security: Add option for explicit stack canaries Add option to enable stack canaries only when explicitely declared. It adds a new function attribute, __stack_protect, that can be used to enable stack protection in a function. Signed-off-by: Flavio Ceolin <flavio.ceolin@gmail.com>

commit: 0236f7c9aa6ccf4389c700b9d134801701fe3a2d [log] [tgz]
author: Flavio Ceolin <flavio.ceolin@gmail.com> Mon Nov 25 15:46:26 2024 -0800
committer: Benjamin Cabé <kartben@gmail.com> Fri Dec 20 12:37:20 2024 +0100
tree: 08887ad4691a3aba7586772fca4844a680c7f877
parent: 82ace41da43a54436a2690996c3a4bcf838f4f0e [diff] [blame]
diff --git a/kernel/compiler_stack_protect.c b/kernel/compiler_stack_protect.c
index 166f43e..d48190c 100644
--- a/kernel/compiler_stack_protect.c
+++ b/kernel/compiler_stack_protect.c

@@ -10,7 +10,8 @@
  *
  * This module provides functions to support compiler stack protection
  * using canaries.  This feature is enabled with configuration
- * CONFIG_STACK_CANARIES=y or CONFIG_STACK_CANARIES_STRONG=y.
+ * CONFIG_STACK_CANARIES=y or CONFIG_STACK_CANARIES_STRONG=y or
+ * CONFIG_STACK_CANARIES_EXPLICIT=y.
  *
  * When this feature is enabled, the compiler generated code refers to
  * function __stack_chk_fail and global variable __stack_chk_guard.
commit	0236f7c9aa6ccf4389c700b9d134801701fe3a2d	[log] [tgz]
author	Flavio Ceolin <flavio.ceolin@gmail.com>	Mon Nov 25 15:46:26 2024 -0800
committer	Benjamin Cabé <kartben@gmail.com>	Fri Dec 20 12:37:20 2024 +0100
tree	08887ad4691a3aba7586772fca4844a680c7f877
parent	82ace41da43a54436a2690996c3a4bcf838f4f0e [diff] [blame]