From: Nathan Chancellor <nathan@kernel.org>
To: Nathan Chancellor <nathan@kernel.org>,
Nicolas Schier <nsc@kernel.org>,
Bill Wendling <morbo@google.com>,
Justin Stitt <justinstitt@google.com>,
Nick Desaulniers <nick.desaulniers+lkml@gmail.com>
Cc: linux-kernel@vger.kernel.org, llvm@lists.linux.dev,
linux-kbuild@vger.kernel.org, Kees Cook <kees@kernel.org>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
linux-hardening@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: [PATCH 03/14] security/Kconfig.hardening: Remove tautological condition from FORTIFY_SOURCE
Date: Tue, 28 Apr 2026 22:59:09 -0400 [thread overview]
Message-ID: <20260428-bump-minimum-supported-llvm-version-to-17-v1-3-81d9b2e8ee75@kernel.org> (raw)
In-Reply-To: <20260428-bump-minimum-supported-llvm-version-to-17-v1-0-81d9b2e8ee75@kernel.org>
Now that the minimum supported version of LLVM for building the kernel
has been raised to 17.0.1, the '!X86_32 || !Clang || Clang > 16'
dependency of CONFIG_FORTIFY_SOURCE is always true, so it can be
removed.
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
---
Cc: Kees Cook <kees@kernel.org>
Cc: Gustavo A. R. Silva <gustavoars@kernel.org>
Cc: linux-hardening@vger.kernel.org
Cc: linux-security-module@vger.kernel.org
---
security/Kconfig.hardening | 2 --
1 file changed, 2 deletions(-)
diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening
index a0461d648396..e4f23c08a17a 100644
--- a/security/Kconfig.hardening
+++ b/security/Kconfig.hardening
@@ -213,8 +213,6 @@ menu "Bounds checking"
config FORTIFY_SOURCE
bool "Harden common str/mem functions against buffer overflows"
depends on ARCH_HAS_FORTIFY_SOURCE
- # https://github.com/llvm/llvm-project/issues/53645
- depends on !X86_32 || !CC_IS_CLANG || CLANG_VERSION >= 160000
help
Detect overflows of buffers in common string and memory functions
where the compiler can determine and validate the buffer sizes.
--
2.54.0
next prev parent reply other threads:[~2026-04-29 3:00 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-29 2:59 [PATCH 00/14] Bump minimum version of LLVM for building the kernel to 17.0.1 Nathan Chancellor
2026-04-29 2:59 ` [PATCH 01/14] kbuild: " Nathan Chancellor
2026-05-05 15:27 ` Nicolas Schier
2026-05-05 18:26 ` Daniel Pereira
2026-05-06 6:21 ` Nathan Chancellor
2026-05-06 12:33 ` Daniel Pereira
2026-04-29 2:59 ` [PATCH 02/14] security/Kconfig.hardening: Remove tautological condition from CC_HAS_ZERO_CALL_USED_REGS Nathan Chancellor
2026-05-05 15:28 ` Nicolas Schier
2026-04-29 2:59 ` Nathan Chancellor [this message]
2026-05-05 15:28 ` [PATCH 03/14] security/Kconfig.hardening: Remove tautological condition from FORTIFY_SOURCE Nicolas Schier
2026-04-29 2:59 ` [PATCH 04/14] security/Kconfig.hardening: Remove tautological condition from CC_HAS_RANDSTRUCT Nathan Chancellor
2026-05-05 15:28 ` Nicolas Schier
2026-04-29 2:59 ` [PATCH 05/14] arch/Kconfig: Remove tautological conditions from HAS_LTO_CLANG Nathan Chancellor
2026-05-05 15:30 ` Nicolas Schier
2026-04-29 2:59 ` [PATCH 06/14] arch/Kconfig: Remove tautological condition from AUTOFDO_CLANG Nathan Chancellor
2026-04-29 16:43 ` Rong Xu
2026-04-29 2:59 ` [PATCH 07/14] ARM: Drop tautological ld.lld conditions from ARCH_MULTI_V4{,T} Nathan Chancellor
2026-04-29 2:59 ` [PATCH 08/14] riscv: Remove tautological condition from selection of ARCH_SUPPORTS_CFI Nathan Chancellor
2026-04-29 2:59 ` [PATCH 09/14] riscv: Drop tautological condition from TOOLCHAIN_NEEDS_OLD_ISA_SPEC Nathan Chancellor
2026-04-29 2:59 ` [PATCH 10/14] scripts/Makefile.warn: Drop -Wformat handling for clang < 16 Nathan Chancellor
2026-05-05 15:31 ` Nicolas Schier
2026-04-29 2:59 ` [PATCH 11/14] x86/build: Drop unused '-ffreestanding' addition to KBUILD_CFLAGS Nathan Chancellor
2026-04-29 17:24 ` Nathan Chancellor
2026-04-29 2:59 ` [PATCH 12/14] x86/module: Revert "Deal with GOT based stack cookie load on Clang < 17" Nathan Chancellor
2026-04-29 7:10 ` Ard Biesheuvel
2026-04-29 2:59 ` [PATCH 13/14] x86/entry/vdso32: Remove conditional omission of '.cfi_offset eflags' Nathan Chancellor
2026-04-29 3:15 ` H. Peter Anvin
2026-04-29 2:59 ` [PATCH 14/14] kbuild: Remove check for broken scoping with clang < 17 in CC_HAS_ASM_GOTO_OUTPUT Nathan Chancellor
2026-05-05 15:32 ` Nicolas Schier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260428-bump-minimum-supported-llvm-version-to-17-v1-3-81d9b2e8ee75@kernel.org \
--to=nathan@kernel.org \
--cc=gustavoars@kernel.org \
--cc=justinstitt@google.com \
--cc=kees@kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=morbo@google.com \
--cc=nick.desaulniers+lkml@gmail.com \
--cc=nsc@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox