--enable-stack-protector=all adds protection to functions that don't
have a chance to corrupt stack. On top of that glibc's own tests fail
on static IFUNC resolver.
Let's use -fstack-protector-strong which matches Gentoo's gcc default.
Should fix at least the following test failures:
FAIL: elf/ifuncmain9picstatic
FAIL: elf/ifuncmain9static
Reported-by: Toralf Förster
Bug: https://bugs.gentoo.org/712356
Bug: https://sourceware.org/PR25680
Package-Manager: Portage-2.3.94, Repoman-2.3.20
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
myconf+=( --enable-stack-protector=no )
;;
*)
- myconf+=( --enable-stack-protector=$(usex ssp all no) )
+ # Use '=strong' instead of '=all' to protect only functions
+ # worth protecting from stack smashes.
+ # '=all' is also known to have a problem in IFUNC resolution
+ # tests: https://sourceware.org/PR25680, bug #712356.
+ myconf+=( --enable-stack-protector=$(usex ssp strong no) )
;;
esac
myconf+=( --enable-stackguard-randomization )
myconf+=( --enable-stack-protector=no )
;;
*)
- myconf+=( --enable-stack-protector=$(usex ssp all no) )
+ # Use '=strong' instead of '=all' to protect only functions
+ # worth protecting from stack smashes.
+ # '=all' is also known to have a problem in IFUNC resolution
+ # tests: https://sourceware.org/PR25680, bug #712356.
+ myconf+=( --enable-stack-protector=$(usex ssp strong no) )
;;
esac
myconf+=( --enable-stackguard-randomization )
projects / gentoo.git / commitdiff