Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp128561yba;
        Tue, 23 Apr 2019 21:09:14 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzLdzDLG1jb/m+FZCaxje3838IUmufWkNjqZKmDBjEPIIK0x67x4lMrHibqtdJlWPQujtP1
X-Received: by 2002:a17:902:7589:: with SMTP id j9mr30464707pll.287.1556078954244;
        Tue, 23 Apr 2019 21:09:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1556078954; cv=none;
        d=google.com; s=arc-20160816;
        b=CCNvJ43HMvOAk5QQZsa2P2GE24ZiZxsJnXBfSs87XU1hcZ46rvEUsKfK4z4t9IyOuC
         /pE5rvWA6JEvj+Ci9ndOZbpP/uc/QdWaxq6pQeExLWDZqEATmfXCs5NL3trInWHMFPjD
         6chqDaHqaBbL5NZfADcyXqrJCvHMW3BhyCdeTqkihrQF0F+I5PDdjM0GnaDUtDLqh9h8
         hEL2qeC1Vh43Nm4mzGhZEaZE/BichoEG7kXflzFqx42HCQ1xa9++u6Ol2VlIZNjtqwxO
         d3TVEJ9IvIttwjZCDZCMpPLNcY6/M4tfxWbUwfTJEyznOrEL+v6ltX7h8+aAQYp5j9WU
         2eag==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature:dkim-filter;
        bh=3UDMqsndkmYz6XKGaN/fOzp7asY1sqsPmCYMIZ/pthA=;
        b=0yDEb69bHIW8G1pCPPsw8BVnEecIk5jc9V0th8g2Qwn4n4xHIIG0nOCySyfIKk/1KQ
         74dTl6pDKimJROkPSQKpMz2GNnUvv3KKE5g0Nfsea1pKW3EGhxFB82uksKslGcnfmaq0
         GgAfpq1eQwvwmfYJmKWlOyXP6tsyHtO/2VhunSjFnw0oQAkuATa/sQuJSgOkEinB43iC
         8gLWd71gZga/SHkToJmLQfjv8kjPe9NaH5MullV9s7Q73qYhm1o3YWN/8RNscqBJLZof
         Hqw7TlZfLNbKbcTAE5t4SnBpwWy1aJkZY9WiS6FmRYqxuVOpJ7btayjEhduGPKJFmssp
         kiTg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=Is9CTZxD;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d2si16094109pgv.22.2019.04.23.21.08.59;
        Tue, 23 Apr 2019 21:09:14 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=Is9CTZxD;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726904AbfDXEHx (ORCPT <rfc822;rao.subba.venkata@gmail.com>
        + 99 others); Wed, 24 Apr 2019 00:07:53 -0400
Received: from conssluserg-03.nifty.com ([210.131.2.82]:25669 "EHLO
        conssluserg-03.nifty.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725862AbfDXEHx (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 24 Apr 2019 00:07:53 -0400
Received: from mail-ua1-f51.google.com (mail-ua1-f51.google.com [209.85.222.51]) (authenticated)
        by conssluserg-03.nifty.com with ESMTP id x3O47PRq031718;
        Wed, 24 Apr 2019 13:07:26 +0900
DKIM-Filter: OpenDKIM Filter v2.10.3 conssluserg-03.nifty.com x3O47PRq031718
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nifty.com;
        s=dec2015msa; t=1556078846;
        bh=3UDMqsndkmYz6XKGaN/fOzp7asY1sqsPmCYMIZ/pthA=;
        h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
        b=Is9CTZxD+gWJS63291bVcYMxueP92S2R+nM3D7Xvbpq+dFAxMvUDbnz0jJKhPVIUZ
         bg9CFT8J0+B4wI5Y1YIetEqbDi+moH7sTW7yp68bmmNUSwOeTVD5cWv/b3IzG6nppx
         aeL+EQ6VCA+mtlbiEFO4bjPdh88INSqW4vVC8q3l0r52hMA+gCZBan91J/wynZ6y5/
         QyhYTTGKi7dsZ9eqri+I4j2EmnGr3RNgxguGet2dzi5aQoWgU2bWVfMISnFwkHN2tH
         U021iLIGB4hcXqjpFvywv+81RuQfzJf3vzRb/gPJqz6J6JwaLC1ehi3L55FcT6PtXg
         wU11win38vfDQ==
X-Nifty-SrcIP: [209.85.222.51]
Received: by mail-ua1-f51.google.com with SMTP id b8so5563144uaq.7;
