From patchwork Sun Jun 12 22:12:44 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Emese Revfy <re.emese@gmail.com>
X-Patchwork-Id: 9171769
Return-Path: 
 <kernel-hardening-return-3395-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	93E3A60574 for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Sun, 12 Jun 2016 22:06:27 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 84C0F1FF15
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Sun, 12 Jun 2016 22:06:27 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 787CF21327; Sun, 12 Jun 2016 22:06:27 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_MED,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.wl.linuxfoundation.org (Postfix) with SMTP id 9044A1FF15
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
	Sun, 12 Jun 2016 22:06:26 +0000 (UTC)
Received: (qmail 18085 invoked by uid 550); 12 Jun 2016 22:06:22 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Reply-To: kernel-hardening@lists.openwall.com
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 17953 invoked from network); 12 Jun 2016 22:06:06 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=date:from:to:cc:subject:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding;
	bh=djhjElseU0zSgj/e6/mkgTbE/JWQJ2oGsuHsgUTP4v4=;
	b=epFC6z9asGqHFiOouT4C0bwgyz4wQPpvjNlxi613y/FuDbxEMhkyMFqieMeQvej5FW
	fsDCEsENmUDWgAHJ8d74YVKQd50mNGl0jKSC1PBlsbgpMnrj13CcfO1KcSAxCOd6OkzG
	HdLawy4O7k+V1Y3g5PKgj8fJBMYSVX9OA6pPzDHOrMqMgEc8H+ntgcfrP1TjznQkl2St
	7y6hFpGXGKDhdNamEwtN9IcYYGmubqf/8p8YJdk9UmBJgGuWrE0zasROlg3dd9wg6aC2
	VA3ppVV7+le2IROvoBXNVHU/Z94XlabmCTt6iLDC5AEHzsZ36RersXMI7qFhzHlSGphU
	kPug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to
	:references:mime-version:content-transfer-encoding;
	bh=djhjElseU0zSgj/e6/mkgTbE/JWQJ2oGsuHsgUTP4v4=;
	b=EglSK8vujdrF9hnROutpjJ0z9VhjOz/wwgL0ty2516SZSv/Jcsx4tSNKTdJZ/nKX67
	mNQeHhD4kIYqUJoErSSfMN6lpzeJLMY6MdN6YTPfput7PqXV0vv6rYPf3xlzl5zH/VGa
	bfZfE43yxuuhIGu0dPQNdloGxPvz5+MpIpXELoXFdhAjfg7xne8BHAVagPvcMntznf8F
	WaEYhXpq69asJlCgzCf9nbRPuiiTp50+xT5Hj3f7mokwaB0FOlXl4O+YaSf9q8qfkfII
	MwBnpye7GpgTIumt5hgphga/ChnRYgR7asdOZ+vDmN+7pm/kjwwDKok0QRfhG4O9aXvH
	Q9Qw==
X-Gm-Message-State: 
 ALyK8tI8tVHUEMErZ58F7hdh3LLqz3a8puE84f4KBAoofsANxweJuJt94+MS8Zd4HR/oZw==
X-Received: by 10.28.30.149 with SMTP id e143mr8117845wme.81.1465769155292;
	Sun, 12 Jun 2016 15:05:55 -0700 (PDT)
Date: Mon, 13 Jun 2016 00:12:44 +0200
From: Emese Revfy <re.emese@gmail.com>
To: Paul Gortmaker <paul.gortmaker@windriver.com>
Cc: Kees Cook <keescook@chromium.org>, Michal Marek <mmarek@suse.com>,
	Stephen Rothwell <sfr@canb.auug.org.au>, Sudip Mukherjee
	<sudipm.mukherjee@gmail.com>, Linux-Next <linux-next@vger.kernel.org>,
	<linux-kernel@vger.kernel.org>, <kernel-hardening@lists.openwall.com>
Message-Id: <20160613001244.b4b3c675d59e3ad3d8d656a4@gmail.com>
In-Reply-To: <20160611162926.GL12567@windriver.com>
References: <20160611161212.GA29370@www.outflux.net>
	<20160611162926.GL12567@windriver.com>
X-Mailer: Sylpheed 3.5.0 (GTK+ 2.24.30; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Subject: [kernel-hardening] Re: [PATCH] gcc-plugins: disable under
	COMPILE_TEST
X-Virus-Scanned: ClamAV using ClamSMTP

