messages in thread

* Re: [PATCH v3 1/3] gcc-plugins: Force full rebuild when plugins change
  2025-05-03 18:46 ` [PATCH v3 1/3] gcc-plugins: Force full rebuild when plugins change Kees Cook
@ 2025-05-07 12:01   ` Nicolas Schier
  2025-05-07 12:10     ` Nicolas Schier
  0 siblings, 1 reply; 12+ messages in thread
From: Nicolas Schier @ 2025-05-07 12:01 UTC (permalink / raw)
  To: Kees Cook
  Cc: Masahiro Yamada, Nathan Chancellor, linux-hardening, linux-kbuild,
	Petr Pavlu, Sebastian Andrzej Siewior, Justin Stitt, Marco Elver,
	Andrey Konovalov, Andrey Ryabinin, Nick Desaulniers,
	Bill Wendling, linux-kernel, kasan-dev, llvm

On Sat, 03 May 2025, Kees Cook wrote:

> There was no dependency between the plugins changing and the rest of the
> kernel being built. This could cause strange behaviors as instrumentation
> could vary between targets depending on when they were built.
> 
> Generate a new header file, gcc-plugins.h, any time the GCC plugins
> change. Include the header file in compiler-version.h when its associated
> feature name, GCC_PLUGINS, is defined. This will be picked up by fixdep
> and force rebuilds where needed.
> 
> Add a generic "touch" kbuild command, which will be used again in
> a following patch. Add a "normalize_path" string helper to make the
> "TOUCH" output less ugly.
> 
> Signed-off-by: Kees Cook <kees@kernel.org>
> ---
> Cc: Masahiro Yamada <masahiroy@kernel.org>
> Cc: Nicolas Schier <nicolas.schier@linux.dev>
> Cc: Nathan Chancellor <nathan@kernel.org>
> Cc: <linux-hardening@vger.kernel.org>
> Cc: <linux-kbuild@vger.kernel.org>
> ---
>  include/linux/compiler-version.h |  4 ++++
>  scripts/Makefile.gcc-plugins     |  2 +-
>  scripts/Makefile.lib             | 18 ++++++++++++++++++
>  scripts/gcc-plugins/Makefile     |  4 ++++
>  4 files changed, 27 insertions(+), 1 deletion(-)
> 
> diff --git a/include/linux/compiler-version.h b/include/linux/compiler-version.h
> index 573fa85b6c0c..74ea11563ce3 100644
> --- a/include/linux/compiler-version.h
> +++ b/include/linux/compiler-version.h
> @@ -12,3 +12,7 @@
>   * and add dependency on include/config/CC_VERSION_TEXT, which is touched
>   * by Kconfig when the version string from the compiler changes.
>   */
> +
> +#ifdef GCC_PLUGINS

Out of curiousity:  Why can't we use CONFIG_GCC_PLUGINS here?

> +#include <generated/gcc-plugins.h>
> +#endif
> diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins
> index 5b8a8378ca8a..e50dc931be49 100644
> --- a/scripts/Makefile.gcc-plugins
> +++ b/scripts/Makefile.gcc-plugins
> @@ -38,7 +38,7 @@ export DISABLE_STACKLEAK_PLUGIN
>  
>  # All the plugin CFLAGS are collected here in case a build target needs to
>  # filter them out of the KBUILD_CFLAGS.
> -GCC_PLUGINS_CFLAGS := $(strip $(addprefix -fplugin=$(objtree)/scripts/gcc-plugins/, $(gcc-plugin-y)) $(gcc-plugin-cflags-y))
> +GCC_PLUGINS_CFLAGS := $(strip $(addprefix -fplugin=$(objtree)/scripts/gcc-plugins/, $(gcc-plugin-y)) $(gcc-plugin-cflags-y)) -DGCC_PLUGINS
>  export GCC_PLUGINS_CFLAGS
>  
>  # Add the flags to the build!
> diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
> index 2fe73cda0bdd..6fc2a82ee3bb 100644
> --- a/scripts/Makefile.lib
> +++ b/scripts/Makefile.lib
> @@ -296,6 +296,19 @@ $(foreach m, $1, \
>  	$(addprefix $(obj)/, $(call suffix-search, $(patsubst $(obj)/%,%,$m), $2, $3))))
>  endef
>  
> +# Remove ".." and "." from a path, without using "realpath"
> +# Usage:
> +#   $(call normalize_path,path/to/../file)
> +define normalize_path
> +$(strip $(eval elements :=) \
> +$(foreach elem,$(subst /, ,$1), \
> +	$(if $(filter-out .,$(elem)), \
> +	     $(if $(filter ..,$(elem)), \
> +		  $(eval elements := $(wordlist 2,$(words $(elements)),x $(elements))), \
> +		  $(eval elements := $(elements) $(elem))))) \
> +$(subst $(space),/,$(elements)))
> +endef

Nice :)

