Bump the stack protector to level "strong".
The general stack protector is known to be weak and has pretty small coverage. While setting stack-protector-all would give better protection it would come with a performance cost: for this reason Google's Chrome OS team developed a new stack-protector-strong variant. In addition to the protections offered by -fstack-protector, the new option will guard any function that declares any type or length of local array, even those in structs or unions. It will also protect functions that use a local variable's address in a function argument or on the right-hand side of an assignment. The option was introduced in GCC-4.9, but support for it has been back-ported to our base GCC (r286074) and is also available in clang. The change was tested with dbench and doesn't introduce performance regressions. An exp-run over the ports tree revealed no failures when using the stricter stack-protector-all. Thanks to all testers involved. Reference: https://outflux.net/blog/archives/2014/01/27/fstack-protector-strong/ Tested by: pho, portmgr (antoine) Discussed with: secteam (delphij) Differential Revision: https://reviews.freebsd.org/D3463 PR: 203394 (exp-run) Relnotes: yes MFC: no (not supported in older clang)
This commit is contained in:
pfg
parent
503489ef47
commit
cdfe89c7e1
@ -149,7 +149,7 @@ CXXFLAGS.clang+= -Wno-c++11-extensions
|
||||
.if ${MK_SSP} != "no" && \
|
||||
${MACHINE_CPUARCH} != "arm" && ${MACHINE_CPUARCH} != "mips"
|
||||
# Don't use -Wstack-protector as it breaks world with -Werror.
|
||||
SSP_CFLAGS?= -fstack-protector
|
||||
SSP_CFLAGS?= -fstack-protector-strong
|
||||
CFLAGS+= ${SSP_CFLAGS}
|
||||
.endif # SSP && !ARM && !MIPS
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user