1 |
Frank Peters posted on Mon, 16 Jun 2014 20:18:59 -0400 as excerpted: |
2 |
|
3 |
> GCC-4.8.3 is now in the portage tree and it enables SSP, or Stack |
4 |
> Smashing Protection, by default. |
5 |
> |
6 |
> I don't want SSP. It can be disabled using the -fno-stack-protector |
7 |
> flag. |
8 |
> |
9 |
> Checking the portage use.local.desc file, it seems a better way to |
10 |
> disable SSP is to specify the "nossp" USE flag for gcc. With this USE |
11 |
> flag set, gcc will be built without SSP. |
12 |
> |
13 |
> However the "nossp" USE flag has some sort of warning attached to it in |
14 |
> the use.local.desc file: |
15 |
> |
16 |
> sys-devel/gcc:nossp - Disable SSP support (NOT FOR GENERAL USE) |
17 |
> |
18 |
> What does this mean? Is it safe to use the "nossp" USE flag to build |
19 |
> gcc? |
20 |
|
21 |
Based on the discussions on the dev list, I believe the nossp USE flag |
22 |
was originally only for specific-case usage in the hardened profiles, and |
23 |
now will likely be expanded to the archs (like hppa I believe) where ssp |
24 |
doesn't work. As such, I'd consider it quite likely that the flag will |
25 |
eventually be masked on general profiles, since the idea is to make gentoo |
26 |
a bit safer by enabling it in general, and disabling it only on archs |
27 |
where it is known not to work (hppa I believe, among others). |
28 |
|
29 |
While it is of course possible to unmask such a flag and then use it, I'd |
30 |
consider strongly before you do as that puts you FAR out of tested gentoo |
31 |
mainstream. |
32 |
|
33 |
That said, in theory at least it should "just work", since this is a |
34 |
change to the /gentoo/ gcc spec-file defaults, not upstream, and turning |
35 |
it off is simply turning off a newly default feature that has until now |
36 |
been off unless you specifically turned it on. |
37 |
|
38 |
But I'd still strongly recommend adding the -fno-stack-protector to your |
39 |
CFLAGS, as that will continue to be supported by gentoo, while messing |
40 |
with gcc's nossp flag is not recommended and may result in bugs being |
41 |
closed INVALID or NEEDINFO (duplicate with the flag toggled before |
42 |
reopening), etc, as a result. |
43 |
|
44 |
/That/ said, there's actually three levels of ssp now, with this one the |
45 |
lowest level, dropping performance very little while focusing protection |
46 |
on the functions that are easiest to abuse AND to protect. Actually, as |
47 |
the news item states, the middle (strong but not all) option is the |
48 |
planned default for gcc 4.9. That being the case, I'd at /least/ |
49 |
recommend this lower level of protection on at least the most critical |
50 |
functions where the performance cost is quite low in comparison to the |
51 |
benefit. If you want to disable the strong-but-not-all default when it |
52 |
comes in 4.9, OK, but I'd suggest at least keeping this minimal threshold |
53 |
of protection, particularly since it /will/ be the default now and thus |
54 |
there should be if anything fewer problems with it than not. |
55 |
|
56 |
But it's you're machine, and we'd not be gentooers if we didn't want to |
57 |
be king over the configuration of our own machines, so go to it if you |
58 |
are sure. =:^) Just do your research (perhaps you already have) and |
59 |
know exactly why you're doing it. |
60 |
|
61 |
-- |
62 |
Duncan - List replies preferred. No HTML msgs. |
63 |
"Every nonfree program has a lord, a master -- |
64 |
and if you use the program, he is your master." Richard Stallman |