| 1 |
Frank Peters posted on Mon, 16 Jun 2014 20:18:59 -0400 as excerpted: |
| 2 |
|
| 3 |
> GCC-4.8.3 is now in the portage tree and it enables SSP, or Stack |
| 4 |
> Smashing Protection, by default. |
| 5 |
> |
| 6 |
> I don't want SSP. It can be disabled using the -fno-stack-protector |
| 7 |
> flag. |
| 8 |
> |
| 9 |
> Checking the portage use.local.desc file, it seems a better way to |
| 10 |
> disable SSP is to specify the "nossp" USE flag for gcc. With this USE |
| 11 |
> flag set, gcc will be built without SSP. |
| 12 |
> |
| 13 |
> However the "nossp" USE flag has some sort of warning attached to it in |
| 14 |
> the use.local.desc file: |
| 15 |
> |
| 16 |
> sys-devel/gcc:nossp - Disable SSP support (NOT FOR GENERAL USE) |
| 17 |
> |
| 18 |
> What does this mean? Is it safe to use the "nossp" USE flag to build |
| 19 |
> gcc? |
| 20 |
|
| 21 |
Based on the discussions on the dev list, I believe the nossp USE flag |
| 22 |
was originally only for specific-case usage in the hardened profiles, and |
| 23 |
now will likely be expanded to the archs (like hppa I believe) where ssp |
| 24 |
doesn't work. As such, I'd consider it quite likely that the flag will |
| 25 |
eventually be masked on general profiles, since the idea is to make gentoo |
| 26 |
a bit safer by enabling it in general, and disabling it only on archs |
| 27 |
where it is known not to work (hppa I believe, among others). |
| 28 |
|
| 29 |
While it is of course possible to unmask such a flag and then use it, I'd |
| 30 |
consider strongly before you do as that puts you FAR out of tested gentoo |
| 31 |
mainstream. |
| 32 |
|
| 33 |
That said, in theory at least it should "just work", since this is a |
| 34 |
change to the /gentoo/ gcc spec-file defaults, not upstream, and turning |
| 35 |
it off is simply turning off a newly default feature that has until now |
| 36 |
been off unless you specifically turned it on. |
| 37 |
|
| 38 |
But I'd still strongly recommend adding the -fno-stack-protector to your |
| 39 |
CFLAGS, as that will continue to be supported by gentoo, while messing |
| 40 |
with gcc's nossp flag is not recommended and may result in bugs being |
| 41 |
closed INVALID or NEEDINFO (duplicate with the flag toggled before |
| 42 |
reopening), etc, as a result. |
| 43 |
|
| 44 |
/That/ said, there's actually three levels of ssp now, with this one the |
| 45 |
lowest level, dropping performance very little while focusing protection |
| 46 |
on the functions that are easiest to abuse AND to protect. Actually, as |
| 47 |
the news item states, the middle (strong but not all) option is the |
| 48 |
planned default for gcc 4.9. That being the case, I'd at /least/ |
| 49 |
recommend this lower level of protection on at least the most critical |
| 50 |
functions where the performance cost is quite low in comparison to the |
| 51 |
benefit. If you want to disable the strong-but-not-all default when it |
| 52 |
comes in 4.9, OK, but I'd suggest at least keeping this minimal threshold |
| 53 |
of protection, particularly since it /will/ be the default now and thus |
| 54 |
there should be if anything fewer problems with it than not. |
| 55 |
|
| 56 |
But it's you're machine, and we'd not be gentooers if we didn't want to |
| 57 |
be king over the configuration of our own machines, so go to it if you |
| 58 |
are sure. =:^) Just do your research (perhaps you already have) and |
| 59 |
know exactly why you're doing it. |
| 60 |
|
| 61 |
-- |
| 62 |
Duncan - List replies preferred. No HTML msgs. |
| 63 |
"Every nonfree program has a lord, a master -- |
| 64 |
and if you use the program, he is your master." Richard Stallman |
Archives