> +
>  # Build commands
>  # ===========================================================================
>  # These are shared by some Makefile.* files.
> @@ -343,6 +356,11 @@ quiet_cmd_copy = COPY    $@
>  $(obj)/%: $(src)/%_shipped
>  	$(call cmd,copy)
>  
> +# Touch a file
> +# ===========================================================================
> +quiet_cmd_touch = TOUCH   $(call normalize_path,$@)
> +      cmd_touch = touch $@
> +
>  # Commands useful for building a boot image
>  # ===========================================================================
>  #
> diff --git a/scripts/gcc-plugins/Makefile b/scripts/gcc-plugins/Makefile
> index 320afd3cf8e8..05b14aba41ef 100644
> --- a/scripts/gcc-plugins/Makefile
> +++ b/scripts/gcc-plugins/Makefile
> @@ -66,3 +66,7 @@ quiet_cmd_plugin_cxx_o_c = HOSTCXX $@
>  
>  $(plugin-objs): $(obj)/%.o: $(src)/%.c FORCE
>  	$(call if_changed_dep,plugin_cxx_o_c)
> +
> +$(obj)/../../include/generated/gcc-plugins.h: $(plugin-single) $(plugin-multi) FORCE
> +	$(call if_changed,touch)
> +always-y += ../../include/generated/gcc-plugins.h
> -- 
> 2.34.1
> 

Tested-by: Nicolas Schier <n.schier@avm.de>
Reviewed-by: Nicolas Schier <n.schier@avm.de>


^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [PATCH v3 1/3] gcc-plugins: Force full rebuild when plugins change
  2025-05-07 12:01   ` Nicolas Schier
@ 2025-05-07 12:10     ` Nicolas Schier
  0 siblings, 0 replies; 12+ messages in thread
From: Nicolas Schier @ 2025-05-07 12:10 UTC (permalink / raw)
  To: Kees Cook
  Cc: Masahiro Yamada, Nathan Chancellor, linux-hardening, linux-kbuild,
	Petr Pavlu, Sebastian Andrzej Siewior, Justin Stitt, Marco Elver,
	Andrey Konovalov, Andrey Ryabinin, Nick Desaulniers,
	Bill Wendling, linux-kernel, kasan-dev, llvm

On Wed, 07 May 2025, Nicolas Schier wrote:

> On Sat, 03 May 2025, Kees Cook wrote:
> 
> > There was no dependency between the plugins changing and the rest of the
> > kernel being built. This could cause strange behaviors as instrumentation
> > could vary between targets depending on when they were built.
> > 
> > Generate a new header file, gcc-plugins.h, any time the GCC plugins
> > change. Include the header file in compiler-version.h when its associated
> > feature name, GCC_PLUGINS, is defined. This will be picked up by fixdep
> > and force rebuilds where needed.
> > 
> > Add a generic "touch" kbuild command, which will be used again in
> > a following patch. Add a "normalize_path" string helper to make the
> > "TOUCH" output less ugly.
> > 
> > Signed-off-by: Kees Cook <kees@kernel.org>
> > ---
> > Cc: Masahiro Yamada <masahiroy@kernel.org>
> > Cc: Nicolas Schier <nicolas.schier@linux.dev>
> > Cc: Nathan Chancellor <nathan@kernel.org>
> > Cc: <linux-hardening@vger.kernel.org>
> > Cc: <linux-kbuild@vger.kernel.org>
> > ---
> >  include/linux/compiler-version.h |  4 ++++
> >  scripts/Makefile.gcc-plugins     |  2 +-
> >  scripts/Makefile.lib             | 18 ++++++++++++++++++
> >  scripts/gcc-plugins/Makefile     |  4 ++++
> >  4 files changed, 27 insertions(+), 1 deletion(-)
> > 
> > diff --git a/include/linux/compiler-version.h b/include/linux/compiler-version.h
> > index 573fa85b6c0c..74ea11563ce3 100644
> > --- a/include/linux/compiler-version.h
> > +++ b/include/linux/compiler-version.h
> > @@ -12,3 +12,7 @@
> >   * and add dependency on include/config/CC_VERSION_TEXT, which is touched
> >   * by Kconfig when the version string from the compiler changes.
> >   */
> > +
> > +#ifdef GCC_PLUGINS
> 
> Out of curiousity:  Why can't we use CONFIG_GCC_PLUGINS here?

... because compiler-version.h is included before kconfig.h (which 
includes autoconf.h).  Sorry for the noise.


^ permalink raw reply	[flat|nested] 12+ messages in thread

* [PATCH v3 2/3] randstruct: Force full rebuild when seed changes
  2025-05-03 18:46 [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild Kees Cook
  2025-05-03 18:46 ` [PATCH v3 1/3] gcc-plugins: Force full rebuild when plugins change Kees Cook
@ 2025-05-03 18:46 ` Kees Cook
  2025-05-07 12:14   ` Nicolas Schier
  2025-05-03 18:46 ` [PATCH v3 3/3] integer-wrap: Force full rebuild when .scl file changes Kees Cook
  2025-05-07 12:02 ` [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild Nicolas Schier
  3 siblings, 1 reply; 12+ messages in thread
From: Kees Cook @ 2025-05-03 18:46 UTC (permalink / raw)
  To: Masahiro Yamada
  Cc: Kees Cook, Nathan Chancellor, Nicolas Schier, Petr Pavlu,
	Sebastian Andrzej Siewior, linux-kbuild, Justin Stitt,
	Marco Elver, Andrey Konovalov, Andrey Ryabinin, Nick Desaulniers,
	Bill Wendling, linux-kernel, linux-hardening, kasan-dev, llvm

While the randstruct GCC plugin was being rebuilt if the randstruct seed
changed, Clang builds did not notice the change. This could result in
differing struct layouts in a target depending on when it was built.

