From mboxrd@z Thu Jan 1 00:00:00 1970 From: Carlos Santos Date: Wed, 28 Nov 2018 08:43:50 -0200 (BRST) Subject: [Buildroot] [PATCH next] tpm2-abrmd: fix build without stack smashing protection (SSP) In-Reply-To: <1736816953.3407907.1542981684876.JavaMail.zimbra@datacom.com.br> References: <20181121174337.341-1-casantos@datacom.com.br> <20181121210652.5c083b7b@windsurf> <864064258.3113009.1542851218627.JavaMail.zimbra@datacom.com.br> <1736816953.3407907.1542981684876.JavaMail.zimbra@datacom.com.br> Message-ID: <1951917496.561443.1543401830342.JavaMail.zimbra@datacom.com.br> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: buildroot@busybox.net > From: "DATACOM" > To: "Thomas Petazzoni" > Cc: "buildroot" > Sent: Sexta-feira, 23 de novembro de 2018 12:01:24 > Subject: Re: [Buildroot] [PATCH next] tpm2-abrmd: fix build without stack smashing protection (SSP) >> From: "DATACOM" >> To: "Thomas Petazzoni" >> Cc: "buildroot" >> Sent: Quarta-feira, 21 de novembro de 2018 23:46:58 >> Subject: Re: [Buildroot] [PATCH next] tpm2-abrmd: fix build without stack >> smashing protection (SSP) > >>> From: "Thomas Petazzoni" >>> To: "DATACOM" >>> Cc: "buildroot" >>> Sent: Quarta-feira, 21 de novembro de 2018 18:06:52 >>> Subject: Re: [Buildroot] [PATCH next] tpm2-abrmd: fix build without stack >>> smashing protection (SSP) >> >>> Hello, >>> >>> On Wed, 21 Nov 2018 15:43:37 -0200, Carlos Santos wrote: >>>> The configuration environment setup that disables SSP if the toolchain >>>> does not support it must be updated after the bump to version 2.0.3. >>>> >>>> Fixes: >>>> http://autobuild.buildroot.net/results/bd9005eeb24678aa530179a80bbc99b2176f8559 >>>> http://autobuild.buildroot.net/results/feff61dcb481a94f5f030117830984c5e09727ea >>>> >>>> Signed-off-by: Carlos Santos >>>> --- >>>> package/tpm2-abrmd/tpm2-abrmd.mk | 2 +- >>>> 1 file changed, 1 insertion(+), 1 deletion(-) >>>> >>>> diff --git a/package/tpm2-abrmd/tpm2-abrmd.mk b/package/tpm2-abrmd/tpm2-abrmd.mk >>>> index a4d9cfb384..74cc66ba20 100644 >>>> --- a/package/tpm2-abrmd/tpm2-abrmd.mk >>>> +++ b/package/tpm2-abrmd/tpm2-abrmd.mk >>>> @@ -13,7 +13,7 @@ TPM2_ABRMD_DEPENDENCIES = dbus libglib2 tpm2-tss host-pkgconf >>>> >>>> # configure.ac doesn't contain a link test, so it doesn't detect when >>>> # libssp is missing. >>>> -TPM2_ABRMD_CONF_ENV = ax_cv_check_cflags___fstack_protector_all=$(if >>>> $(BR2_TOOLCHAIN_HAS_SSP),yes,no) >>>> +TPM2_ABRMD_CONF_ENV = >>>> ax_cv_check_cflags___________Werror_______fstack_protector_all=$(if >>>> $(BR2_TOOLCHAIN_HAS_SSP),yes,no) >>> >>> It's a bit annoying to fix this once in a while, what about the >>> following change instead: >>> >>> diff --git a/m4/flags.m4 b/m4/flags.m4 >>> index 1b01198..59b6d5b 100644 >>> --- a/m4/flags.m4 >>> +++ b/m4/flags.m4 >>> @@ -5,7 +5,7 @@ dnl mandatory (configure will fail). >>> dnl $1: C compiler flag to add to EXTRA_CFLAGS. >>> dnl $2: Set to "required" to cause configure failure if flag not supported.. >>> AC_DEFUN([AX_ADD_COMPILER_FLAG],[ >>> - AX_CHECK_COMPILE_FLAG([$1],[ >>> + AX_CHECK_LINK_FLAG([$1],[ >>> EXTRA_CFLAGS="$EXTRA_CFLAGS $1" >>> AC_SUBST([EXTRA_CFLAGS])],[ >>> AS_IF([test x$2 != xrequired],[ >>> >>> (entirely untested). It could be submitted upstream. >> >> I can forward your suggestion upstream but for the moment I'd keep >> the CONF_ENV approach. >> >> Patching flags.m4 would require AUTORECONF, which in its turn would >> require adding host-autoconf-archive as a build dependency. So more >> dependencies, a larger build to time and exactly the same result. > > Pull request created: > > https://github.com/tpm2-software/tpm2-abrmd/pull/556 Thomas, could you please accept this patch while we wait for a verdict from upstream on my PR? It is currently blocked by a build error whose solution depends on a subsequent PR: https://github.com/tpm2-software/tpm2-abrmd/pull/557 -- Carlos Santos (Casantos) - DATACOM, P&D