From: Alexander Popov Date: Fri, 2 Sep 2022 14:22:15 +0000 (+0300) Subject: Don't use CONFIG_CC_IS_GCC in the checks (it was introduced only in v4.18) X-Git-Tag: v0.6.1~95 X-Git-Url: https://jxself.org/git/?a=commitdiff_plain;h=f58107666fc73a49e965aa7111e899e539d1c4b7;p=kconfig-hardened-check.git Don't use CONFIG_CC_IS_GCC in the checks (it was introduced only in v4.18) --- diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py index 2f9257a..a7beeb7 100644 --- a/kconfig_hardened_check/__init__.py +++ b/kconfig_hardened_check/__init__.py @@ -322,8 +322,8 @@ def add_kconfig_checks(l, arch): # 'self_protection', 'defconfig' l += [KconfigCheck('self_protection', 'defconfig', 'BUG', 'y')] l += [KconfigCheck('self_protection', 'defconfig', 'SLUB_DEBUG', 'y')] - l += [AND(KconfigCheck('self_protection', 'defconfig', 'GCC_PLUGINS', 'y'), - cc_is_gcc)] + gcc_plugins_support_is_set = KconfigCheck('self_protection', 'defconfig', 'GCC_PLUGINS', 'y') + l += [gcc_plugins_support_is_set] l += [OR(KconfigCheck('self_protection', 'defconfig', 'STACKPROTECTOR', 'y'), KconfigCheck('self_protection', 'defconfig', 'CC_STACKPROTECTOR', 'y'), KconfigCheck('self_protection', 'defconfig', 'CC_STACKPROTECTOR_REGULAR', 'y'), @@ -396,7 +396,7 @@ def add_kconfig_checks(l, arch): l += [KconfigCheck('self_protection', 'kspp', 'DEBUG_NOTIFIERS', 'y')] l += [KconfigCheck('self_protection', 'kspp', 'INIT_ON_ALLOC_DEFAULT_ON', 'y')] l += [AND(KconfigCheck('self_protection', 'kspp', 'GCC_PLUGIN_LATENT_ENTROPY', 'y'), - cc_is_gcc)] + gcc_plugins_support_is_set)] l += [KconfigCheck('self_protection', 'kspp', 'KFENCE', 'y')] l += [KconfigCheck('self_protection', 'kspp', 'WERROR', 'y')] l += [KconfigCheck('self_protection', 'kspp', 'IOMMU_DEFAULT_DMA_STRICT', 'y')] @@ -430,7 +430,7 @@ def add_kconfig_checks(l, arch): # That brings higher performance penalty. if arch in ('X86_64', 'ARM64', 'X86_32'): stackleak_is_set = KconfigCheck('self_protection', 'kspp', 'GCC_PLUGIN_STACKLEAK', 'y') - l += [AND(stackleak_is_set, cc_is_gcc)] + l += [AND(stackleak_is_set, gcc_plugins_support_is_set)] l += [KconfigCheck('self_protection', 'kspp', 'RANDOMIZE_KSTACK_OFFSET_DEFAULT', 'y')] if arch in ('X86_64', 'X86_32'): l += [KconfigCheck('self_protection', 'kspp', 'SCHED_CORE', 'y')] @@ -468,10 +468,10 @@ def add_kconfig_checks(l, arch): if arch in ('X86_64', 'ARM64', 'X86_32'): l += [AND(KconfigCheck('self_protection', 'clipos', 'STACKLEAK_METRICS', 'is not set'), stackleak_is_set, - cc_is_gcc)] + gcc_plugins_support_is_set)] l += [AND(KconfigCheck('self_protection', 'clipos', 'STACKLEAK_RUNTIME_DISABLE', 'is not set'), stackleak_is_set, - cc_is_gcc)] + gcc_plugins_support_is_set)] if arch in ('X86_64', 'X86_32'): l += [AND(KconfigCheck('self_protection', 'clipos', 'INTEL_IOMMU_DEFAULT_ON', 'y'), iommu_support_is_set)]