Include the existing generated header file in compiler-version.h when
its associated feature name, RANDSTRUCT, is defined. This will be picked
up by fixdep and force rebuilds where needed.

Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: Nathan Chancellor <nathan@kernel.org>
Cc: Nicolas Schier <nicolas.schier@linux.dev>
Cc: Petr Pavlu <petr.pavlu@suse.com>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: <linux-kbuild@vger.kernel.org>
---
 include/linux/compiler-version.h | 3 +++
 include/linux/vermagic.h         | 1 -
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/linux/compiler-version.h b/include/linux/compiler-version.h
index 74ea11563ce3..69b29b400ce2 100644
--- a/include/linux/compiler-version.h
+++ b/include/linux/compiler-version.h
@@ -16,3 +16,6 @@
 #ifdef GCC_PLUGINS
 #include <generated/gcc-plugins.h>
 #endif
+#ifdef RANDSTRUCT
+#include <generated/randstruct_hash.h>
+#endif
diff --git a/include/linux/vermagic.h b/include/linux/vermagic.h
index 939ceabcaf06..335c360d4f9b 100644
--- a/include/linux/vermagic.h
+++ b/include/linux/vermagic.h
@@ -33,7 +33,6 @@
 #define MODULE_VERMAGIC_MODVERSIONS ""
 #endif
 #ifdef RANDSTRUCT
-#include <generated/randstruct_hash.h>
 #define MODULE_RANDSTRUCT "RANDSTRUCT_" RANDSTRUCT_HASHED_SEED
 #else
 #define MODULE_RANDSTRUCT
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 12+ messages in thread

* Re: [PATCH v3 2/3] randstruct: Force full rebuild when seed changes
  2025-05-03 18:46 ` [PATCH v3 2/3] randstruct: Force full rebuild when seed changes Kees Cook
@ 2025-05-07 12:14   ` Nicolas Schier
  0 siblings, 0 replies; 12+ messages in thread
From: Nicolas Schier @ 2025-05-07 12:14 UTC (permalink / raw)
  To: Kees Cook
  Cc: Masahiro Yamada, Nathan Chancellor, Petr Pavlu,
	Sebastian Andrzej Siewior, linux-kbuild, Justin Stitt,
	Marco Elver, Andrey Konovalov, Andrey Ryabinin, Nick Desaulniers,
	Bill Wendling, linux-kernel, linux-hardening, kasan-dev, llvm

On Sat, 03 May 2025, Kees Cook wrote:

> While the randstruct GCC plugin was being rebuilt if the randstruct seed
> changed, Clang builds did not notice the change. This could result in
> differing struct layouts in a target depending on when it was built.
> 
> Include the existing generated header file in compiler-version.h when
> its associated feature name, RANDSTRUCT, is defined. This will be picked
> up by fixdep and force rebuilds where needed.
> 
> Signed-off-by: Kees Cook <kees@kernel.org>
> ---
> Cc: Masahiro Yamada <masahiroy@kernel.org>
> Cc: Nathan Chancellor <nathan@kernel.org>
> Cc: Nicolas Schier <nicolas.schier@linux.dev>
> Cc: Petr Pavlu <petr.pavlu@suse.com>
> Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
> Cc: <linux-kbuild@vger.kernel.org>
> ---
>  include/linux/compiler-version.h | 3 +++
>  include/linux/vermagic.h         | 1 -
>  2 files changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/include/linux/compiler-version.h b/include/linux/compiler-version.h
> index 74ea11563ce3..69b29b400ce2 100644
> --- a/include/linux/compiler-version.h
> +++ b/include/linux/compiler-version.h
> @@ -16,3 +16,6 @@
>  #ifdef GCC_PLUGINS
>  #include <generated/gcc-plugins.h>
>  #endif
> +#ifdef RANDSTRUCT
> +#include <generated/randstruct_hash.h>
> +#endif
> diff --git a/include/linux/vermagic.h b/include/linux/vermagic.h
> index 939ceabcaf06..335c360d4f9b 100644
> --- a/include/linux/vermagic.h
> +++ b/include/linux/vermagic.h
> @@ -33,7 +33,6 @@
>  #define MODULE_VERMAGIC_MODVERSIONS ""
>  #endif
>  #ifdef RANDSTRUCT
> -#include <generated/randstruct_hash.h>
>  #define MODULE_RANDSTRUCT "RANDSTRUCT_" RANDSTRUCT_HASHED_SEED
>  #else
>  #define MODULE_RANDSTRUCT
> -- 
> 2.34.1
> 

