On Wed, Nov 8, 2017 at 11:43 AM, Laura Abbott <labb...@redhat.com> wrote: > On 11/07/2017 09:38 AM, Kees Cook wrote: >> >> As described in the final patch: >> >> Nearly all modern compilers support a stack-protector option, and nearly >> all modern distributions enable the kernel stack-protector, so enabling >> this by default in kernel builds would make sense. However, Kconfig does >> not have knowledge of available compiler features, so it isn't safe to >> force on, as this would unconditionally break builds for the compilers >> or architectures that don't have support. Instead, this introduces a new >> option, CONFIG_CC_STACKPROTECTOR_AUTO, which attempts to discover the best >> possible stack-protector available, and will allow builds to proceed even >> if the compiler doesn't support any stack-protector. >> >> This option is made the default so that kernels built with modern >> compilers will be protected-by-default against stack buffer overflows, >> avoiding things like the recent BlueBorne attack. Selection of a specific >> stack-protector option remains available, including disabling it. >> >> >> This has lived over the last several days without any unfixed 0day >> failures. >> >> v2: >> - under ..._AUTO, warn and continue on _all_ stack protector failure cases >> - fix 32-bit boot regression due to lazy gz. >> - set CONFIG_CC_STACKPROTECTOR_NONE for tiny.config. >> >> Thanks, >> >> -Kees >> > > This passed a test build on all Fedora arches, including s390 and ppc. > On x86 it picks up the strong option correctly. > > You're welcome to add > > Tested-by: Laura Abbott <labb...@redhat.com>
Awesome, thanks for testing! -Kees -- Kees Cook Pixel Security
