1 |
onsdag 11 september 2013 00.07.29 skrev Ryan Hill: |
2 |
> On Tue, 10 Sep 2013 18:41:34 -0400 |
3 |
> |
4 |
> Richard Yao <ryao@g.o> wrote: |
5 |
> > A few thoughts: |
6 |
> > |
7 |
> > 1. The kernel expects -fno-stack-protector to be the default. What will |
8 |
> > the effect be on kernel configuration once -fstack-protector is the |
9 |
> > default? |
10 |
> The kernel has supported building with -fstack-protector since 2.6.19, (at |
11 |
> least on x86/x86-64). It's controlled by CONFIG_CC_STACKPROTECTOR and if |
12 |
> it's disabled then -fno-stack-protector is explicitly added to the command |
13 |
> line. |
14 |
On Hardened we disable -fstack-protector* when building kernel and it is done |
15 |
with some gcc spec rules that we patch gcc with and it have been working long |
16 |
before gcc 4.X versions. It can be turned on with the kernel config option |
17 |
CONFIG_CC_STACKPROTECTOR. |
18 |
/Magnus |