[Ksummit-discuss] [TECH TOPIC] is Kconfig a bit hard sometimes?
Kees Cook
keescook at chromium.org
Tue Jun 27 20:41:14 UTC 2017
On Tue, Jun 27, 2017 at 6:58 AM, Sergey Senozhatsky
<sergey.senozhatsky.work at gmail.com> wrote:
> Hello,
>
> am I the only one who struggle with the Kconfig sometimes? can there
> be a way to make it more general/simpler, in some parts at least? e.g.
> the hardening effort? (just an example. *ABSOLUTELY NOT* blaming Kess
> or anyone else who is involved, that's not the point, they are doing
> great job, no doubt. it's just the most recent thing I saw was
> CONFIG_SLAB_MERGE_DEFAULT). do people who really want to harden their
> kernels go all-in anyway (enable all of the options at once)? if so,
> can there be a single Kconfig option then? just curious.
We've removed failed "single Kconfig options" in the past (e.g.
CONFIG_EXPERIMENTAL), so I'm not excited about trying that again. I
agree with Linus, though, Kconfig is still a mess.
As for why I think CONFIG_HARDENED specifically wouldn't work is
because of distro tolerances for security features. Some things are
"too much" for them (e.g. slab sanitization), but they want things
with lower overhead (e.g. hardened usercopy). And if one feature is
going to be under CONFIG_HARDENED, but not the other, then why not? Do
we then need CONFIG_HARDENED_A_LITTLE and CONFIG_HARDENED_PARANOID?
And then that'll get bike-shed too. Ultimately providing granularity
appears to be better than not providing it, but we still end up with
the mess that in Kconfig... :(
(I see mention of "make def..." in other replies, I'll comment there next...)
-Kees
--
Kees Cook
Pixel Security
More information about the Ksummit-discuss
mailing list