Received: by 10.223.185.116 with SMTP id b49csp1490597wrg; Sun, 11 Feb 2018 13:22:59 -0800 (PST) X-Google-Smtp-Source: AH8x227aoT05q30cOmqEhbJ1aoLzepnUXjP55l92OWBj+pxKo02MN3nJ6E7mgdtntH0Yq/akuINs X-Received: by 10.99.120.143 with SMTP id t137mr7833549pgc.79.1518384179070; Sun, 11 Feb 2018 13:22:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518384179; cv=none; d=google.com; s=arc-20160816; b=lOtCMnk9YpJDAgUYWTU6i0kT2621IQHQhz7azajj8lauV7CV7519kmbdxOqN1lT3AH +iS0UveaHyXIOd2ilwgzWjwQISmIg5tEiuFifjI2qk4294HseexYPd35RG+E3ya66IEB zssDWDajDt3W0t1HXpQodTN5QxbOVKRzBB5enZ7PXpPWq9IPGmVO7kAZCUlJSec9KKHa UQnD87FX1+0o9IePp9PVxAJsJ9K3KgCTSeHefhi+jAiz5Jgo0RrDNibciLHreggbn+Qd twEz4RgJ9HsraaNrLmbDrnUsPRQ0WAKVfJmVw/0el8Vto6xzAJeteGUrdpZ+oqrJrLR0 U0GQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=1vyb5DlEF7a3OaSuw5gBD93M0Wa9TQ0rNw1txN91hsw=; b=Np42O9uRzBxXg92jo5fp2AW86JMEIEk6DbUvgQzJCltetnAzym9YcQMPIp2wzYrJ/a 4gulq2MaVv1dE2kOd+hFlEwhHHFho4581YoTjmXWHICx5GWx3UJnrOY/yGi2ZS81++4F oZrAhqNR5hxv8JJB44vumRHJbD/f5SSQqLvyKzh5El/5TypMtCvryvl9dptsm0vw5cgT 44FFfnxKTKgLTi1iIfwLmsb8viJqLj75bL9QEtANo0ghP7eJOkeI/rEqye6337aQAijZ 58SJjnJpHnvaWC+4uZPYEXRV64kDQdRYyKmODOYgY58aHknIVLug/U4TME9kPtZoY214 xZVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=by2EBk94; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m3si2841674pgc.830.2018.02.11.13.22.45; Sun, 11 Feb 2018 13:22:59 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=by2EBk94; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753817AbeBKVWI (ORCPT + 99 others); Sun, 11 Feb 2018 16:22:08 -0500 Received: from mail-ua0-f179.google.com ([209.85.217.179]:35331 "EHLO mail-ua0-f179.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752948AbeBKVWG (ORCPT ); Sun, 11 Feb 2018 16:22:06 -0500 Received: by mail-ua0-f179.google.com with SMTP id n1so8346687uaa.2; Sun, 11 Feb 2018 13:22:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=1vyb5DlEF7a3OaSuw5gBD93M0Wa9TQ0rNw1txN91hsw=; b=by2EBk94zvdsHprNbndrmJ+eAN0cQDOX2qRpjMv/nayExevX7+BQr915uvY2k5NYEk /t3RPiVOKkGNFxidsGyHPYR3KMNYgdWjTzU3ObewQW5tdxTjwNgX0NzxZg2GNUqfigb9 ALZLXDWowi4VX7xpVrOYkZn92fbaK6Vntk4B+tcT7nJpySDznE2Vk0/RoYCK+YzI39Er i6GNNwkeIauO645U7ySKZje1Lb5pBBvwfRP+UZph8NTPnVtMi1YDVNPEB3ZWp6Kv4FZd CzgPbzYiTert97MttnjSuT9g8gDqw7R5neqGtKGCkehgsT6VQeYIkoI/YQ17PLLN1twT ad0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=1vyb5DlEF7a3OaSuw5gBD93M0Wa9TQ0rNw1txN91hsw=; b=GSsI3S3+4H3sYWjyIYHRhSDzCzYVbawtivkImUKjzetIff/a6fsYfMsBd8SPxHlYkT k2p/yTJO+pE9W9pAYLYxBe3KEGSXnmUCxN4A41+VET3D+LWHbaoO2q6Eqjcf8MtujDI8 kJhBtnXVGOxGtcMPTZ1uvu2+zT8bO9RsDHMRGitoRD7OTOF9YiSFOPxsSdtMKtliDvXi oP6QOVQhUiS5rSxwt0rPZprXqsyzb/qZ8xaOTb/b7naRgdJYyTeMm/nUU8EU2W/ryjoi vNcMUjPwb98gz1rRTMwoqR4l93xQZ9R0s1RUW6QxLBZuOBKoEUFSpybmarSMItzTQ5lU 2YeA== X-Gm-Message-State: APf1xPCQ0CmRrg76P4yFPBXmXAkNmL1zecC2d5TF/RkYEwV04rZcZlBW /cdjPpTtmzoVs8cnrdZuSRR6HKkHBYQkPYHR0xgHdLJLxWk= X-Received: