Merge branch 'for-next/gcc-plugin/structleak' into for-next/gcc-plugins

[sfrench/cifs-2.6.git] / arch / Kconfig

diff --git a/arch/Kconfig b/arch/Kconfig
index cae0958a2298d4f5d6bc4f498ece8350a986fc03..596f0e66e69f61797829da46b1e846ceffcc8642 100644 (file)
--- a/arch/Kconfig
+++ b/arch/Kconfig
@@ -198,9 +198,6 @@ config HAVE_KPROBES_ON_FTRACE
 config HAVE_NMI
        bool
 
-config HAVE_NMI_WATCHDOG
-       depends on HAVE_NMI
-       bool
 #
 # An arch should select this if it provides all these things:
 #
@@ -226,6 +223,12 @@ config GENERIC_SMP_IDLE_THREAD
 config GENERIC_IDLE_POLL_SETUP
        bool
 
+config ARCH_HAS_FORTIFY_SOURCE
+       bool
+       help
+         An architecture should select this when it can successfully
+         build and run with CONFIG_FORTIFY_SOURCE.
+
 # Select if arch has all set_memory_ro/rw/x/nx() functions in asm/cacheflush.h
 config ARCH_HAS_SET_MEMORY
        bool
@@ -288,6 +291,28 @@ config HAVE_PERF_EVENTS_NMI
          subsystem.  Also has support for calculating CPU cycle events
          to determine how many clock cycles in a given period.
 
+config HAVE_HARDLOCKUP_DETECTOR_PERF
+       bool
+       depends on HAVE_PERF_EVENTS_NMI
+       help
+         The arch chooses to use the generic perf-NMI-based hardlockup
+         detector. Must define HAVE_PERF_EVENTS_NMI.
+
+config HAVE_NMI_WATCHDOG
+       depends on HAVE_NMI
+       bool
+       help
+         The arch provides a low level NMI watchdog. It provides
+         asm/nmi.h, and defines its own arch_touch_nmi_watchdog().
+
+config HAVE_HARDLOCKUP_DETECTOR_ARCH
+       bool
+       select HAVE_NMI_WATCHDOG
+       help
+         The arch chooses to provide its own hardlockup detector, which is
+         a superset of the HAVE_NMI_WATCHDOG. It also conforms to config
+         interfaces and parameters provided by hardlockup detector subsystem.
+
 config HAVE_PERF_REGS
        bool
        help
@@ -433,6 +458,13 @@ config GCC_PLUGIN_STRUCTLEAK
           * https://grsecurity.net/
           * https://pax.grsecurity.net/
 
+config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL
+       bool "Force initialize all struct type variables passed by reference"
+       depends on GCC_PLUGIN_STRUCTLEAK
+       help
+         Zero initialize any struct type local variable that may be passed by
+         reference without having been initialized.
+
 config GCC_PLUGIN_STRUCTLEAK_VERBOSE
        bool "Report forcefully initialized variables"
        depends on GCC_PLUGIN_STRUCTLEAK
@@ -448,11 +480,13 @@ config GCC_PLUGIN_RANDSTRUCT
        depends on GCC_PLUGINS
        select MODVERSIONS if MODULES
        help
-         If you say Y here, the layouts of structures explicitly
-         marked by __randomize_layout will be randomized at
-         compile-time.  This can introduce the requirement of an
-         additional information exposure vulnerability for exploits
-         targeting these structure types.
+         If you say Y here, the layouts of structures that are entirely
+         function pointers (and have not been manually annotated with
+         __no_randomize_layout), or structures that have been explicitly
+         marked with __randomize_layout, will be randomized at compile-time.
+         This can introduce the requirement of an additional information
+         exposure vulnerability for exploits targeting these structure
+         types.
 
          Enabling this feature will introduce some performance impact,
          slightly increase memory usage, and prevent the use of forensic