Reviewed-by: Nicolas Schier <n.schier@avm.de>
Tested-by: Nicolas Schier <n.schier@avm.de>


^ permalink raw reply	[flat|nested] 12+ messages in thread

* [PATCH v3 3/3] integer-wrap: Force full rebuild when .scl file changes
  2025-05-03 18:46 [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild Kees Cook
  2025-05-03 18:46 ` [PATCH v3 1/3] gcc-plugins: Force full rebuild when plugins change Kees Cook
  2025-05-03 18:46 ` [PATCH v3 2/3] randstruct: Force full rebuild when seed changes Kees Cook
@ 2025-05-03 18:46 ` Kees Cook
  2025-05-05 18:16   ` Justin Stitt
  2025-05-07 12:21   ` Nicolas Schier
  2025-05-07 12:02 ` [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild Nicolas Schier
  3 siblings, 2 replies; 12+ messages in thread
From: Kees Cook @ 2025-05-03 18:46 UTC (permalink / raw)
  To: Masahiro Yamada
  Cc: Kees Cook, Justin Stitt, Nathan Chancellor, Nicolas Schier,
	Marco Elver, Andrey Konovalov, Andrey Ryabinin, linux-kbuild,
	kasan-dev, linux-hardening, Petr Pavlu, Sebastian Andrzej Siewior,
	Nick Desaulniers, Bill Wendling, linux-kernel, llvm

Since the integer wrapping sanitizer's behavior depends on its associated
.scl file, we must force a full rebuild if the file changes. If not,
instrumentation may differ between targets based on when they were built.

Generate a new header file, integer-wrap.h, any time the Clang .scl
file changes. Include the header file in compiler-version.h when its
associated feature name, INTEGER_WRAP, is defined. This will be picked
up by fixdep and force rebuilds where needed.

Signed-off-by: Kees Cook <kees@kernel.org>
---
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: Justin Stitt <justinstitt@google.com>
Cc: Nathan Chancellor <nathan@kernel.org>
Cc: Nicolas Schier <nicolas.schier@linux.dev>
Cc: Marco Elver <elver@google.com>
Cc: Andrey Konovalov <andreyknvl@gmail.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: <linux-kbuild@vger.kernel.org>
Cc: <kasan-dev@googlegroups.com>
Cc: <linux-hardening@vger.kernel.org>
---
 include/linux/compiler-version.h | 3 +++
 scripts/Makefile.ubsan           | 1 +
 scripts/basic/Makefile           | 5 +++++
 3 files changed, 9 insertions(+)

diff --git a/include/linux/compiler-version.h b/include/linux/compiler-version.h
index 69b29b400ce2..187e749f9e79 100644
--- a/include/linux/compiler-version.h
+++ b/include/linux/compiler-version.h
@@ -19,3 +19,6 @@
 #ifdef RANDSTRUCT
 #include <generated/randstruct_hash.h>
 #endif
+#ifdef INTEGER_WRAP
+#include <generated/integer-wrap.h>
+#endif
diff --git a/scripts/Makefile.ubsan b/scripts/Makefile.ubsan
index 9e35198edbf0..653f7117819c 100644
--- a/scripts/Makefile.ubsan
+++ b/scripts/Makefile.ubsan
@@ -15,6 +15,7 @@ ubsan-cflags-$(CONFIG_UBSAN_TRAP)		+= $(call cc-option,-fsanitize-trap=undefined
 export CFLAGS_UBSAN := $(ubsan-cflags-y)
 
 ubsan-integer-wrap-cflags-$(CONFIG_UBSAN_INTEGER_WRAP)     +=	\
+	-DINTEGER_WRAP						\
 	-fsanitize-undefined-ignore-overflow-pattern=all	\
 	-fsanitize=signed-integer-overflow			\
 	-fsanitize=unsigned-integer-overflow			\
diff --git a/scripts/basic/Makefile b/scripts/basic/Makefile
index dd289a6725ac..fb8e2c38fbc7 100644
--- a/scripts/basic/Makefile
+++ b/scripts/basic/Makefile
@@ -14,3 +14,8 @@ cmd_create_randstruct_seed = \
 $(obj)/randstruct.seed: $(gen-randstruct-seed) FORCE
 	$(call if_changed,create_randstruct_seed)
 always-$(CONFIG_RANDSTRUCT) += randstruct.seed
+
+# integer-wrap: if the .scl file changes, we need to do a full rebuild.
+$(obj)/../../include/generated/integer-wrap.h: $(srctree)/scripts/integer-wrap-ignore.scl FORCE
+	$(call if_changed,touch)
+always-$(CONFIG_UBSAN_INTEGER_WRAP) += ../../include/generated/integer-wrap.h
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 12+ messages in thread

