diff options
| author | Ruslan Ermilov <ru@FreeBSD.org> | 2008-06-25 21:33:28 +0000 |
|---|---|---|
| committer | Ruslan Ermilov <ru@FreeBSD.org> | 2008-06-25 21:33:28 +0000 |
| commit | 042df2e2dadea9f43b62b79ed97534c0eecf1dad (patch) | |
| tree | 3821989620f33150162837ccfad067791bb346ca /libexec/rtld-elf | |
| parent | 0d9e99b6ca4f54bf4f902715e8870d9ff19a8afa (diff) | |
| download | src-042df2e2dadea9f43b62b79ed97534c0eecf1dad.tar.gz src-042df2e2dadea9f43b62b79ed97534c0eecf1dad.zip | |
Enable GCC stack protection (aka Propolice) for userland:
- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
Notes
Notes:
svn path=/head/; revision=180012
Diffstat (limited to 'libexec/rtld-elf')
| -rw-r--r-- | libexec/rtld-elf/Makefile | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/libexec/rtld-elf/Makefile b/libexec/rtld-elf/Makefile index 50e64a56068b..abf920924aa3 100644 --- a/libexec/rtld-elf/Makefile +++ b/libexec/rtld-elf/Makefile @@ -1,5 +1,7 @@ # $FreeBSD$ +WITHOUT_SSP= + .include <bsd.own.mk> PROG?= ld-elf.so.1 |