        Tue, 23 Apr 2019 21:07:26 -0700 (PDT)
X-Gm-Message-State: APjAAAWZviEF0EgvIFpRBuEalk/s+5oExhxXFezBWGXUqaPTYaVPsQiF
        ySZXH8y/eyOGN/iDwNipnNpIp7QUjd5djFkcmfQ=
X-Received: by 2002:ab0:7493:: with SMTP id n19mr1764615uap.121.1556078845150;
 Tue, 23 Apr 2019 21:07:25 -0700 (PDT)
MIME-Version: 1.0
References: <20190423194925.32151-1-keescook@chromium.org>
In-Reply-To: <20190423194925.32151-1-keescook@chromium.org>
From:   Masahiro Yamada <yamada.masahiro@socionext.com>
Date:   Wed, 24 Apr 2019 13:06:49 +0900
X-Gmail-Original-Message-ID: <CAK7LNARuX8XfO=YRX9dYpipyBTCtMbQqLJfuk6iMLfLdZe1-KQ@mail.gmail.com>
Message-ID: <CAK7LNARuX8XfO=YRX9dYpipyBTCtMbQqLJfuk6iMLfLdZe1-KQ@mail.gmail.com>
Subject: Re: [PATCH v3 0/3] Refactor memory initialization hardening
To:     Kees Cook <keescook@chromium.org>
Cc:     Alexander Potapenko <glider@google.com>,
        James Morris <jmorris@namei.org>,
        Alexander Popov <alex.popov@linux.com>,
        Nick Desaulniers <ndesaulniers@google.com>,
        Kostya Serebryany <kcc@google.com>,
        Dmitry Vyukov <dvyukov@google.com>,
        Sandeep Patil <sspatil@android.com>,
        Laura Abbott <labbott@redhat.com>,
        Randy Dunlap <rdunlap@infradead.org>,
        Michal Marek <michal.lkml@markovi.net>,
        Emese Revfy <re.emese@gmail.com>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Kernel Hardening <kernel-hardening@lists.openwall.com>,
        linux-security-module <linux-security-module@vger.kernel.org>,
        Linux Kbuild mailing list <linux-kbuild@vger.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Apr 24, 2019 at 4:49 AM Kees Cook <keescook@chromium.org> wrote:
>
> This refactors the stack memory initialization configs in order to
> keep things together when adding Clang stack initialization, and in
> preparation for future heap memory initialization configs.
>
> I intend to carry this in the gcc-plugins tree, but I'd really like
> to get Acks from Masahiro (Kconfig changes, Makefile change), and
> from James (adding the new Kconfig.hardening to security/Kconfig).

If needed,
Acked-by: Masahiro Yamada <yamada.masahiro@socionext.com>


> Thanks!
>
> -Kees
>
> v3:
> - clean up menu/if with a merged "depends on" (masahiro)
> - add CONFIG_COMPILE_TEST defaults (masahiro)
>
> v2:
> - add plugin menu (masahiro)
> - adjust patch subject prefixes (masahiro)
> - drop redundent "depends" (masahiro)
> - fixed early use of CC_HAS_AUTO_VAR_INIT (masahiro)
> - dropped default-enabled for STACK_INIT_ALL (masahiro)
>
>
> Kees Cook (3):
>   security: Create "kernel hardening" config area
>   security: Move stackleak config to Kconfig.hardening
>   security: Implement Clang's stack initialization
>
>  Makefile                    |   5 ++
>  scripts/gcc-plugins/Kconfig | 126 ++-------------------------
>  security/Kconfig            |   2 +
>  security/Kconfig.hardening  | 164 ++++++++++++++++++++++++++++++++++++
>  4 files changed, 177 insertions(+), 120 deletions(-)
>  create mode 100644 security/Kconfig.hardening
>
> --
> 2.17.1
>


-- 
Best Regards
Masahiro Yamada