* Re: [PATCH v3 3/3] integer-wrap: Force full rebuild when .scl file changes
  2025-05-03 18:46 ` [PATCH v3 3/3] integer-wrap: Force full rebuild when .scl file changes Kees Cook
@ 2025-05-05 18:16   ` Justin Stitt
  2025-05-05 18:18     ` Justin Stitt
  2025-05-07 12:21   ` Nicolas Schier
  1 sibling, 1 reply; 12+ messages in thread
From: Justin Stitt @ 2025-05-05 18:16 UTC (permalink / raw)
  To: Kees Cook
  Cc: Masahiro Yamada, Nathan Chancellor, Nicolas Schier, Marco Elver,
	Andrey Konovalov, Andrey Ryabinin, linux-kbuild, kasan-dev,
	linux-hardening, Petr Pavlu, Sebastian Andrzej Siewior,
	Nick Desaulniers, Bill Wendling, linux-kernel, llvm

On Sat, May 3, 2025 at 11:46 AM Kees Cook <kees@kernel.org> wrote:
>
> Since the integer wrapping sanitizer's behavior depends on its associated
> .scl file, we must force a full rebuild if the file changes. If not,
> instrumentation may differ between targets based on when they were built.
>
> Generate a new header file, integer-wrap.h, any time the Clang .scl
> file changes. Include the header file in compiler-version.h when its
> associated feature name, INTEGER_WRAP, is defined. This will be picked
> up by fixdep and force rebuilds where needed.
>
> Signed-off-by: Kees Cook <kees@kernel.org>
> ---
> Cc: Masahiro Yamada <masahiroy@kernel.org>
> Cc: Justin Stitt <justinstitt@google.com>
> Cc: Nathan Chancellor <nathan@kernel.org>
> Cc: Nicolas Schier <nicolas.schier@linux.dev>
> Cc: Marco Elver <elver@google.com>
> Cc: Andrey Konovalov <andreyknvl@gmail.com>
> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
> Cc: <linux-kbuild@vger.kernel.org>
> Cc: <kasan-dev@googlegroups.com>
> Cc: <linux-hardening@vger.kernel.org>
> ---
>  include/linux/compiler-version.h | 3 +++
>  scripts/Makefile.ubsan           | 1 +
>  scripts/basic/Makefile           | 5 +++++
>  3 files changed, 9 insertions(+)
>
> diff --git a/include/linux/compiler-version.h b/include/linux/compiler-version.h
> index 69b29b400ce2..187e749f9e79 100644
> --- a/include/linux/compiler-version.h
> +++ b/include/linux/compiler-version.h
> @@ -19,3 +19,6 @@
>  #ifdef RANDSTRUCT
>  #include <generated/randstruct_hash.h>
>  #endif
> +#ifdef INTEGER_WRAP
> +#include <generated/integer-wrap.h>
> +#endif
> diff --git a/scripts/Makefile.ubsan b/scripts/Makefile.ubsan
> index 9e35198edbf0..653f7117819c 100644
> --- a/scripts/Makefile.ubsan
> +++ b/scripts/Makefile.ubsan
> @@ -15,6 +15,7 @@ ubsan-cflags-$(CONFIG_UBSAN_TRAP)             += $(call cc-option,-fsanitize-trap=undefined
>  export CFLAGS_UBSAN := $(ubsan-cflags-y)
>
>  ubsan-integer-wrap-cflags-$(CONFIG_UBSAN_INTEGER_WRAP)     +=  \
> +       -DINTEGER_WRAP                                          \
>         -fsanitize-undefined-ignore-overflow-pattern=all        \
>         -fsanitize=signed-integer-overflow                      \
>         -fsanitize=unsigned-integer-overflow                    \
> diff --git a/scripts/basic/Makefile b/scripts/basic/Makefile
> index dd289a6725ac..fb8e2c38fbc7 100644
> --- a/scripts/basic/Makefile
> +++ b/scripts/basic/Makefile
> @@ -14,3 +14,8 @@ cmd_create_randstruct_seed = \
>  $(obj)/randstruct.seed: $(gen-randstruct-seed) FORCE
>         $(call if_changed,create_randstruct_seed)
>  always-$(CONFIG_RANDSTRUCT) += randstruct.seed
> +
> +# integer-wrap: if the .scl file changes, we need to do a full rebuild.
> +$(obj)/../../include/generated/integer-wrap.h: $(srctree)/scripts/integer-wrap-ignore.scl FORCE
> +       $(call if_changed,touch)
> +always-$(CONFIG_UBSAN_INTEGER_WRAP) += ../../include/generated/integer-wrap.h

I'm not sure how this fake header stuff works to ensure builds deps
are tracked properly but we do need scl files to be considered as part
of complete builds, so:

Acked-by: Justin Stitt <justinstitt@google.com>

> --
> 2.34.1
>

^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [PATCH v3 3/3] integer-wrap: Force full rebuild when .scl file changes
  2025-05-05 18:16   ` Justin Stitt
@ 2025-05-05 18:18     ` Justin Stitt
  0 siblings, 0 replies; 12+ messages in thread
From: Justin Stitt @ 2025-05-05 18:18 UTC (permalink / raw)
  To: Kees Cook
  Cc: Masahiro Yamada, Nathan Chancellor, Nicolas Schier, Marco Elver,
	Andrey Konovalov, Andrey Ryabinin, linux-kbuild, kasan-dev,
	linux-hardening, Petr Pavlu, Sebastian Andrzej Siewior,
	Nick Desaulniers, Bill Wendling, linux-kernel, llvm

