| 1 |
zerochaos 14/02/09 18:04:43 |
| 2 |
|
| 3 |
Added: syslinux-6.03_pre1-add-fno-stack-protector.patch |
| 4 |
syslinux-6.02-add-fno-stack-protector.patch |
| 5 |
Log: |
| 6 |
hardened fixes by Zorry from bug 495146 with trivial backport and extensive testing done by myself |
| 7 |
|
| 8 |
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key DD11F94A) |
| 9 |
|
| 10 |
Revision Changes Path |
| 11 |
1.1 sys-boot/syslinux/files/syslinux-6.03_pre1-add-fno-stack-protector.patch |
| 12 |
|
| 13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-boot/syslinux/files/syslinux-6.03_pre1-add-fno-stack-protector.patch?rev=1.1&view=markup |
| 14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-boot/syslinux/files/syslinux-6.03_pre1-add-fno-stack-protector.patch?rev=1.1&content-type=text/plain |
| 15 |
|
| 16 |
Index: syslinux-6.03_pre1-add-fno-stack-protector.patch |
| 17 |
=================================================================== |
| 18 |
2014-01-04 Magnus Granberg <zorry@g.o> |
| 19 |
|
| 20 |
# 495146 |
| 21 |
* mk/efi.mk: Add -fno-stack-protector |
| 22 |
|
| 23 |
--- a/mk/efi.mk 2013-12-11 11:03:38.000000000 +0100 |
| 24 |
+++ b/efi.mk 2014-01-04 13:50:11.474255644 +0100 |
| 25 |
@@ -7,6 +7,7 @@ core = $(topdir)/core |
| 26 |
# Set up architecture specifics; for cross compilation, set ARCH as apt |
| 27 |
# gnuefi sets up architecture specifics in ia32 or x86_64 sub directories |
| 28 |
# set up the LIBDIR and EFIINC for building for the appropriate architecture |
| 29 |
+GCCOPT := $(call gcc_ok,-fno-stack-protector,) |
| 30 |
EFIINC = $(objdir)/include/efi |
| 31 |
LIBDIR = $(objdir)/lib |
| 32 |
|
| 33 |
@@ -38,7 +39,7 @@ CFLAGS = -I$(EFIINC) -I$(EFIINC)/$(EFI_S |
| 34 |
-DELF_DEBUG -DSYSLINUX_EFI -I$(objdir) \ |
| 35 |
$(GCCWARN) -D__COM32__ -mno-red-zone \ |
| 36 |
-DLDLINUX=\"$(LDLINUX)\" -fvisibility=hidden \ |
| 37 |
- -Wno-unused-parameter |
| 38 |
+ -Wno-unused-parameter $(GCCOPT) |
| 39 |
|
| 40 |
CRT0 := $(LIBDIR)/crt0-efi-$(EFI_SUBARCH).o |
| 41 |
LDSCRIPT := $(LIBDIR)/elf_$(EFI_SUBARCH)_efi.lds |
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
1.1 sys-boot/syslinux/files/syslinux-6.02-add-fno-stack-protector.patch |
| 46 |
|
| 47 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-boot/syslinux/files/syslinux-6.02-add-fno-stack-protector.patch?rev=1.1&view=markup |
| 48 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-boot/syslinux/files/syslinux-6.02-add-fno-stack-protector.patch?rev=1.1&content-type=text/plain |
| 49 |
|
| 50 |
Index: syslinux-6.02-add-fno-stack-protector.patch |
| 51 |
=================================================================== |
| 52 |
diff -Naur syslinux-6.02/mk/efi.mk syslinux-6.02-hardened/mk/efi.mk |
| 53 |
--- syslinux-6.02/mk/efi.mk 2013-10-13 13:59:03.000000000 -0400 |
| 54 |
+++ syslinux-6.02-hardened/mk/efi.mk 2014-02-09 12:56:47.036409135 -0500 |
| 55 |
@@ -23,6 +23,7 @@ |
| 56 |
EFI_SUBARCH = $(ARCH) |
| 57 |
endif |
| 58 |
|
| 59 |
+GCCOPT := $(call gcc_ok,-fno-stack-protector,) |
| 60 |
EFIINC = $(shell $(topdir)/efi//find-gnu-efi.sh include $(EFI_SUBARCH)) |
| 61 |
$(if $(EFIINC),, \ |
| 62 |
$(error Missing $(EFI_SUBARCH) gnu-efi header files)) |
| 63 |
@@ -42,7 +43,7 @@ |
| 64 |
-DELF_DEBUG -DSYSLINUX_EFI -I$(objdir) \ |
| 65 |
$(GCCWARN) -D__COM32__ -mno-red-zone \ |
| 66 |
-DLDLINUX=\"$(LDLINUX)\" -fvisibility=hidden \ |
| 67 |
- -Wno-unused-parameter |
| 68 |
+ -Wno-unused-parameter $(GCCOPT) |
| 69 |
|
| 70 |
# gnuefi sometimes installs these under a gnuefi/ directory, and sometimes not |
| 71 |
CRT0 := $(shell find $(LIBDIR) -name crt0-efi-$(EFI_SUBARCH).o 2>/dev/null | tail -n1) |
Archives