From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751585AbdJODmX (ORCPT <rfc822;w@1wt.eu>);
        Sat, 14 Oct 2017 23:42:23 -0400
Received: from mail-pg0-f50.google.com ([74.125.83.50]:44191 "EHLO
        mail-pg0-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751237AbdJODmV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 14 Oct 2017 23:42:21 -0400
X-Google-Smtp-Source: AOwi7QCsZwcUii0KXapR56cR2rnvjfD5cfAdLdLP5A5enOnGOlrCIrnNVp+4PynAs7PgNNyFoCZ8JQ==
Date: Sat, 14 Oct 2017 20:42:18 -0700
From: Kees Cook <keescook@chromium.org>
To: Robert Jarzmik <robert.jarzmik@free.fr>
Cc: linux-kernel@vger.kernel.org
Subject: [PATCH] Makefile: Another fix for stackprotector _AUTO mode
Message-ID: <20171015034218.GA57631@beast>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

If the compiler didn't support a build mode, the second empty test would
still trip. This moves it to an "else" test for the non-AUTO modes.

Reported-by: Robert Jarzmik <robert.jarzmik@free.fr>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
Robert, can you test this fix?
---
 Makefile | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/Makefile b/Makefile
index aad7a1ae4791..ba88227fb2bd 100644
--- a/Makefile
+++ b/Makefile
@@ -1092,16 +1092,17 @@ PHONY += prepare-compiler-check
 prepare-compiler-check: FORCE
 # Make sure compiler supports requested stack protector flag.
 ifdef stackp-name
-  # Warn about CONFIG_CC_STACKPROTECTOR_AUTO having found no option.
   ifeq ($(stackp-flag),)
+	# Warn about CONFIG_CC_STACKPROTECTOR_AUTO having found no option.
 	@echo CONFIG_CC_STACKPROTECTOR_$(stackp-name): \
 		  Compiler does not support any known stack-protector >&2
-  endif
-  # Fail if specifically requested stack protector is missing.
+  else
   ifeq ($(call cc-option, $(stackp-flag)),)
+	# Fail if specifically requested stack protector is missing.
 	@echo Cannot use CONFIG_CC_STACKPROTECTOR_$(stackp-name): \
 		  $(stackp-flag) not supported by compiler >&2 && exit 1
   endif
+  endif
 endif
 # Make sure compiler does not have buggy stack-protector support.
 ifdef stackp-check
-- 
2.7.4


-- 
Kees Cook
Pixel Security