* [Buildroot] [PATCH] toolchain/buildroot: properly handle SSP
@ 2013-07-04 18:30 Gustavo Zacarias
2013-07-27 11:18 ` Thomas Petazzoni
0 siblings, 1 reply; 4+ messages in thread
From: Gustavo Zacarias @ 2013-07-04 18:30 UTC (permalink / raw)
To: buildroot
The current SSP handling is incomplete.
First we need to build uClibc with SSP support for a complete
"experience".
Second, it doesn't hurt to add -fstack-protector-all to the
CFLAGS/CXXFLAGS since most users would expect buildroot to do this
rather than adding the flags themselves.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/Makefile.in | 5 +++++
package/uclibc/uclibc.mk | 10 ++++++++--
toolchain/toolchain-buildroot/Config.in.2 | 2 +-
3 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/package/Makefile.in b/package/Makefile.in
index 66e45d2..01c1256 100644
--- a/package/Makefile.in
+++ b/package/Makefile.in
@@ -119,6 +119,11 @@ TARGET_CFLAGS += -msep-data
TARGET_CXXFLAGS += -msep-data
endif
+ifeq ($(BR2_TOOLCHAIN_BUILDROOT_USE_SSP),y)
+TARGET_CFLAGS += -fstack-protector-all
+TARGET_CXXFLAGS += -fstack-protector-all
+endif
+
ifeq ($(BR2_TOOLCHAIN_BUILDROOT)$(BR2_TOOLCHAIN_CTNG),y)
TARGET_CROSS=$(HOST_DIR)/usr/bin/$(GNU_TARGET_NAME)-
else
diff --git a/package/uclibc/uclibc.mk b/package/uclibc/uclibc.mk
index 5cbc011..6060efa 100644
--- a/package/uclibc/uclibc.mk
+++ b/package/uclibc/uclibc.mk
@@ -255,9 +255,15 @@ endif
# SSP
#
ifeq ($(BR2_TOOLCHAIN_BUILDROOT_USE_SSP),y)
-UCLIBC_SSP_CONFIG = $(call UCLIBC_OPT_SET,UCLIBC_HAS_SSP,y,$(@D))
+define UCLIBC_SSP_CONFIG
+ $(call UCLIBC_OPT_SET,UCLIBC_HAS_SSP,y,$(@D))
+ $(call UCLIBC_OPT_SET,UCLIBC_BUILD_SSP,y,$(@D))
+endef
else
-UCLIBC_SSP_CONFIG = $(call UCLIBC_OPT_UNSET,UCLIBC_HAS_SSP,$(@D))
+define UCLIBC_SSP_CONFIG
+ $(call UCLIBC_OPT_UNSET,UCLIBC_HAS_SSP,$(@D))
+ $(call UCLIBC_OPT_UNSET,UCLIBC_BUILD_SSP,$(@D))
+endef
endif
#
diff --git a/toolchain/toolchain-buildroot/Config.in.2 b/toolchain/toolchain-buildroot/Config.in.2
index 9bbf016..67aecaa 100644
--- a/toolchain/toolchain-buildroot/Config.in.2
+++ b/toolchain/toolchain-buildroot/Config.in.2
@@ -16,7 +16,7 @@ config BR2_TOOLCHAIN_BUILDROOT_USE_SSP
bool "Enable stack protection support"
help
Enable stack smashing protection support using GCCs
- -fstack-protector[-all] option.
+ -fstack-protector-all option.
See http://www.linuxfromscratch.org/hints/downloads/files/ssp.txt
for details.
--
1.8.1.5
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] toolchain/buildroot: properly handle SSP
2013-07-04 18:30 [Buildroot] [PATCH] toolchain/buildroot: properly handle SSP Gustavo Zacarias
@ 2013-07-27 11:18 ` Thomas Petazzoni
2013-07-27 14:22 ` Gustavo Zacarias
0 siblings, 1 reply; 4+ messages in thread
From: Thomas Petazzoni @ 2013-07-27 11:18 UTC (permalink / raw)
To: buildroot
Dear Gustavo Zacarias,
On Thu, 4 Jul 2013 15:30:26 -0300, Gustavo Zacarias wrote:
> The current SSP handling is incomplete.
>
> First we need to build uClibc with SSP support for a complete
> "experience".
>
> Second, it doesn't hurt to add -fstack-protector-all to the
> CFLAGS/CXXFLAGS since most users would expect buildroot to do this
> rather than adding the flags themselves.
>
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Committed thanks. It would be nice to check whether something specific
is needed for eglibc.
Thanks,
Thomas
--
Thomas Petazzoni, Free Electrons
Kernel, drivers, real-time and embedded Linux
development, consulting, training and support.
http://free-electrons.com
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] toolchain/buildroot: properly handle SSP
2013-07-27 11:18 ` Thomas Petazzoni
@ 2013-07-27 14:22 ` Gustavo Zacarias
2013-07-27 14:32 ` Thomas Petazzoni
0 siblings, 1 reply; 4+ messages in thread
From: Gustavo Zacarias @ 2013-07-27 14:22 UTC (permalink / raw)
To: buildroot
On 07/27/2013 08:18 AM, Thomas Petazzoni wrote:
> Committed thanks. It would be nice to check whether something specific
> is needed for eglibc.
It's default on for eglibc as long as gcc supports -fstack-protector.
And it doesn't seem to care much if i try to disable it, though i'd be a
bit wary of doing so being upstream default.
Regards.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] toolchain/buildroot: properly handle SSP
2013-07-27 14:22 ` Gustavo Zacarias
@ 2013-07-27 14:32 ` Thomas Petazzoni
0 siblings, 0 replies; 4+ messages in thread
From: Thomas Petazzoni @ 2013-07-27 14:32 UTC (permalink / raw)
To: buildroot
Dear Gustavo Zacarias,
On Sat, 27 Jul 2013 11:22:13 -0300, Gustavo Zacarias wrote:
> > Committed thanks. It would be nice to check whether something specific
> > is needed for eglibc.
>
> It's default on for eglibc as long as gcc supports -fstack-protector.
> And it doesn't seem to care much if i try to disable it, though i'd be a
> bit wary of doing so being upstream default.
> Regards.
Ok, thanks!
Thomas
--
Thomas Petazzoni, Free Electrons
Kernel, drivers, real-time and embedded Linux
development, consulting, training and support.
http://free-electrons.com
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2013-07-27 14:32 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-07-04 18:30 [Buildroot] [PATCH] toolchain/buildroot: properly handle SSP Gustavo Zacarias
2013-07-27 11:18 ` Thomas Petazzoni
2013-07-27 14:22 ` Gustavo Zacarias
2013-07-27 14:32 ` Thomas Petazzoni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox