- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
Also:
Switch FreeBSD to use libgcc_s.so.1.
Use dl_iterate_phdr to locate shared objects' exception frame
info instead of depending on older register_frame_info machinery.
This allows us to avoid depending on libgcc_s.so.1 in binaries
that do not use exception handling directly. As an additional
benefit it breaks circular libc <=> libgcc_s.so.1 dependency too.
Build newly added libgomp.so.1 library, the runtime support
bits for OpenMP.
Build LGPLed libssp library. Our libc provides our own
BSD-licensed SSP callbacks implementation, so this library
is only built to benefit applications that have hadcoded
knowledge of libssp.so and libssp_nonshared.a. When linked
in from command line, these libraries override libc
implementation.
under way to move the remnants of the a.out toolchain to ports. As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL. It has already lasted WAY beyond
that.
Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.
Tested on: i386 (extensively), alpha
to work at least for the non-hairy stuff. The main wrinkle here is that
a whole mess of include files get installed and under different names.
An earlier version of this built a shadow include tree first in the obj
directory, but this depends on the 'make includes' functionality.
More tweaking is certainly going to be needed.
non-threaded programs. This provides threaded programs with the
needed exception frame symbols.
parts submitted by: Max Khon <fjoe@iclub.nsu.ru>
PR: 23252
when using the egcs and gcc-devel ports, along with GCC built from stock
public FSF sources. With out this change, FreeBSD will be removed from
the list of systems GCC 3.0 must be evaluated on before release. With
the effort some of us put into getting FreeBSD on this list, we should
not turn this effort into a waste, else we might not be worth fighting
for in the future. (note that Alpha and IA-64 versions of crt{i,n}.S
are needed)
* Switch from our own crt{begin,in} to those created from GCC's crtstuff.c.
This will allow us to switch to DWARF2 exceptions in the future, along with
staying in sync with any future GCC requirements.
* Break out our ELF branding bits into a seperate file. Currently this
is now included by our crt1.c files (since this functionality was part of
our native crtbegin.c). Later crtbrand.o will be merged in the creation
of crti.o.
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
