From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751777AbdJPEDi (ORCPT <rfc822;w@1wt.eu>);
        Mon, 16 Oct 2017 00:03:38 -0400
Received: from mail-pg0-f42.google.com ([74.125.83.42]:55775 "EHLO
        mail-pg0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751046AbdJPEDh (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 16 Oct 2017 00:03:37 -0400
X-Google-Smtp-Source: AOwi7QAKmO8ZeyuMSBjYh8HDanIwM+LK2r1JjYuCnJ/RfyWo2Q/+OZoN2Zh4Jgp2VlOiK9nSy24OWQ==
Date: Sun, 15 Oct 2017 21:03:33 -0700
From: Kees Cook <keescook@chromium.org>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org, Robert Jarzmik <robert.jarzmik@free.fr>
Subject: [PATCH] Makefile: Fix empty flag results for stackprotector _AUTO
 mode
Message-ID: <20171016040333.GA82643@beast>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

If the compiler didn't support any stackprotector mode, the second
empty test would still trip. This moves it to an "else" test for the
non-AUTO modes.

Reported-and-tested-by: Robert Jarzmik <robert.jarzmik@free.fr>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
This is a separate fix from the issue with gcc 4.4.4. Yay compilers.
(Also, this is technically a v2 with just the commit message changed.)
---
 Makefile | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/Makefile b/Makefile
index 20fafb48fdf9..74d5f037df69 100644
--- a/Makefile
+++ b/Makefile
@@ -1093,16 +1093,17 @@ PHONY += prepare-compiler-check
 prepare-compiler-check: FORCE
 # Make sure compiler supports requested stack protector flag.
 ifdef stackp-name
-  # Warn about CONFIG_CC_STACKPROTECTOR_AUTO having found no option.
   ifeq ($(stackp-flag),)
+	# Warn about CONFIG_CC_STACKPROTECTOR_AUTO having found no option.
 	@echo CONFIG_CC_STACKPROTECTOR_$(stackp-name): \
 		  Compiler does not support any known stack-protector >&2
-  endif
-  # Fail if specifically requested stack protector is missing.
+  else
   ifeq ($(call cc-option, $(stackp-flag)),)
+	# Fail if specifically requested stack protector is missing.
 	@echo Cannot use CONFIG_CC_STACKPROTECTOR_$(stackp-name): \
 		  $(stackp-flag) not supported by compiler >&2 && exit 1
   endif
+  endif
 endif
 # Make sure compiler does not have buggy stack-protector support.
 ifdef stackp-check
-- 
2.7.4


-- 
Kees Cook
Pixel Security