diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2024-10-05 10:19:14 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2024-10-05 10:19:14 -0700 |
commit | 9ec2236a0260f88362ab00510d19397c0e396587 (patch) | |
tree | d0a628903c52e3e5d74515f8b25b1bcf52905c2e /security/Kconfig.hardening | |
parent | fb9b76749adb28d4cee88b296a9b21d834484541 (diff) | |
parent | 045244dd5d75c61ae37b7b96fe0a95805bd1842d (diff) |
Merge tag 'hardening-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull hardening fixes from Kees Cook:
- gcc plugins: Avoid Kconfig warnings with randstruct (Nathan
Chancellor)
- MAINTAINERS: Add security/Kconfig.hardening to hardening section
(Nathan Chancellor)
- MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list
* tag 'hardening-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
MAINTAINERS: Add security/Kconfig.hardening to hardening section
hardening: Adjust dependencies in selection of MODVERSIONS
MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list
Diffstat (limited to 'security/Kconfig.hardening')
-rw-r--r-- | security/Kconfig.hardening | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening index 2cff851ebfd7..c9d5ca3d8d08 100644 --- a/security/Kconfig.hardening +++ b/security/Kconfig.hardening @@ -340,7 +340,7 @@ choice config RANDSTRUCT_FULL bool "Fully randomize structure layout" depends on CC_HAS_RANDSTRUCT || GCC_PLUGINS - select MODVERSIONS if MODULES + select MODVERSIONS if MODULES && !COMPILE_TEST help Fully randomize the member layout of sensitive structures as much as possible, which may have both a @@ -356,7 +356,7 @@ choice config RANDSTRUCT_PERFORMANCE bool "Limit randomization of structure layout to cache-lines" depends on GCC_PLUGINS - select MODVERSIONS if MODULES + select MODVERSIONS if MODULES && !COMPILE_TEST help Randomization of sensitive kernel structures will make a best effort at restricting randomization to cacheline-sized |