Merge tag 'hardening-v5.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...

Pull hardening updates from Kees Cook:

 - Expand lib/test_stackinit to include more initialization styles

 - Improve Kconfig for CLang's auto-var-init feature

 - Introduce support for GCC's zero-call-used-regs feature

* tag 'hardening-v5.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  lib/test_stackinit: Add assigned initializers
  lib/test_stackinit: Allow building stand-alone
  lib/test_stackinit: Fix static initializer test
  hardening: Clarify Kconfig text for auto-var-init
  hardening: Introduce CONFIG_ZERO_CALL_USED_REGS

diff --combined Makefile
index 61741e9d9c6e61ffb234a5f19de2ed56fc36c03d,5def36c7882ae0c61797b1ae1bb3c3c1e261f425..2af6e2f171037db50c7409cd596da76b5d0c86a6
--- 1/Makefile
--- 2/Makefile
+++ b/Makefile
@@@ -2,7 -2,7 +2,7 @@@
  VERSION = 5
  PATCHLEVEL = 14
  SUBLEVEL = 0
 -EXTRAVERSION = -rc2
 +EXTRAVERSION =
  NAME = Opossums on Parade
  
  # *DOCUMENTATION*
@@@ -546,6 -546,7 +546,6 @@@ export RCS_TAR_IGNORE := --exclude SCC
  PHONY += scripts_basic
  scripts_basic:
        $(Q)$(MAKE) $(build)=scripts/basic
 -      $(Q)rm -f .tmp_quiet_recordmcount
  
  PHONY += outputmakefile
  ifdef building_out_of_srctree
@@@ -841,6 -842,11 +841,11 @@@ endi
  # for the randomize_kstack_offset feature. Disable it for all compilers.
  KBUILD_CFLAGS += $(call cc-option, -fno-stack-clash-protection)
  
+ # Clear used registers at func exit (to reduce data lifetime and ROP gadgets).
+ ifdef CONFIG_ZERO_CALL_USED_REGS
+ KBUILD_CFLAGS += -fzero-call-used-regs=used-gpr
+ endif
+ 
  DEBUG_CFLAGS  :=
  
  # Workaround for GCC versions < 5.0
@@@ -1316,16 -1322,6 +1321,16 @@@ PHONY += scripts_unifde
  scripts_unifdef: scripts_basic
        $(Q)$(MAKE) $(build)=scripts scripts/unifdef
  
 +# ---------------------------------------------------------------------------
 +# Install
 +
 +# Many distributions have the custom install script, /sbin/installkernel.
 +# If DKMS is installed, 'make install' will eventually recuses back
 +# to the this Makefile to build and install external modules.
 +# Cancel sub_make_done so that options such as M=, V=, etc. are parsed.
 +
 +install: sub_make_done :=
 +
  # ---------------------------------------------------------------------------
  # Tools