From ddfaf0e43e9bd4341dc2c24d48ac218f2fb1530a Mon Sep 17 00:00:00 2001 From: Alexander Popov Date: Wed, 24 Jun 2020 15:33:27 +0300 Subject: [PATCH] ARM: vdso: Don't use gcc plugins for building vgettimeofday.c Don't use gcc plugins for building arch/arm/vdso/vgettimeofday.c to avoid unneeded instrumentation. As previously discussed[1]: arm_ssp_per_task_plugin.c 32-bit ARM only (but likely needs disabling for 32-bit ARM vDSO?) cyc_complexity_plugin.c compile-time reporting only latent_entropy_plugin.c this shouldn't get triggered for the vDSO (no __latent_entropy nor __init attributes in vDSO), but perhaps explicitly disabling it would be a sensible thing to do, just for robustness? randomize_layout_plugin.c this shouldn't get triggered (again, lacking attributes), but should likely be disabled too. sancov_plugin.c This should be tracking the KCOV directly (see scripts/Makefile.kcov), which is already disabled here. structleak_plugin.c This should be fine in the vDSO, but there's no security boundary here, so it wouldn't be important to KEEP it enabled. [1] https://lore.kernel.org/lkml/20200610073046.GA15939@willie-the-truck/ Signed-off-by: Alexander Popov Link: https://lore.kernel.org/r/20200624123330.83226-3-alex.popov@linux.com Signed-off-by: Kees Cook --- arch/arm/vdso/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/vdso/Makefile b/arch/arm/vdso/Makefile index d3c9f03e7e79..a54f70731d9f 100644 --- a/arch/arm/vdso/Makefile +++ b/arch/arm/vdso/Makefile @@ -29,7 +29,7 @@ CPPFLAGS_vdso.lds += -P -C -U$(ARCH) CFLAGS_REMOVE_vdso.o = -pg # Force -O2 to avoid libgcc dependencies -CFLAGS_REMOVE_vgettimeofday.o = -pg -Os +CFLAGS_REMOVE_vgettimeofday.o = -pg -Os $(GCC_PLUGINS_CFLAGS) ifeq ($(c-gettimeofday-y),) CFLAGS_vgettimeofday.o = -O2 else