lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080418065806.35c73f96@laptopd505.fenrus.org>
Date:	Fri, 18 Apr 2008 06:58:06 -0700
From:	Arjan van de Ven <arjan@...radead.org>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Ingo Molnar <mingo@...e.hu>, Thomas Gleixner <tglx@...utronix.de>,
	sam@...nborg.org, arjan@...ux.intel.com,
	linux-kernel@...r.kernel.org
Subject: Stack protector build failure (was Re: 2.6.25-mm1: not looking
 good)

On Fri, 18 Apr 2008 00:28:58 -0700
Andrew Morton <akpm@...ux-foundation.org> wrote:


> 
> > No harm done on a 
> > perfectly bug-free system - but once a bug happens that SELinux
> > should have mitigated, the breakage becomes real. Having a
> > prominent warning is the _minimum_.
> > 
> > having a build failure would be nice too because this is a build 
> > environment problem. (not a build warning - warnings can easily be 
> > missed because on a typical kernel build there's so many false
> > positives that get emitted by various other warning mechanisms)
> > Arjan?
> > 
> 
> Yeah, #error would work too.

I'm totally fine with that, but I think I need Sam's help on making that happen
the right way; this is going to need makefile fu L(

Sam:
Basically what I need is that if the
scripts/gcc-x86_64-has-stack-protector.sh script fails, the build aborts with
a message/#error that says that the compiler is not capable of supporting this feature.

Right now the script is used like this:

	stackp := $(CONFIG_SHELL) $(srctree)/scripts/gcc-x86_64-has-stack-protector.sh
        stackp-$(CONFIG_CC_STACKPROTECTOR) := $(shell $(stackp) \
                "$(CC)" -fstack-protector )

It's obviously easy to make this script print a warning.. but how do we make it stop the build?

-- 
If you want to reach me at my work email, use arjan@...ux.intel.com
For development, discussion and tips for power savings, 
visit http://www.lesswatts.org
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