| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5j+-944eia65espZo9frWB865rcqswdRKpnH9NJOTqa3MA@mail.gmail.com>
Date: Sat, 12 Jan 2019 10:43:25 -0800
From: Kees Cook <keescook@...omium.org>
To: 隆春 <longchun.lc@...baba-inc.com>
Cc: "yamada.masahiro" <yamada.masahiro@...ionext.com>,
李诚(允诚) <lc85446@...baba-inc.com>,
李丹(斗铠) <doukai.ld@...baba-inc.com>,
许来光(朔飞) <laiguang.xlg@...baba-inc.com>,
邬桅桅(无帆) <tom.www@...baba-inc.com>,
李耀(败天) <yao.ly@...baba-inc.com>,
王佳琦(凌夜) <jiaqi.wjq@...baba-inc.com>,
申晨(孤韧) <shenchen@...baba-inc.com>,
linux-kernel <linux-kernel@...r.kernel.org>,
akpm <akpm@...ux-foundation.org>, tglx <tglx@...utronix.de>,
mingo <mingo@...nel.org>
Subject: Re: stack-protector: fix CC_HAS_STACKPROTECTOR_NONE depend on -fno-stack-protector
On Fri, Jan 11, 2019 at 7:56 PM 隆春 <longchun.lc@...baba-inc.com> wrote:
>
> commit(2a61f4747eeaa85ce26ca9fbd81421b15facd018)rename CC_STACKPROTECTOR_NONE
> config. but unfortunately if the compiler support option -fno-stack-protector,
> CC_HAS_STACKPROTECTOR_NONE will not be disabled.
>
> CC_HAS_STACKPROTECTOR_NONE and CC_STACKPROTECTOR_STRONG will be enabled at once,
> as the following conditions:
> 1. gcc support -fno-stack-protector & -fstack-protector-strong
> 2. enabled CC_STACKPROTECTOR_STRONG & STACKPROTECTOR
> 3. disabled CC_HAS_STACKPROTECTOR_NONE
While it's not very obvious, it's safe to include both
-fno-stack-protector and -fstack-protector* on the gcc command line
since the latter one is the only one that is used.
Are you seeing miscompilation or error conditions without this patch?
-Kees
--
Kees Cook
Powered by blists - more mailing lists