Commit Graph

123 Commits

Author SHA1 Message Date
Baptiste Daroussin
18b2ee82db Revert r284417 it is not necessary anymore 2015-06-15 19:28:07 +00:00
Baptiste Daroussin
4232f82668 Enforce overwritting SHLIBDIR
Since METAMODE has been added, sys.mk loads bsd.mkopt.mk which ends load loading
bsd.own.mk which then defines SHLIBDIR before all the Makefile.inc everywhere.

This makes /lib being populated again.

Reported by:	many
2015-06-15 15:34:20 +00:00
Simon J. Gerraty
98e0ffaefb Merge sync of head 2015-05-27 01:19:58 +00:00
Enji Cooper
1119ece4d3 Build/install libc, librt, libthr, and msun NetBSD test suites on all
architectures

MFC after: 1 week
2015-04-27 06:49:27 +00:00
Konstantin Belousov
0538aafc41 The lseek(2), mmap(2), truncate(2), ftruncate(2), pread(2), and
pwrite(2) syscalls are wrapped to provide compatibility with pre-7.x
kernels which required padding before the off_t parameter.  The
fcntl(2) contains compatibility code to handle kernels before the
struct flock was changed during the 8.x CURRENT development.  The
shims were reasonable to allow easier revert to the older kernel at
that time.

Now, two or three major releases later, shims do not serve any
purpose.  Such old kernels cannot handle current libc, so revert the
compatibility code.

Make padded syscalls support conditional under the COMPAT6 config
option.  For COMPAT32, the syscalls were under COMPAT6 already.

Remove WITHOUT_SYSCALL_COMPAT build option, which only purpose was to
(partially) disable the removed shims.

Reviewed by:	jhb, imp (previous versions)
Discussed with:	peter
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2015-04-18 21:50:13 +00:00
Andrew Turner
d422e6f9b5 Add the start of libc and libstand for arm64. Not all of the machine
dependent functions have been implemented, but this is enough for world.

Differential Revision:	https://reviews.freebsd.org/D2132
Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
2015-04-07 09:52:14 +00:00
Will Andrews
7a37b5fc17 Add a ${CP} alias for copying files in the build.
Some users build FreeBSD as non-root in Perforce workspaces.  By default,
Perforce sets files read-only unless they're explicitly being edited.
As a result, the -f argument must be used to cp in order to override the
read-only flag when copying source files to object directories.  Bare use of
'cp' should be avoided in the future.

Update all current users of 'cp' in the src tree.

Reviewed by:	emaste
MFC after:	1 week
Sponsored by:	Spectra Logic
2015-01-16 21:39:08 +00:00
Konstantin Belousov
8495e8b1e9 Fix known issues which blow up the process after dlopen("libthr.so")
(or loading a dso linked to libthr.so into process which was not
linked against threading library).

- Remove libthr interposers of the libc functions, including
  __error(). Instead, functions calls are indirected through the
  interposing table, similar to how pthread stubs in libc are already
  done.  Libc by default points either to syscall trampolines or to
  existing libc implementations.  On libthr load, libthr rewrites the
  pointers to the cancellable implementations already in libthr.  The
  interposition table is separate from pthreads stubs indirection
  table to not pull pthreads stubs into static binaries.

- Postpone the malloc(3) internal mutexes initialization until libthr
  is loaded.  This avoids recursion between calloc(3) and static
  pthread_mutex_t initialization.

- Reinstall signal handlers with wrapper on libthr load.  The
  _rtld_is_dlopened(3) is used to avoid useless calls to sigaction(2)
  when libthr is statically referenced from the main binary.

In the process, fix openat(2), swapcontext(2) and setcontext(2)
interposing.  The libc symbols were exported at different versions
than libthr interposers.  Export both libc and libthr versions from
libc now, with default set to the higher version from libthr.

Remove unused and disconnected swapcontext(3) userspace implementation
from libc/gen.

No objections from:	deischen
Tested by:	pho, antoine (exp-run) (previous versions)
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2015-01-03 18:38:46 +00:00
Baptiste Daroussin
6b129086dc Convert libraries to use LIBADD
While here reduce a bit overlinking
2014-11-25 11:07:26 +00:00
Simon J. Gerraty
9268022b74 Merge from head@274682 2014-11-19 01:07:58 +00:00
Enji Cooper
2f1217877e Add reachover Makefiles for contrib/netbsd-tests/lib/libc; this adds approximately
500 new testcases

Various TODOs have been sprinkled around the Makefiles for items that even need
to be ported (missing features), testcases have issues with building/linking, or
issues at runtime.

