[PATCH 03/14] security/Kconfig.hardening: Remove tautological condition from FORTIFY_SOURCE

Next message: Nathan Chancellor: "[PATCH 01/14] kbuild: Bump minimum version of LLVM for building the kernel to 17.0.1"
Previous message: Nathan Chancellor: "[PATCH 00/14] Bump minimum version of LLVM for building the kernel to 17.0.1"
In reply to: Nathan Chancellor: "[PATCH 00/14] Bump minimum version of LLVM for building the kernel to 17.0.1"
Next in thread: Nathan Chancellor: "[PATCH 01/14] kbuild: Bump minimum version of LLVM for building the kernel to 17.0.1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Nathan Chancellor

Date: Tue Apr 28 2026 - 23:00:39 EST

Now that the minimum supported version of LLVM for building the kernel
has been raised to 17.0.1, the '!X86_32 || !Clang || Clang > 16'
dependency of CONFIG_FORTIFY_SOURCE is always true, so it can be
removed.

Signed-off-by: Nathan Chancellor <nathan@xxxxxxxxxx>
---
Cc: Kees Cook <kees@xxxxxxxxxx>
Cc: Gustavo A. R. Silva <gustavoars@xxxxxxxxxx>
Cc: linux-hardening@xxxxxxxxxxxxxxx
Cc: linux-security-module@xxxxxxxxxxxxxxx
---
security/Kconfig.hardening | 2 --
1 file changed, 2 deletions(-)

diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening
index a0461d648396..e4f23c08a17a 100644
--- a/security/Kconfig.hardening
+++ b/security/Kconfig.hardening
@@ -213,8 +213,6 @@ menu "Bounds checking"
config FORTIFY_SOURCE
bool "Harden common str/mem functions against buffer overflows"
depends on ARCH_HAS_FORTIFY_SOURCE
- # https://github.com/llvm/llvm-project/issues/53645
- depends on !X86_32 || !CC_IS_CLANG || CLANG_VERSION >= 160000
help
Detect overflows of buffers in common string and memory functions
where the compiler can determine and validate the buffer sizes.

--
2.54.0