freebsd-nq/sys/boot/i386/Makefile.inc
Ruslan Ermilov 042df2e2da Enable GCC stack protection (aka Propolice) for userland:
- It is opt-out for now so as to give it maximum testing, but it may be
  turned opt-in for stable branches depending on the consensus.  You
  can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
  It is harmless to steal the knob as SSP symbols have been provided
  by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
  (sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
  libc will be automatically downgraded to -fstack-protector because it
  breaks rtld otherwise.
- This option is unavailable on ia64.

Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.

Submitted by:	Jeremie Le Hen <jeremie@le-hen.org>
2008-06-25 21:33:28 +00:00

29 lines
565 B
Makefile

# Common defines for all of /sys/boot/i386/
#
# $FreeBSD$
BINDIR?= /boot
LOADER_ADDRESS?=0x200000
CFLAGS+= -ffreestanding -mpreferred-stack-boundary=2 \
-mno-mmx -mno-3dnow -mno-sse -mno-sse2 -mno-sse3
LDFLAGS+= -nostdlib
.if ${MACHINE_ARCH} == "amd64"
CFLAGS+= -m32 -march=i386
LDFLAGS+= -m elf_i386_fbsd
AFLAGS+= --32
.endif
# BTX components
.if exists(${.OBJDIR}/../btx)
BTXDIR= ${.OBJDIR}/../btx
.else
BTXDIR= ${.CURDIR}/../btx
.endif
BTXLDR= ${BTXDIR}/btxldr/btxldr
BTXKERN= ${BTXDIR}/btx/btx
BTXCRT= ${BTXDIR}/lib/crt0.o
.include "../Makefile.inc"