This is the mail archive of the libc-help@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: -fno-stack-protector


Mike Frysinger <vapier@gentoo.org> wrote:

> On Monday 05 May 2008, Mark Seaborn wrote:
> > It would be useful if glibc knew how to turn gcc's stack-protector
> > option off.  This patch should do the trick.  If -fno-stack-protector
> > is available it adds it to CFLAGS:
> 
> ugh, no.  this is the opposite of what we should do.  glibc should
> detect that it's being built with SSP and so account for it.  we
> build glibc with SSP in Hardened Gentoo.  we havent bothered posting
> the changes to the libc lists though as we've always been told that
> what we want to do (build glibc with SSP) is stupid.

OK, I found the changes you were referring to.  This file makes ld.so
build with -fstack-protector:
http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c?rev=1.4&view=markup
and this adds it into the glibc source tree:
http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-libs/glibc/glibc-2.7.ebuild?rev=1.12&view=markup

Not sure I like the idea of having ld.so know about syslog.

I think you should post changes like this.  It helps the rest of us
understand glibc if nothing else.

Cheers,
Mark


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]