[Buildroot] [PATCH v2, 2/2] lxc: fix build without stack protector
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Tue Dec 4 08:31:42 UTC 2018
Hello,
On Tue, 4 Dec 2018 10:15:11 +0200, Baruch Siach wrote:
> > The question is whether we want SSP support to be enabled as soon as
> > the toolchain *has* SSP support, or only when the user explicitly
> > request SSP support using BR2_SSP_{REGULAR,STRONG,ALL} ?
> >
> > This is a real policy decision:
> >
> > - Do we let the packages default to what they think is good (of course
> > as long as the toolchain provides what's needed) ?
> >
> > - Or do we enforce the system-level configuration options that
> > Buildroot has ?
>
> I think we should let upstream packages decide when to enable SSP. This patch,
> however, disables SSP unconditionally, AFAICS. I don't think we want to do
> that. So I suggest to force SSP disable only when BR2_TOOLCHAIN_HAS_SSP is
> disabled.
Well, Fabrice patch doesn't really disable SSP unconditionally: it
tells the package to never enable SSP on its own.
However, if one of the global BR2_SSP_{REGULAR,STRONG,ALL} options are
enabled, the compiler wrapper will properly build everything with SSP
support, including lxc. So basically, Fabrice's patch is a correct
implementation for the option (2) I described above.
I don't (yet?) have a strong opinion on which of the two options we
want to chose, but Fabrice's solution does implement one of them
correctly :)
Best regards,
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list