[PATCH] Makefile: Fix empty flag results for stackprotector _AUTO mode
From: Kees Cook
Date: Mon Oct 16 2017 - 00:03:43 EST
If the compiler didn't support any stackprotector mode, the second
empty test would still trip. This moves it to an "else" test for the
non-AUTO modes.
Reported-and-tested-by: Robert Jarzmik <robert.jarzmik@xxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
This is a separate fix from the issue with gcc 4.4.4. Yay compilers.
(Also, this is technically a v2 with just the commit message changed.)
---
Makefile | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/Makefile b/Makefile
index 20fafb48fdf9..74d5f037df69 100644
--- a/Makefile
+++ b/Makefile
@@ -1093,16 +1093,17 @@ PHONY += prepare-compiler-check
prepare-compiler-check: FORCE
# Make sure compiler supports requested stack protector flag.
ifdef stackp-name
- # Warn about CONFIG_CC_STACKPROTECTOR_AUTO having found no option.
ifeq ($(stackp-flag),)
+ # Warn about CONFIG_CC_STACKPROTECTOR_AUTO having found no option.
@echo CONFIG_CC_STACKPROTECTOR_$(stackp-name): \
Compiler does not support any known stack-protector >&2
- endif
- # Fail if specifically requested stack protector is missing.
+ else
ifeq ($(call cc-option, $(stackp-flag)),)
+ # Fail if specifically requested stack protector is missing.
@echo Cannot use CONFIG_CC_STACKPROTECTOR_$(stackp-name): \
$(stackp-flag) not supported by compiler >&2 && exit 1
endif
+ endif
endif
# Make sure compiler does not have buggy stack-protector support.
ifdef stackp-check
--
2.7.4
--
Kees Cook
Pixel Security