On Mon, May 5, 2025 at 11:16 AM Justin Stitt <justinstitt@google.com> wrote:
>
> On Sat, May 3, 2025 at 11:46 AM Kees Cook <kees@kernel.org> wrote:
> >
> > Since the integer wrapping sanitizer's behavior depends on its associated
> > .scl file, we must force a full rebuild if the file changes. If not,
> > instrumentation may differ between targets based on when they were built.
> >
> > Generate a new header file, integer-wrap.h, any time the Clang .scl
> > file changes. Include the header file in compiler-version.h when its
> > associated feature name, INTEGER_WRAP, is defined. This will be picked
> > up by fixdep and force rebuilds where needed.
> >
> > Signed-off-by: Kees Cook <kees@kernel.org>
> > ---
> > Cc: Masahiro Yamada <masahiroy@kernel.org>
> > Cc: Justin Stitt <justinstitt@google.com>
> > Cc: Nathan Chancellor <nathan@kernel.org>
> > Cc: Nicolas Schier <nicolas.schier@linux.dev>
> > Cc: Marco Elver <elver@google.com>
> > Cc: Andrey Konovalov <andreyknvl@gmail.com>
> > Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
> > Cc: <linux-kbuild@vger.kernel.org>
> > Cc: <kasan-dev@googlegroups.com>
> > Cc: <linux-hardening@vger.kernel.org>
> > ---
> >  include/linux/compiler-version.h | 3 +++
> >  scripts/Makefile.ubsan           | 1 +
> >  scripts/basic/Makefile           | 5 +++++
> >  3 files changed, 9 insertions(+)
> >
> > diff --git a/include/linux/compiler-version.h b/include/linux/compiler-version.h
> > index 69b29b400ce2..187e749f9e79 100644
> > --- a/include/linux/compiler-version.h
> > +++ b/include/linux/compiler-version.h
> > @@ -19,3 +19,6 @@
> >  #ifdef RANDSTRUCT
> >  #include <generated/randstruct_hash.h>
> >  #endif
> > +#ifdef INTEGER_WRAP
> > +#include <generated/integer-wrap.h>
> > +#endif
> > diff --git a/scripts/Makefile.ubsan b/scripts/Makefile.ubsan
> > index 9e35198edbf0..653f7117819c 100644
> > --- a/scripts/Makefile.ubsan
> > +++ b/scripts/Makefile.ubsan
> > @@ -15,6 +15,7 @@ ubsan-cflags-$(CONFIG_UBSAN_TRAP)             += $(call cc-option,-fsanitize-trap=undefined
> >  export CFLAGS_UBSAN := $(ubsan-cflags-y)
> >
> >  ubsan-integer-wrap-cflags-$(CONFIG_UBSAN_INTEGER_WRAP)     +=  \
> > +       -DINTEGER_WRAP                                          \
> >         -fsanitize-undefined-ignore-overflow-pattern=all        \
> >         -fsanitize=signed-integer-overflow                      \
> >         -fsanitize=unsigned-integer-overflow                    \
> > diff --git a/scripts/basic/Makefile b/scripts/basic/Makefile
> > index dd289a6725ac..fb8e2c38fbc7 100644
> > --- a/scripts/basic/Makefile
> > +++ b/scripts/basic/Makefile
> > @@ -14,3 +14,8 @@ cmd_create_randstruct_seed = \
> >  $(obj)/randstruct.seed: $(gen-randstruct-seed) FORCE
> >         $(call if_changed,create_randstruct_seed)
> >  always-$(CONFIG_RANDSTRUCT) += randstruct.seed
> > +
> > +# integer-wrap: if the .scl file changes, we need to do a full rebuild.
> > +$(obj)/../../include/generated/integer-wrap.h: $(srctree)/scripts/integer-wrap-ignore.scl FORCE
> > +       $(call if_changed,touch)
> > +always-$(CONFIG_UBSAN_INTEGER_WRAP) += ../../include/generated/integer-wrap.h
>
> I'm not sure how this fake header stuff works to ensure builds deps
> are tracked properly but we do need scl files to be considered as part
> of complete builds, so:

As in, I'm sure it works but have personally never written or reviewed
a Makefile+generated header snippet like that before :)

>
> Acked-by: Justin Stitt <justinstitt@google.com>
>
> > --
> > 2.34.1
> >

^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [PATCH v3 3/3] integer-wrap: Force full rebuild when .scl file changes
  2025-05-03 18:46 ` [PATCH v3 3/3] integer-wrap: Force full rebuild when .scl file changes Kees Cook
  2025-05-05 18:16   ` Justin Stitt
@ 2025-05-07 12:21   ` Nicolas Schier
  1 sibling, 0 replies; 12+ messages in thread
From: Nicolas Schier @ 2025-05-07 12:21 UTC (permalink / raw)
  To: Kees Cook
  Cc: Masahiro Yamada, Justin Stitt, Nathan Chancellor, Marco Elver,
	Andrey Konovalov, Andrey Ryabinin, linux-kbuild, kasan-dev,
	linux-hardening, Petr Pavlu, Sebastian Andrzej Siewior,
	Nick Desaulniers, Bill Wendling, linux-kernel, llvm

