mirror of
https://github.com/tbsdtv/linux_media.git
synced 2025-07-22 20:30:58 +02:00
893ab00439
Some Makefiles already pass -fno-stack-protector unconditionally. For example, arch/arm64/kernel/vdso/Makefile, arch/x86/xen/Makefile. No problem report so far about hard-coding this option. So, we can assume all supported compilers know -fno-stack-protector. GCC 4.8 and Clang support this option (https://godbolt.org/z/_HDGzN) Get rid of cc-option from -fno-stack-protector. Remove CONFIG_CC_HAS_STACKPROTECTOR_NONE, which is always 'y'. Note: arch/mips/vdso/Makefile adds -fno-stack-protector twice, first unconditionally, and second conditionally. I removed the second one. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> Reviewed-by: Kees Cook <keescook@chromium.org> Acked-by: Ard Biesheuvel <ardb@kernel.org> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
82 lines
2.5 KiB
Makefile
82 lines
2.5 KiB
Makefile
# SPDX-License-Identifier: GPL-2.0
|
|
OBJECT_FILES_NON_STANDARD := y
|
|
|
|
purgatory-y := purgatory.o stack.o setup-x86_$(BITS).o sha256.o entry64.o string.o
|
|
|
|
targets += $(purgatory-y)
|
|
PURGATORY_OBJS = $(addprefix $(obj)/,$(purgatory-y))
|
|
|
|
$(obj)/string.o: $(srctree)/arch/x86/boot/compressed/string.c FORCE
|
|
$(call if_changed_rule,cc_o_c)
|
|
|
|
$(obj)/sha256.o: $(srctree)/lib/crypto/sha256.c FORCE
|
|
$(call if_changed_rule,cc_o_c)
|
|
|
|
CFLAGS_sha256.o := -D__DISABLE_EXPORTS
|
|
|
|
# When linking purgatory.ro with -r unresolved symbols are not checked,
|
|
# also link a purgatory.chk binary without -r to check for unresolved symbols.
|
|
PURGATORY_LDFLAGS := -e purgatory_start -nostdlib -z nodefaultlib
|
|
LDFLAGS_purgatory.ro := -r $(PURGATORY_LDFLAGS)
|
|
LDFLAGS_purgatory.chk := $(PURGATORY_LDFLAGS)
|
|
targets += purgatory.ro purgatory.chk
|
|
|
|
# Sanitizer, etc. runtimes are unavailable and cannot be linked here.
|
|
GCOV_PROFILE := n
|
|
KASAN_SANITIZE := n
|
|
UBSAN_SANITIZE := n
|
|
KCSAN_SANITIZE := n
|
|
KCOV_INSTRUMENT := n
|
|
|
|
# These are adjustments to the compiler flags used for objects that
|
|
# make up the standalone purgatory.ro
|
|
|
|
PURGATORY_CFLAGS_REMOVE := -mcmodel=kernel
|
|
PURGATORY_CFLAGS := -mcmodel=large -ffreestanding -fno-zero-initialized-in-bss
|
|
PURGATORY_CFLAGS += $(DISABLE_STACKLEAK_PLUGIN) -DDISABLE_BRANCH_PROFILING
|
|
PURGATORY_CFLAGS += -fno-stack-protector
|
|
|
|
# Default KBUILD_CFLAGS can have -pg option set when FTRACE is enabled. That
|
|
# in turn leaves some undefined symbols like __fentry__ in purgatory and not
|
|
# sure how to relocate those.
|
|
ifdef CONFIG_FUNCTION_TRACER
|
|
PURGATORY_CFLAGS_REMOVE += $(CC_FLAGS_FTRACE)
|
|
endif
|
|
|
|
ifdef CONFIG_STACKPROTECTOR
|
|
PURGATORY_CFLAGS_REMOVE += -fstack-protector
|
|
endif
|
|
|
|
ifdef CONFIG_STACKPROTECTOR_STRONG
|
|
PURGATORY_CFLAGS_REMOVE += -fstack-protector-strong
|
|
endif
|
|
|
|
ifdef CONFIG_RETPOLINE
|
|
PURGATORY_CFLAGS_REMOVE += $(RETPOLINE_CFLAGS)
|
|
endif
|
|
|
|
CFLAGS_REMOVE_purgatory.o += $(PURGATORY_CFLAGS_REMOVE)
|
|
CFLAGS_purgatory.o += $(PURGATORY_CFLAGS)
|
|
|
|
CFLAGS_REMOVE_sha256.o += $(PURGATORY_CFLAGS_REMOVE)
|
|
CFLAGS_sha256.o += $(PURGATORY_CFLAGS)
|
|
|
|
CFLAGS_REMOVE_string.o += $(PURGATORY_CFLAGS_REMOVE)
|
|
CFLAGS_string.o += $(PURGATORY_CFLAGS)
|
|
|
|
$(obj)/purgatory.ro: $(PURGATORY_OBJS) FORCE
|
|
$(call if_changed,ld)
|
|
|
|
$(obj)/purgatory.chk: $(obj)/purgatory.ro FORCE
|
|
$(call if_changed,ld)
|
|
|
|
targets += kexec-purgatory.c
|
|
|
|
quiet_cmd_bin2c = BIN2C $@
|
|
cmd_bin2c = $(objtree)/scripts/bin2c kexec_purgatory < $< > $@
|
|
|
|
$(obj)/kexec-purgatory.c: $(obj)/purgatory.ro $(obj)/purgatory.chk FORCE
|
|
$(call if_changed,bin2c)
|
|
|
|
obj-$(CONFIG_KEXEC_FILE) += kexec-purgatory.o
|