0001 # SPDX-License-Identifier: GPL-2.0-only
0002 config HAVE_GCC_PLUGINS
0003 bool
0004 help
0005 An arch should select this symbol if it supports building with
0006 GCC plugins.
0007
0008 menuconfig GCC_PLUGINS
0009 bool "GCC plugins"
0010 depends on HAVE_GCC_PLUGINS
0011 depends on CC_IS_GCC
0012 depends on $(success,test -e $(shell,$(CC) -print-file-name=plugin)/include/plugin-version.h)
0013 default y
0014 help
0015 GCC plugins are loadable modules that provide extra features to the
0016 compiler. They are useful for runtime instrumentation and static analysis.
0017
0018 See Documentation/kbuild/gcc-plugins.rst for details.
0019
0020 if GCC_PLUGINS
0021
0022 config GCC_PLUGIN_SANCOV
0023 bool
0024 # Plugin can be removed once the kernel only supports GCC 6+
0025 depends on !CC_HAS_SANCOV_TRACE_PC
0026 help
0027 This plugin inserts a __sanitizer_cov_trace_pc() call at the start of
0028 basic blocks. It supports all gcc versions with plugin support (from
0029 gcc-4.5 on). It is based on the commit "Add fuzzing coverage support"
0030 by Dmitry Vyukov <dvyukov@google.com>.
0031
0032 config GCC_PLUGIN_LATENT_ENTROPY
0033 bool "Generate some entropy during boot and runtime"
0034 help
0035 By saying Y here the kernel will instrument some kernel code to
0036 extract some entropy from both original and artificially created
0037 program state. This will help especially embedded systems where
0038 there is little 'natural' source of entropy normally. The cost
0039 is some slowdown of the boot process (about 0.5%) and fork and
0040 irq processing.
0041
0042 Note that entropy extracted this way is not cryptographically
0043 secure!
0044
0045 This plugin was ported from grsecurity/PaX. More information at:
0046 * https://grsecurity.net/
0047 * https://pax.grsecurity.net/
0048
0049 config GCC_PLUGIN_ARM_SSP_PER_TASK
0050 bool
0051 depends on GCC_PLUGINS && ARM
0052
0053 endif
