diff options
| author | Kees Cook <kees@kernel.org> | 2025-03-07 20:29:26 -0800 |
|---|---|---|
| committer | Kees Cook <kees@kernel.org> | 2025-03-08 09:16:42 -0800 |
| commit | d70da12453ac3797e0c54884305ccc894e8c817b (patch) | |
| tree | 2423e1b4aea4eb9f4fc3e7466cad3cc0e86f2e28 /security | |
| parent | 16cb16e0d28501f6eef7071675f1ffbceea8dd0d (diff) | |
hardening: Enable i386 FORTIFY_SOURCE on Clang 16+
The i386 regparm bug exposed with FORTIFY_SOURCE with Clang was fixed
in Clang 16[1].
Link: https://github.com/llvm/llvm-project/commit/c167c0a4dcdb998affb2756ce76903a12f7d8ca5 [1]
Reviewed-by: Nathan Chancellor <nathan@kernel.org>
Link: https://lore.kernel.org/r/20250308042929.1753543-2-kees@kernel.org
Signed-off-by: Kees Cook <kees@kernel.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/Kconfig.hardening | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening index 23ffb0d7c845..c17366ce8224 100644 --- a/security/Kconfig.hardening +++ b/security/Kconfig.hardening @@ -286,7 +286,7 @@ config FORTIFY_SOURCE bool "Harden common str/mem functions against buffer overflows" depends on ARCH_HAS_FORTIFY_SOURCE # https://github.com/llvm/llvm-project/issues/53645 - depends on !CC_IS_CLANG || !X86_32 + depends on !X86_32 || !CC_IS_CLANG || CLANG_VERSION >= 160000 help Detect overflows of buffers in common string and memory functions where the compiler can determine and validate the buffer sizes. |