On Sat, 03 May 2025, Kees Cook wrote:

> Since the integer wrapping sanitizer's behavior depends on its associated
> .scl file, we must force a full rebuild if the file changes. If not,
> instrumentation may differ between targets based on when they were built.
> 
> Generate a new header file, integer-wrap.h, any time the Clang .scl
> file changes. Include the header file in compiler-version.h when its
> associated feature name, INTEGER_WRAP, is defined. This will be picked
> up by fixdep and force rebuilds where needed.
> 
> Signed-off-by: Kees Cook <kees@kernel.org>
> ---
> Cc: Masahiro Yamada <masahiroy@kernel.org>
> Cc: Justin Stitt <justinstitt@google.com>
> Cc: Nathan Chancellor <nathan@kernel.org>
> Cc: Nicolas Schier <nicolas.schier@linux.dev>
> Cc: Marco Elver <elver@google.com>
> Cc: Andrey Konovalov <andreyknvl@gmail.com>
> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
> Cc: <linux-kbuild@vger.kernel.org>
> Cc: <kasan-dev@googlegroups.com>
> Cc: <linux-hardening@vger.kernel.org>
> ---
>  include/linux/compiler-version.h | 3 +++
>  scripts/Makefile.ubsan           | 1 +
>  scripts/basic/Makefile           | 5 +++++
>  3 files changed, 9 insertions(+)
> 
> diff --git a/include/linux/compiler-version.h b/include/linux/compiler-version.h
> index 69b29b400ce2..187e749f9e79 100644
> --- a/include/linux/compiler-version.h
> +++ b/include/linux/compiler-version.h
> @@ -19,3 +19,6 @@
>  #ifdef RANDSTRUCT
>  #include <generated/randstruct_hash.h>
>  #endif
> +#ifdef INTEGER_WRAP
> +#include <generated/integer-wrap.h>
> +#endif
> diff --git a/scripts/Makefile.ubsan b/scripts/Makefile.ubsan
> index 9e35198edbf0..653f7117819c 100644
> --- a/scripts/Makefile.ubsan
> +++ b/scripts/Makefile.ubsan
> @@ -15,6 +15,7 @@ ubsan-cflags-$(CONFIG_UBSAN_TRAP)		+= $(call cc-option,-fsanitize-trap=undefined
>  export CFLAGS_UBSAN := $(ubsan-cflags-y)
>  
>  ubsan-integer-wrap-cflags-$(CONFIG_UBSAN_INTEGER_WRAP)     +=	\
> +	-DINTEGER_WRAP						\
>  	-fsanitize-undefined-ignore-overflow-pattern=all	\
>  	-fsanitize=signed-integer-overflow			\
>  	-fsanitize=unsigned-integer-overflow			\
> diff --git a/scripts/basic/Makefile b/scripts/basic/Makefile
> index dd289a6725ac..fb8e2c38fbc7 100644
> --- a/scripts/basic/Makefile
> +++ b/scripts/basic/Makefile
> @@ -14,3 +14,8 @@ cmd_create_randstruct_seed = \
>  $(obj)/randstruct.seed: $(gen-randstruct-seed) FORCE
>  	$(call if_changed,create_randstruct_seed)
>  always-$(CONFIG_RANDSTRUCT) += randstruct.seed
> +
> +# integer-wrap: if the .scl file changes, we need to do a full rebuild.
> +$(obj)/../../include/generated/integer-wrap.h: $(srctree)/scripts/integer-wrap-ignore.scl FORCE
> +	$(call if_changed,touch)
> +always-$(CONFIG_UBSAN_INTEGER_WRAP) += ../../include/generated/integer-wrap.h
> -- 
> 2.34.1
> 

Reviewed-by: Nicolas Schier <n.schier@avm.de>


^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild
  2025-05-03 18:46 [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild Kees Cook
                   ` (2 preceding siblings ...)
  2025-05-03 18:46 ` [PATCH v3 3/3] integer-wrap: Force full rebuild when .scl file changes Kees Cook
@ 2025-05-07 12:02 ` Nicolas Schier
  2025-05-08 15:56   ` Kees Cook
  3 siblings, 1 reply; 12+ messages in thread
From: Nicolas Schier @ 2025-05-07 12:02 UTC (permalink / raw)
  To: Kees Cook
  Cc: Masahiro Yamada, Nathan Chancellor, Petr Pavlu,
	Sebastian Andrzej Siewior, Justin Stitt, Marco Elver,
	Andrey Konovalov, Andrey Ryabinin, Nick Desaulniers,
	Bill Wendling, linux-kernel, linux-hardening, linux-kbuild,
	kasan-dev, llvm