by 10.176.76.93 with SMTP id d29mr10255238uag.89.1518384125264; Sun, 11 Feb 2018 13:22:05 -0800 (PST) MIME-Version: 1.0 Received: by 10.103.70.21 with HTTP; Sun, 11 Feb 2018 13:22:04 -0800 (PST) In-Reply-To: References: <20180210054843.z3g7wvcmlccvww3h@huvuddator> <20180210074924.3nhxsza5zdbaahxx@huvuddator> <20180210080556.mycqsjhxbaguwhay@huvuddator> <20180210085519.737ckf4bcl57h4g2@huvuddator> <20180211103432.pf2ot6nd7nbhdhsy@huvuddator> From: Ulf Magnusson Date: Sun, 11 Feb 2018 22:22:04 +0100 Message-ID: Subject: Re: [RFC PATCH 4/7] kconfig: support new special property shell= To: Kees Cook Cc: Linus Torvalds , Masahiro Yamada , Linux Kbuild mailing list , Greg Kroah-Hartman , Andrew Morton , Nicolas Pitre , "Luis R . Rodriguez" , Randy Dunlap , Sam Ravnborg , Michal Marek , Martin Schwidefsky , Pavel Machek , linux-s390 , Jiri Kosina , Linux Kernel Mailing List , Tejun Heo , Ingo Molnar , "Van De Ven, Arjan" , Arnd Bergmann Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Feb 11, 2018 at 6:56 PM, Kees Cook wrote: >> 3. Whether to implement CC_STACKPROTECTOR_AUTO in Kconfig or the Makefiles >> >> I'd just go with whatever is simplest here. I don't find the Kconfig version >> too bad, but I'm already very familiar with Kconfig, so it's harder for me to >> tell how it looks to other people. >> >> I'd add some comments to explain the idea in the final version. >> >> @Kees: >> I was assuming that the Makefiles would error out with a message if none of the >> CC_STACKPROTECTOR_* variables are set, in addition to the Kconfig warning. > > That doesn't happy either before nor after _AUTO. The default value > before was _NONE, and the default value after is _AUTO, which will use > whatever is available. I was thinking in the case where you explicitly select one of CC_STACKPROTECTOR_{STRONG,REGULAR} and it isn't available. With the new WANT_* version, that will cause none of CC_STACKPROTECTOR_{STRONG,REGULAR,NONE} to be set, and in that case you'd error out to match the old behavior (if I understand it correctly). CHOSEN_CC_STACKPROTECTOR_AVAILABLE would just be a helper symbol to detect that case. It's not like it's a huge deal to detect it on the Makefile end either, but turns it pretty nice and readable, IMO, with more of the logic in a single location. >> # User request >> WANT_CC_STACKPROTECTOR_AUTO >> WANT_CC_STACKPROTECTOR_STRONG >> WANT_CC_STACKPROTECTOR_REGULAR >> WANT_CC_STACKPROTECTOR_NONE >> >> # The actual "output" to the Makefiles >> CC_STACKPROTECTOR_STRONG >> CC_STACKPROTECTOR_REGULAR >> CC_STACKPROTECTOR_NONE > > This should be fine too (though by this point, I think Kconfig would > already know the specific option, so it could just pass it with a > single output (CC_OPT_STACKPROTECTOR below?) Ah, yeah, that'd be simpler if all that's needed is the compiler flag. Cheers, Ulf