lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20171015034218.GA57631@beast>
Date:   Sat, 14 Oct 2017 20:42:18 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Robert Jarzmik <robert.jarzmik@...e.fr>
Cc:     linux-kernel@...r.kernel.org
Subject: [PATCH] Makefile: Another fix for stackprotector _AUTO mode

If the compiler didn't support a build mode, the second empty test would
still trip. This moves it to an "else" test for the non-AUTO modes.

Reported-by: Robert Jarzmik <robert.jarzmik@...e.fr>
Signed-off-by: Kees Cook <keescook@...omium.org>
---
Robert, can you test this fix?
---
 Makefile | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/Makefile b/Makefile
index aad7a1ae4791..ba88227fb2bd 100644
--- a/Makefile
+++ b/Makefile
@@ -1092,16 +1092,17 @@ PHONY += prepare-compiler-check
 prepare-compiler-check: FORCE
 # Make sure compiler supports requested stack protector flag.
 ifdef stackp-name
-  # Warn about CONFIG_CC_STACKPROTECTOR_AUTO having found no option.
   ifeq ($(stackp-flag),)
+	# Warn about CONFIG_CC_STACKPROTECTOR_AUTO having found no option.
 	@echo CONFIG_CC_STACKPROTECTOR_$(stackp-name): \
 		  Compiler does not support any known stack-protector >&2
-  endif
-  # Fail if specifically requested stack protector is missing.
+  else
   ifeq ($(call cc-option, $(stackp-flag)),)
+	# Fail if specifically requested stack protector is missing.
 	@echo Cannot use CONFIG_CC_STACKPROTECTOR_$(stackp-name): \
 		  $(stackp-flag) not supported by compiler >&2 && exit 1
   endif
+  endif
 endif
 # Make sure compiler does not have buggy stack-protector support.
 ifdef stackp-check
-- 
2.7.4


-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