On Sat, 03 May 2025, Kees Cook wrote:

>  v3: move to include/generated, add touch helper
>  v2: https://lore.kernel.org/lkml/20250502224512.it.706-kees@kernel.org/
>  v1: https://lore.kernel.org/lkml/20250501193839.work.525-kees@kernel.org/
> 
> Hi,
> 
> This is my attempt to introduce dependencies that track the various
> compiler behaviors that may globally change the build that aren't
> represented by either compiler flags nor the compiler version
> (CC_VERSION_TEXT). Namely, this is to detect when the contents of a
> file the compiler uses changes. We have 3 such situations currently in
> the tree:
> 
> - If any of the GCC plugins change, we need to rebuild everything that
>   was built with them, as they may have changed their behavior and those
>   behaviors may need to be synchronized across all translation units.
>   (The most obvious of these is the randstruct GCC plugin, but is true
>   for most of them.)
> 
> - If the randstruct seed itself changes (whether for GCC plugins or
>   Clang), the entire tree needs to be rebuilt since the randomization of
>   structures may change between compilation units if not.
> 
> - If the integer-wrap-ignore.scl file for Clang's integer wrapping
>   sanitizer changes, a full rebuild is needed as the coverage for wrapping
>   types may have changed, once again cause behavior differences between
>   compilation units.

I am unsure if it is too much detail, but I'd like to see some of these 
infos in include/linux/compiler-version.h, too.

Kind regards,
Nicolas

^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild
  2025-05-07 12:02 ` [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild Nicolas Schier
@ 2025-05-08 15:56   ` Kees Cook
  0 siblings, 0 replies; 12+ messages in thread
From: Kees Cook @ 2025-05-08 15:56 UTC (permalink / raw)
  To: Nicolas Schier
  Cc: Masahiro Yamada, Nathan Chancellor, Petr Pavlu,
	Sebastian Andrzej Siewior, Justin Stitt, Marco Elver,
	Andrey Konovalov, Andrey Ryabinin, Nick Desaulniers,
	Bill Wendling, linux-kernel, linux-hardening, linux-kbuild,
	kasan-dev, llvm

On Wed, May 07, 2025 at 02:02:42PM +0200, Nicolas Schier wrote:
> On Sat, 03 May 2025, Kees Cook wrote:
> 
> >  v3: move to include/generated, add touch helper
> >  v2: https://lore.kernel.org/lkml/20250502224512.it.706-kees@kernel.org/
> >  v1: https://lore.kernel.org/lkml/20250501193839.work.525-kees@kernel.org/
> > 
> > Hi,
> > 
> > This is my attempt to introduce dependencies that track the various
> > compiler behaviors that may globally change the build that aren't
> > represented by either compiler flags nor the compiler version
> > (CC_VERSION_TEXT). Namely, this is to detect when the contents of a
> > file the compiler uses changes. We have 3 such situations currently in
> > the tree:
> > 
> > - If any of the GCC plugins change, we need to rebuild everything that
> >   was built with them, as they may have changed their behavior and those
> >   behaviors may need to be synchronized across all translation units.
> >   (The most obvious of these is the randstruct GCC plugin, but is true
> >   for most of them.)
> > 
> > - If the randstruct seed itself changes (whether for GCC plugins or
> >   Clang), the entire tree needs to be rebuilt since the randomization of
> >   structures may change between compilation units if not.
> > 
> > - If the integer-wrap-ignore.scl file for Clang's integer wrapping
> >   sanitizer changes, a full rebuild is needed as the coverage for wrapping
> >   types may have changed, once again cause behavior differences between
> >   compilation units.
> 
> I am unsure if it is too much detail, but I'd like to see some of these 
> infos in include/linux/compiler-version.h, too.

Yeah, that's a good idea. No reason to make people dig for the commit
logs, etc -- it should be immediately discoverable. I've updated the
patches to include the (slight rephrased) text above.

Thanks!

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 12+ messages in thread

end of thread, other threads:[~2025-05-08 15:56 UTC | newest]

Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-05-03 18:46 [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild Kees Cook
2025-05-03 18:46 ` [PATCH v3 1/3] gcc-plugins: Force full rebuild when plugins change Kees Cook
2025-05-07 12:01   ` Nicolas Schier
2025-05-07 12:10     ` Nicolas Schier
2025-05-03 18:46 ` [PATCH v3 2/3] randstruct: Force full rebuild when seed changes Kees Cook
2025-05-07 12:14   ` Nicolas Schier
2025-05-03 18:46 ` [PATCH v3 3/3] integer-wrap: Force full rebuild when .scl file changes Kees Cook
2025-05-05 18:16   ` Justin Stitt
2025-05-05 18:18     ` Justin Stitt
2025-05-07 12:21   ` Nicolas Schier
2025-05-07 12:02 ` [PATCH v3 0/3] Detect changed compiler dependencies for full rebuild Nicolas Schier
2025-05-08 15:56   ` Kees Cook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox