lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sun, 13 Jan 2019 08:24:52 +0900
From:   Masahiro Yamada <yamada.masahiro@...ionext.com>
To:     隆春 <longchun.lc@...baba-inc.com>
Cc:     李诚(允诚) <lc85446@...baba-inc.com>,
        李丹(斗铠) <doukai.ld@...baba-inc.com>,
        许来光(朔飞) <laiguang.xlg@...baba-inc.com>,
        邬桅桅(无帆) <tom.www@...baba-inc.com>,
        李耀(败天) <yao.ly@...baba-inc.com>,
        王佳琦(凌夜) <jiaqi.wjq@...baba-inc.com>,
        申晨(孤韧) <shenchen@...baba-inc.com>,
        keescook <keescook@...omium.org>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        akpm <akpm@...ux-foundation.org>, tglx <tglx@...utronix.de>,
        mingo <mingo@...nel.org>
Subject: Re: stack-protector: fix CC_HAS_STACKPROTECTOR_NONE depend on -fno-stack-protector

On Sat, Jan 12, 2019 at 12:57 PM 隆春 <longchun.lc@...baba-inc.com> wrote:
>
> commit(2a61f4747eeaa85ce26ca9fbd81421b15facd018)rename CC_STACKPROTECTOR_NONE
> config. but unfortunately if the compiler support option -fno-stack-protector,
> CC_HAS_STACKPROTECTOR_NONE will not be disabled.

You completely misunderstood that commit.


The meaning of CC_HAS_STACKPROTECTOR_NONE is
"the compiler recognizes -fno-stack-protector option"
instead of "disable the stack protector".




Now that STACKPROTECTOR is a boolean option,
CONFIG_STACKPROTECTOR=n means "disable the stack protector".




> CC_HAS_STACKPROTECTOR_NONE and CC_STACKPROTECTOR_STRONG will be enabled at once,
> as the following conditions:
>         1. gcc support -fno-stack-protector & -fstack-protector-strong
>         2. enabled CC_STACKPROTECTOR_STRONG & STACKPROTECTOR


CC_STACKPROTECTOR_STRONG does not exist any more.

STACKPROTECTOR_STRONG and STACKPROTECTOR exist.




>         3. disabled CC_HAS_STACKPROTECTOR_NONE

This represents the compiler capability.

Not a user-configurable option.



>
>
>


-- 
Best Regards
Masahiro Yamada

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