[PATCH 04/14] security/Kconfig.hardening: Remove tautological condition from CC_HAS_RANDSTRUCT
Nathan Chancellor
nathan at kernel.org
Wed Apr 29 02:59:10 UTC 2026
Now that the minimum supported version of LLVM for building the kernel
has been raised to 17.0.1, the '!Clang || Clang >= 16' dependency for
CONFIG_CC_HAS_RANDSTRUCT is always true, so it can be removed.
Signed-off-by: Nathan Chancellor <nathan at kernel.org>
---
Cc: Kees Cook <kees at kernel.org>
Cc: Gustavo A. R. Silva <gustavoars at kernel.org>
Cc: linux-hardening at vger.kernel.org
Cc: linux-security-module at vger.kernel.org
---
security/Kconfig.hardening | 3 ---
1 file changed, 3 deletions(-)
diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening
index e4f23c08a17a..b90cf9ed4642 100644
--- a/security/Kconfig.hardening
+++ b/security/Kconfig.hardening
@@ -274,9 +274,6 @@ endmenu
config CC_HAS_RANDSTRUCT
def_bool $(cc-option,-frandomize-layout-seed-file=/dev/null)
- # Randstruct was first added in Clang 15, but it isn't safe to use until
- # Clang 16 due to https://github.com/llvm/llvm-project/issues/60349
- depends on !CC_IS_CLANG || CLANG_VERSION >= 160000
choice
prompt "Randomize layout of sensitive kernel structures"
--
2.54.0
More information about the Linux-security-module-archive
mailing list