[Buildroot] [PATCH] Config.in: disable Fortify Source for microblaze
Giulio Benetti
giulio.benetti at benettiengineering.com
Fri Aug 20 23:09:08 UTC 2021
On 8/21/21 12:59 AM, Giulio Benetti wrote:
> Hi Romain, All,
>
> On 8/21/21 12:53 AM, Romain Naour wrote:
>> As reported by Toolchain-builder project [1], the system doesn't
>> boot when Fortify Source is enabled for glibc based toolchain
>> (the init process hang).
>>
>> Also, hardening features may not be wanted or possible for such
>> slow soft-core cpus [2].
>>
>> [1] https://gitlab.com/bootlin/toolchains-builder/-/jobs/1467624500
>> [2] http://lists.busybox.net/pipermail/buildroot/2021-June/312416.html
>>
>> Signed-off-by: Romain Naour <romain.naour at gmail.com>
>> Cc: Thomas Petazzoni <thomas.petazzoni at bootlin.com>
>> Cc: Giulio Benetti <giulio.benetti at benettiengineering.com>
>> ---
>> With BR2_RELRO_PARTIAL enabled, the system boot.
>> ---
>> Config.in | 7 +++++++
>> 1 file changed, 7 insertions(+)
>>
>> diff --git a/Config.in b/Config.in
>> index 2ef5d407e4..84f7fa6e8d 100644
>> --- a/Config.in
>> +++ b/Config.in
>> @@ -853,9 +853,16 @@ endchoice
>> comment "RELocation Read Only (RELRO) needs shared libraries"
>> depends on !BR2_SHARED_LIBS
>>
>> +config BR2_FORTIFY_SOURCE_ARCH_SUPPORTS
>> + bool
>> + default y
>> + # Microblaze glibc toolchains don't work with Fortify Source enabled > + depends on !BR2_microblaze
>
> here you say it doesn't work with glibc toolchains, so you could add
> '&& !BR2_TOOLCHAIN_USES_GLIBC'. I think it's worth if it works with
> uclibc and musl.
Of course between parenthesis like:
```
depends on (!BR2_microblaze && !BR2_TOOLCHAIN_USES_GLIBC)
```
otherwise every toolchain which uses glibc doesn't use Fortify anymore.
> What do you think about it?
>
> Best regards
>
--
Giulio Benetti
Benetti Engineering sas
More information about the buildroot
mailing list