aboutsummaryrefslogtreecommitdiff
path: root/scripts/gcc-plugins/Kconfig
blob: e383cda05367a3d48498b2afaacf265bd3ea74ab (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# SPDX-License-Identifier: GPL-2.0-only
config HAVE_GCC_PLUGINS
	bool
	help
	  An arch should select this symbol if it supports building with
	  GCC plugins.

menuconfig GCC_PLUGINS
	bool "GCC plugins"
	depends on HAVE_GCC_PLUGINS
	depends on CC_IS_GCC
	depends on $(success,test -e $(shell,$(CC) -print-file-name=plugin)/include/plugin-version.h)
	default y
	help
	  GCC plugins are loadable modules that provide extra features to the
	  compiler. They are useful for runtime instrumentation and static analysis.

	  See Documentation/kbuild/gcc-plugins.rst for details.

if GCC_PLUGINS

config GCC_PLUGIN_SANCOV
	bool
	# Plugin can be removed once the kernel only supports GCC 6+
	depends on !CC_HAS_SANCOV_TRACE_PC
	help
	  This plugin inserts a __sanitizer_cov_trace_pc() call at the start of
	  basic blocks. It supports all gcc versions with plugin support (from
	  gcc-4.5 on). It is based on the commit "Add fuzzing coverage support"
	  by Dmitry Vyukov <dvyukov@google.com>.

config GCC_PLUGIN_LATENT_ENTROPY
	bool "Generate some entropy during boot and runtime"
	help
	  By saying Y here the kernel will instrument some kernel code to
	  extract some entropy from both original and artificially created
	  program state.  This will help especially embedded systems where
	  there is little 'natural' source of entropy normally.  The cost
	  is some slowdown of the boot process (about 0.5%) and fork and
	  irq processing.

	  Note that entropy extracted this way is not cryptographically
	  secure!

	  This plugin was ported from grsecurity/PaX. More information at:
	   * https://grsecurity.net/
	   * https://pax.grsecurity.net/

config GCC_PLUGIN_ARM_SSP_PER_TASK
	bool
	depends on GCC_PLUGINS && ARM

endif