[Bug build/7065] Support building glibc with -fstack-protector or -fstack-protector-all

["nick.alcock at oracle dot com" <sourceware-bugzilla at sourceware dot org>]

https://sourceware.org/bugzilla/show_bug.cgi?id=7065

Nick Alcock <nick.alcock at oracle dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |nick.alcock at oracle dot com

--- Comment #12 from Nick Alcock <nick.alcock at oracle dot com> ---
(In reply to Andreas Jaeger from comment #10)
> Your change contains two different changes:
> * Supporting stack-protector
> * A different implementation of chk_fail function
> 
> For addition to glibc, I would only look at the stack-protector support. I
> suggest you continue discussing this on the libc-alpha list.

It's terribly late (I frankly forgot this bug existed) but I'm about to
reanimate this one. (I suspect it protects me from CVE-2015-7545 and it seems
unfair to keep it to myself like this.)

However, splitting the different changes apart is rather difficult: the
stack-protector changes actually depend on the different stack_chk_fail,
because the existing __stack_chk_fail() -> __fortify_fail() -> __libc_message()
path ends up calling down to libio and the like, and if you're to use those for
__stack_chk_fail() all those routines cannot themselves be compiled with
stack-protection. The gentoo-derived routine I replaced it with uses none of
that, and is standalone.

Anyway -- that's just one of several possible problems with this patch! I'll
reanimate the patch against trunk and then bring it up on the list (and my
apologies for putting it off for so long).

-- 
You are receiving this mail because:
You are on the CC list for the bug.