fortify: Explicitly disable Clang support - kernel - Hosts the 0x221E linux distro kernel.

diff options

author	Kees Cook <keescook@chromium.org>	2021-05-12 21:51:10 -0700
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2021-11-21 13:49:08 +0100
commit	5b9f31a3be76f141c2101735c0af08a08aec0bca (patch)
tree	23b73a48a8d52b9d1332d65d91b366554b08e954 /include/uapi/linux/securebits.h
parent	87304542f264d992f5922a704849130179224d5a (diff)

fortify: Explicitly disable Clang support

commit a52f8a59aef46b59753e583bf4b28fccb069ce64 upstream. Clang has never correctly compiled the FORTIFY_SOURCE defenses due to a couple bugs: Eliding inlines with matching __builtin_* names https://bugs.llvm.org/show_bug.cgi?id=50322 Incorrect __builtin_constant_p() of some globals https://bugs.llvm.org/show_bug.cgi?id=41459 In the process of making improvements to the FORTIFY_SOURCE defenses, the first (silent) bug (coincidentally) becomes worked around, but exposes the latter which breaks the build. As such, Clang must not be used with CONFIG_FORTIFY_SOURCE until at least latter bug is fixed (in Clang 13), and the fortify routines have been rearranged. Update the Kconfig to reflect the reality of the current situation. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Nick Desaulniers <ndesaulniers@google.com> Link: https://lore.kernel.org/lkml/CAKwvOd=A+ueGV2ihdy5GtgR2fQbcXjjAtVxv3=cPjffpebZB7A@mail.gmail.com Cc: Nathan Chancellor <nathan@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'include/uapi/linux/securebits.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: