From 10c85e76c09716e744b4a41006718400b1eb2e84 Mon Sep 17 00:00:00 2001 From: Nick Alcock Date: Mon, 26 Dec 2016 10:08:45 +0100 Subject: Disable stack protector in early static initialization [BZ #7065] The startup code in csu/, and the brk and sbrk functions are needed very early in initialization of a statically-linked program, before the stack guard is initialized; TLS initialization also uses memcpy, which cannot overrun its own stack. Mark all of these as -fno-stack-protector. We also finally introduce @libc_cv_ssp@ and @no_stack_protector@, both substituted by the configury changes made earlier, to detect the case when -fno-stack-protector is supported by the compiler, and unconditionally pass it in when this is the case, whether or not --enable-stack-protector is passed to configure. (This means that it'll even work when the compiler's been hacked to pass -fstack-protector by default, unless the hackage is so broken that it does so in a way that is impossible to override.) --- csu/Makefile | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'csu') diff --git a/csu/Makefile b/csu/Makefile index 3d23f13868..75f36bbbf4 100644 --- a/csu/Makefile +++ b/csu/Makefile @@ -46,6 +46,10 @@ before-compile += $(objpfx)version-info.h # code is compiled with special flags. tests = +CFLAGS-.o += $(no-stack-protector) +CFLAGS-.op += $(no-stack-protector) +CFLAGS-.os += $(no-stack-protector) + ifeq (yes,$(build-shared)) extra-objs += S$(start-installed-name) gmon-start.os ifneq ($(start-installed-name),$(static-start-installed-name)) -- cgit v1.2.3-70-g09d2