Received: by 10.223.176.5 with SMTP id f5csp1117798wra; Fri, 9 Feb 2018 12:47:51 -0800 (PST) X-Google-Smtp-Source: AH8x225vPNx2LAXOlcu4DZoUMMLoz7Yg4MydOZST8oBcvQ6qRHcuU0f3llhLuQk8UbBX7GICkUhN X-Received: by 10.101.76.204 with SMTP id n12mr3306953pgt.15.1518209271173; Fri, 09 Feb 2018 12:47:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518209271; cv=none; d=google.com; s=arc-20160816; b=RxjFW+7oZsAG9pRR2LLDKz7JRHdHvmBiqRkhyDFMIJE+QrxVeLmVFoGI+M16D9BGZl YcQNIs/gj3ha+5CCcwzt6NvPfIhxcPgZcfa7yUC9ECRTta/JaVdVPMpgjIV/+RevBXWr 0tBOORQL7wjG4qAcZSLETlSEFK8gzRZYvUVU8+apz82cHdayQkYPMUVgSTqEkrBBvf5H rGL8ZeWLXQtJI7vX8HEs7JyYkUbec13AqxJqoowD14Oe/lL+rURA4iZNTrk1PDhiRGbN wR42lN59sC8VuJpfWvn/IBqAVseas40nmIbksT70qKtGESz55q0inZSuPqkZvkF5+aHK dR5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=6PC8hQ9mCf8ZdabxOnS9ErVkr7oe8MONPGfLcC6GHKw=; b=B36ptm5iBQF+v+1RlOIlTWyefxWnUYQ3XCOIuG7fXbDP5zEKiohu60TK+2FbqBoZiu sjee4YCcCczAqO8lPAlsehMap67sbw8y2W/nHfV65Q8o3QT8Hah6xTc2/BbkrQ8/4zxy lhpHJhF/T95bI5niITx7yJ8liacxSZYPgCAk4eLvb7PN5palzvZymNJp4ZQRIo6pExUw mg7FZ+H9y/oNjcFkwnKVQoHJPjGtVHdGKq8qgAGN99GwMPPnhHVULtSQABcgFKBaWqe+ 4XyRbNbiW4AolXzAgy9nx6v+in896Ae12BbOXl/GqE80iG18ttpfoOc1XROs5Q576A3H zGFw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=pAValYke; dkim=fail header.i=@chromium.org header.s=google header.b=K5SR4Kf3; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u23si1785737pgv.642.2018.02.09.12.47.36; Fri, 09 Feb 2018 12:47:51 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=pAValYke; dkim=fail header.i=@chromium.org header.s=google header.b=K5SR4Kf3; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752719AbeBIUq6 (ORCPT + 99 others); Fri, 9 Feb 2018 15:46:58 -0500 Received: from mail-ua0-f196.google.com ([209.85.217.196]:37706 "EHLO mail-ua0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752532AbeBIUq4 (ORCPT ); Fri, 9 Feb 2018 15:46:56 -0500 Received: by mail-ua0-f196.google.com with SMTP id q8so5996147uae.4 for ; Fri, 09 Feb 2018 12:46:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=6PC8hQ9mCf8ZdabxOnS9ErVkr7oe8MONPGfLcC6GHKw=; b=pAValYke6MkF4Cpfo6VX5tmoWojWR/+zHh3bFEihAZvrjyHXZ0/sxFs4U1uRjkK66T X5VnDrNAktKRgwMjQJ166MMyRn5XcfpkbPe6RiHBTS/AHvhlHeO03WHOYLCBMLcuJ3i1 ddUQkaY6INpgshJ6lT7Tw2TqPZfZTWxLY1FGaq91bWQcCaf1Phg42liAkUXYh+BgQFWu h7MG4Dmhv6zpIKEHOW2vVSqhRjNksROVcNmwIaprcqfXFQg2sGlsSZZ+pVE3Jp/wlxIx jtb/pT6RkmhiKgicYGZVfj1phJVwYcTuNCXax1Mk4VKaxXIj9ULhBySVHDf4V5ws6IMf e6DQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=6PC8hQ9mCf8ZdabxOnS9ErVkr7oe8MONPGfLcC6GHKw=; b=K5SR4Kf3a5mVC3HXUHeRMEW/ISbqBd39KgySKRz/4bokEW1X0yRTw0fDJ+9XYAQkvj Z/SOsMz8q69HiKQ/PXfnyDpjPOrybjE4pLA2NNEgSkl1r49ozDSXYquKgJyP0EH+ucuC lbf2MnDkeX1ONLzqMSclWUqrQrTDKhmZGNjek= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=6PC8hQ9mCf8ZdabxOnS9ErVkr7oe8MONPGfLcC6GHKw=; b=CsliGDULgcfSKxTbUotHSomdMfFhftJTbE8u0+FAHYyWTvcvlgKxbK38BfA5QFFLg2 vg9upSAjywj9rUutzkGijzapPsuLeBiqViM9QNygarictLJ3SDiA8/nSO8NnuLpbXROJ MXkH3r3aJskr4oCZrQKDsZMUadqhZLgHK5kwJXghBMc7MefY18yN/vcb+X8O2/B36Gu5 