Hi guys ,
Hiding GCC can allow for greater security when the kernel is studied by an attacker,
while also being protected from forensic analysis.
Modification kernel/init/Kconfig
# hide the GCC version
config CC_VERSION_TEXT
string
default "1111111111111111111"
------
config GCC_VERSION
int
default "1111111111111111111" if CC_IS_GCC
default 0
------ -- ---
# hide identification
config AS_IS_GNU
def_bool $(success,test "$(as-name)" = 11111)
config AS_IS_LLVM
def_bool $(success,test "$(as-name)" = 11111)
--------------
# hide forensic identification
config AS_VERSION
int
# Use clang version if this is the integrated assembler
default CLANG_VERSION if AS_IS_LLVM
default "1111111111111111111"
config LD_VERSION
int
default "1111111111111111111" if LD_IS_BFD
default 0
-------------------------
Example .
CONFIG_AS_VERSION=23800
This allows the proximity of a kernel version 5.15.x 5.16.x Kernel
This allows for forensic analysis.
The kernel build is correct.
it is better to hide as much information from the kernel that can be used