On Sat, 11 Jun 2016 12:29:26 -0400
Paul Gortmaker <paul.gortmaker@windriver.com> wrote:

> [[PATCH] gcc-plugins: disable under COMPILE_TEST] On 11/06/2016 (Sat 09:12) Kees Cook wrote:
> 
> > Since adding the gcc plugin development headers is required for the
> > gcc plugin support, we should ease into this new kernel build dependency
> > more slowly. For now, disable the gcc plugins under COMPILE_TEST so that
> > all*config builds will skip it.
> 
> Wouldn't it be better to test compile a one line program that tries to
> source the header(s) and then react accordingly?

The scripts/gcc-plugin.sh script does exactly that.
 
> Then at least you would get the test coverage from people who have the
> headers installed who are doing all[yes|mod]config.  This "for now"
> solution doesn't really have a path forward other than assuming all
> distros install the plugin headers sometime in the future.
> 
> Either way, this is an improvement over the current situation, so thanks
> for that.

If it is not too late I think this patch would be better:


When there is no gcc plugin support then don't compile the plugins
(but still print a warning). This allows building allyes/allmod configs
until the gcc plugin headers get installed.
    
Signed-off-by: Emese Revfy <re.emese@gmail.com>
---
 Makefile                     | 6 +++---
 scripts/Makefile.gcc-plugins | 8 ++++----
 2 files changed, 7 insertions(+), 7 deletions(-)


--
2.8.1

diff --git a/Makefile b/Makefile
index a49c075..715210c 100644
--- a/Makefile
+++ b/Makefile
@@ -623,15 +623,15 @@ endif
 # Tell gcc to never replace conditional load with a non-conditional one
 KBUILD_CFLAGS	+= $(call cc-option,--param=allow-store-data-races=0)
 
+include scripts/Makefile.gcc-plugins
+
 PHONY += gcc-plugins
 gcc-plugins: scripts_basic
-ifdef CONFIG_GCC_PLUGINS
+ifneq ($(GCC_PLUGINS_CFLAGS),)
 	$(Q)$(MAKE) $(build)=scripts/gcc-plugins
 endif
 	@:
 
-include scripts/Makefile.gcc-plugins
-
 ifdef CONFIG_READABLE_ASM
 # Disable optimizations that make assembler listings hard to read.
 # reorder blocks reorders the control in the function
diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins
index c7372cb..2f101ea 100644
--- a/scripts/Makefile.gcc-plugins
+++ b/scripts/Makefile.gcc-plugins
@@ -21,6 +21,7 @@ ifdef CONFIG_GCC_PLUGINS
         CFLAGS_KCOV := $(SANCOV_PLUGIN)
       else
         $(warning warning: cannot use CONFIG_KCOV: -fsanitize-coverage=trace-pc is not supported by compiler)
+        CFLAGS_KCOV =
       endif
     endif
   endif
@@ -37,13 +38,12 @@ ifdef CONFIG_GCC_PLUGINS
       else
         $(warning warning: your gcc version does not support plugins, you should upgrade it to gcc 4.5 at least)
       endif
+      GCC_PLUGINS_CFLAGS =
     endif
-  else
-    # SANCOV_PLUGIN can be only in CFLAGS_KCOV because avoid duplication.
-    GCC_PLUGINS_CFLAGS := $(filter-out $(SANCOV_PLUGIN), $(GCC_PLUGINS_CFLAGS))
   endif
 
-  KBUILD_CFLAGS += $(GCC_PLUGINS_CFLAGS)
+  # SANCOV_PLUGIN can be only in CFLAGS_KCOV because avoid duplication.
+  KBUILD_CFLAGS += $(filter-out $(SANCOV_PLUGIN), $(GCC_PLUGINS_CFLAGS))
   GCC_PLUGIN := $(gcc-plugin-y)
 
 endif