| 1 |
Maybe you have put a global -fstack-protector or -fstack-protector-all |
| 2 |
in your CFLAGS when compiling gcc, omit this since is not needed, just |
| 3 |
use the specs for this package. If you did this you will find (too) |
| 4 |
that glibc doesn't compile at all with -fstack-protector-all. In any |
| 5 |
case it could be a bug in gcc, try to update it. |
| 6 |
|
| 7 |
2008/10/26 Magnus Granberg <zorry@×××.nu>: |
| 8 |
> pageexec@××××××××.hu skrev: |
| 9 |
>> On 25 Oct 2008 at 21:44, Jan Klod wrote: |
| 10 |
>> |
| 11 |
>> |
| 12 |
>>> Hello. |
| 13 |
>>> |
| 14 |
>>> I was trying to make a switch form normal, freshly installed gentoo to |
| 15 |
>>> hardened like described in PaX quickstart. |
| 16 |
>>> http://www.gentoo.org/proj/en/hardened/pax-quickstart.xml Though, that |
| 17 |
>>> guide is missing to inform about when should I boot hardened-sources. |
| 18 |
>>> Not sure if after "emerge binutils gcc virtual/libc" or "emerge -e |
| 19 |
>>> world", but I got this error, which persists: |
| 20 |
>>> |
| 21 |
>>> ============================================================================ |
| 22 |
>>> *** stack smashing detected ***: cc1 - terminated |
| 23 |
>>> cc1: stack smashing attack in function ix86_split_to_parts - terminated |
| 24 |
>>> |
| 25 |
>> |
| 26 |
>> i don't know if you're supposed to use ssp on gcc itself, but apparently it |
| 27 |
>> caught some bug, whether that's some miscompilation or a real bug in gcc, i |
| 28 |
>> can't tell from this, but it's worth a look. if you just want to finish your |
| 29 |
>> install, you should recompile gcc itself without using ssp during compilation |
| 30 |
>> (that can be tricky, i don't know where the specs file comes from in that |
| 31 |
>> case). |
| 32 |
>> |
| 33 |
>> |
| 34 |
>> |
| 35 |
> What is your emerge --info? |
| 36 |
> |
| 37 |
> |
Archives