[Buildroot] [PATCH 2/2] lxc: fix build without stack protector
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Mon Dec 3 22:01:43 UTC 2018
Hello,
On Mon, 3 Dec 2018 22:46:37 +0100, Fabrice Fontaine wrote:
> Add an option to disable the stack protector flags added in version
> 3.0.3 by
> https://github.com/lxc/lxc/commit/2268c27754152aa538db2c9e3753d72d19bcd17a
>
> Fixes:
> - http://autobuild.buildroot.org/results/0b90e7dca2984652842832a41abad93ac49a9b86
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Thanks for working on this!
> ++if test "x$enable_hardening" = "xyes"; then
> ++ AX_CHECK_COMPILE_FLAG([-fstack-clash-protection], [CFLAGS="$CFLAGS -fstack-clash-protection"],,[-Werror])
> ++ AX_CHECK_COMPILE_FLAG([-fstack-protector-strong], [CFLAGS="$CFLAGS -fstack-protector-strong"],,[-Werror])
> ++ AX_CHECK_COMPILE_FLAG([-g], [CFLAGS="$CFLAGS -g"],,[-Werror])
Why is -g handled as one of the hardening flags ? Building with
debugging symbols can hardly be considered "hardening" :-)
Also, is upstream going to accept this --enable/--disable option ?
Should we instead use AX_CHECK_LINK_FLAG() ?
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list