Re: stack-protector: fix CC_HAS_STACKPROTECTOR_NONE depend on -fno-stack-protector

From: Kees Cook
Date: Sat Jan 12 2019 - 13:43:43 EST

Next message: Bjorn Andersson: "Re: [PATCH v5 8/8] arm64: dts: qcom: sdm845: Add Q6V5 MSS node"
Previous message: Jonathan Cameron: "Re: [PATCH v3 2/3] iio: adc: Add the TI ads124s08 ADC code"
In reply to: éæ: "stack-protector: fix CC_HAS_STACKPROTECTOR_NONE depend on -fno-stack-protector"
Next in thread: Masahiro Yamada: "Re: stack-protector: fix CC_HAS_STACKPROTECTOR_NONE depend on -fno-stack-protector"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 11, 2019 at 7:56 PM éæ <longchun.lc@xxxxxxxxxxxxxxx> wrote:
>
> commitï2a61f4747eeaa85ce26ca9fbd81421b15facd018ïrename CC_STACKPROTECTOR_NONE
> config. but unfortunately if the compiler support option -fno-stack-protector,
> CC_HAS_STACKPROTECTOR_NONE will not be disabled.
>
> CC_HAS_STACKPROTECTOR_NONE and CC_STACKPROTECTOR_STRONG will be enabled at once,
> as the following conditions:
> 1. gcc support -fno-stack-protector & -fstack-protector-strong
> 2. enabled CC_STACKPROTECTOR_STRONG & STACKPROTECTOR
> 3. disabled CC_HAS_STACKPROTECTOR_NONE

While it's not very obvious, it's safe to include both
-fno-stack-protector and -fstack-protector* on the gcc command line
since the latter one is the only one that is used.

Are you seeing miscompilation or error conditions without this patch?

-Kees

--
Kees Cook

Next message: Bjorn Andersson: "Re: [PATCH v5 8/8] arm64: dts: qcom: sdm845: Add Q6V5 MSS node"
Previous message: Jonathan Cameron: "Re: [PATCH v3 2/3] iio: adc: Add the TI ads124s08 ADC code"
In reply to: éæ: "stack-protector: fix CC_HAS_STACKPROTECTOR_NONE depend on -fno-stack-protector"
Next in thread: Masahiro Yamada: "Re: stack-protector: fix CC_HAS_STACKPROTECTOR_NONE depend on -fno-stack-protector"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]