B7dPTNLyUatmV0bLp5vTaoeEl9BPoISicBqGbVxXW3JdlNf1ilAgc5Z4d1WBlwe2O86g B0pkHKcPCEN6Dvbk9aWusRFcuR7gxo0O4txtzGRKihRwfe6IlCAGATewISLizrPF0jVA aH1A== X-Gm-Message-State: APf1xPDdgnX/3wG85KlIMx/35nMkb3JQh6xvpk5Pid5OlvWufpMvMh2d oZv///Em4EDuVQT1hCEVsByeW2hRrIkINyNQA0wUOw== X-Received: by 10.159.59.41 with SMTP id i41mr4063050uah.38.1518209215579; Fri, 09 Feb 2018 12:46:55 -0800 (PST) MIME-Version: 1.0 Received: by 10.31.67.196 with HTTP; Fri, 9 Feb 2018 12:46:54 -0800 (PST) In-Reply-To: <20180209124607.akjhncb5sempjqcn@huvuddator> References: <1518106752-29228-1-git-send-email-yamada.masahiro@socionext.com> <1518106752-29228-5-git-send-email-yamada.masahiro@socionext.com> <20180209053038.pscoijvowmyudyzf@huvuddator> <20180209124607.akjhncb5sempjqcn@huvuddator> From: Kees Cook Date: Fri, 9 Feb 2018 12:46:54 -0800 X-Google-Sender-Auth: RQ7LYjlC-VkLo3ue1pgqQ6eDWnI Message-ID: Subject: Re: [RFC PATCH 4/7] kconfig: support new special property shell= To: Ulf Magnusson Cc: Masahiro Yamada , Linux Kbuild mailing list , Linus Torvalds , Greg Kroah-Hartman , Andrew Morton , Nicolas Pitre , "Luis R . Rodriguez" , Randy Dunlap , Sam Ravnborg , Michal Marek , Martin Schwidefsky , Pavel Machek , linux-s390 , Jiri Kosina , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 9, 2018 at 4:46 AM, Ulf Magnusson wrote: > One thing that makes Kconfig confusing (though it works well enough in > practice) is that .config files both record user selections (the saved > configuration) and serve as a configuration output format for make. > > It becomes easier to think about .config files once you realize that > assignments to promptless symbols never have an effect on Kconfig > itself: They're just configuration output, intermixed with the saved > user selections. > > Assume 'option env' symbols got written out for example: > > - For a non-user-assignable symbol, the entry in the .config > file is just configuration output and ignored by Kconfig, > which will fetch the value from the environment instead. > > - For an assignable 'option env' symbol, the entry in the > .config file is a saved user selection (as well as > configuration output), and will be respected by Kconfig. In the stack-protector case, this becomes quite important, since the goal is to record the user's selection regardless of compiler capability. For example, if someone selects _REGULAR, it shouldn't "upgrade" to _STRONG. (Similarly for _NONE.) Having _AUTO provides a way to pick "best possible for this compiler", though. If a user had previously selected _STRONG but they're doing builds with an older compiler (or a misconfigured newer compiler) without support, the goal is to _fail_ to build, not silently select _REGULAR. So, in this case, what's gained is the logic for _AUTO, and the logic to not show, say, _STRONG when it's not available in the compiler. But we must still fail to build if _STRONG was in the .config. It can't silently rewrite it to _REGULAR because the compiler support for _STRONG regressed. -Kees -- Kees Cook Pixel Security