From 10c85e76c09716e744b4a41006718400b1eb2e84 Mon Sep 17 00:00:00 2001 From: Nick Alcock Date: Mon, 26 Dec 2016 10:08:45 +0100 Subject: Disable stack protector in early static initialization [BZ #7065] The startup code in csu/, and the brk and sbrk functions are needed very early in initialization of a statically-linked program, before the stack guard is initialized; TLS initialization also uses memcpy, which cannot overrun its own stack. Mark all of these as -fno-stack-protector. We also finally introduce @libc_cv_ssp@ and @no_stack_protector@, both substituted by the configury changes made earlier, to detect the case when -fno-stack-protector is supported by the compiler, and unconditionally pass it in when this is the case, whether or not --enable-stack-protector is passed to configure. (This means that it'll even work when the compiler's been hacked to pass -fstack-protector by default, unless the hackage is so broken that it does so in a way that is impossible to override.) --- config.make.in | 2 ++ 1 file changed, 2 insertions(+) (limited to 'config.make.in') diff --git a/config.make.in b/config.make.in index 35e7e59663..4422025e59 100644 --- a/config.make.in +++ b/config.make.in @@ -58,7 +58,9 @@ with-fp = @with_fp@ enable-timezone-tools = @enable_timezone_tools@ unwind-find-fde = @libc_cv_gcc_unwind_find_fde@ have-fpie = @libc_cv_fpie@ +have-ssp = @libc_cv_ssp@ stack-protector = @stack_protector@ +no-stack-protector = @no_stack_protector@ have-selinux = @have_selinux@ have-libaudit = @have_libaudit@ have-libcap = @have_libcap@ -- cgit v1.2.3