A variant of this code has been tested extensively on amd64 and i386
10-STABLE/11-CURRENT for several months without issue. It builds on other
architectures, but the code will remain off until I have prove it works on
virtual hardware or real hardware on other architectures

In collaboration with: pho, Casey Peel <casey.peel@isilon.com>
Sponsored by: EMC / Isilon Storage Division
2014-11-04 00:56:25 +00:00
Will Andrews
76479f1d3f Fix incremental builds involving non-root users with read-only source files.
Makefiles should not assume that source files can be overwritten.  This is the
common case for Perforce source trees.

This is a followup commit to r211243 in the same vein.

MFC after:	1 month
Sponsored by:	Spectra Logic
MFSpectraBSD:	r1036319 on 2014/01/29, r1046711 on 2014/03/06
2014-09-18 14:41:57 +00:00
Enji Cooper
3303bfc042 Fix "make checkdpadd" for lib/libc when MK_SSP != no
Add LIBSSP_NONSHARED to bsd.libnames.mk and append LIBSSP_NONSHARED to DPADD in
lib/libc when MK_SSP != no

Approved by: rpaulo (mentor)
MFC after: 3 days
Phabric: D675 (as part of a larger diff)
PR: 192728
2014-08-25 06:10:03 +00:00
Simon J. Gerraty
ee7b0571c2 Merge head from 7/28 2014-08-19 06:50:54 +00:00
Hajimu UMEMOTO
6f79a95b36 Bring the md5 functions into libc for internal use only.
It is required to support ID randomization for our stub
resolver.
2014-08-12 12:25:56 +00:00
Marcel Moolenaar
e7d939bda2 Remove ia64.
This includes:
o   All directories named *ia64*
o   All files named *ia64*
o   All ia64-specific code guarded by __ia64__
o   All ia64-specific makefile logic
o   Mention of ia64 in comments and documentation

This excludes:
o   Everything under contrib/
o   Everything under crypto/
o   sys/xen/interface
o   sys/sys/elf_common.h

Discussed at: BSDcan
2014-07-07 00:27:09 +00:00
Simon J. Gerraty
cc3f4b9965 Merge from head 2014-05-08 23:54:15 +00:00
Warner Losh
c6063d0da8 Use src.opts.mk in preference to bsd.own.mk except where we need stuff
from the latter.
2014-05-06 04:22:01 +00:00
Simon J. Gerraty
9d2ab4a62d Merge head 2014-04-27 08:13:43 +00:00
Andrew Turner
73279d4113 Add a new ARM TARGET_ARCH, armv6hf. This is considered experimental.
This targets the existing ARMv6 and ARMv7 SoCs that contain a VFP unit.
This is an optional coprocessors may not be present in all devices, however
it appears to be in all current SoCs we support.

armv6hf targets the VFP variant of the ARM EABI and our copy of gcc is too
old to support this. Because of this there are a number of WITH/WITHOUT
options that are unsupported and must be left as the default value. The
options and their required value are:
 * WITH_ARM_EABI
 * WITHOUT_GCC
 * WITHOUT_GNUCXX

In addition, without an external toolchain, the following need to be left
as their default:
 * WITH_CLANG
 * WITH_CLANG_IS_CC

As there is a different method of passing float and double values to
functions the ABI is incompatible with existing armv6 binaries. To use
this a full rebuild of world is required. Because no floating point values
are passed into the kernel an armv6 kernel with VFP enabled will work with
an armv6hf userland and vice versa.
2014-03-23 12:49:25 +00:00
Marcel Moolenaar
8876613dc5 Replace use of ${.CURDIR} by ${LIBC_SRCTOP} and define ${LIBC_SRCTOP}
if not already defined. This allows building libc from outside of
lib/libc using a reach-over makefile.

A typical use-case is to build a standard ILP32 version and a COMPAT32
version in a single iteration by building the COMPAT32 version using a
reach-over makefile.

Obtained from:	Juniper Networks, Inc.
2014-03-04 02:19:39 +00:00
Ed Schouten
37656b872b Replace LIBGCC by LIBCOMPILER_RT.
We now use libcompiler_rt on all platforms now. Instead of referring
directly to -lgcc and LIBGCC, use -lcompiler_rt and LIBCOMPILER_RT.
2014-01-18 14:22:56 +00:00
Peter Wemm
db2af39373 Move the iconv wrapper source from libc_nonshared to libc/iconv so that
it is all in the one place again.  Rename libc/iconv/iconv.c to
bsd_iconv.c. Compile the wrappers into libc.a so that WITHOUT_DYNAMICROOT
works again.

Discussed with:	kib (and partly stolen from his patch)
2013-11-25 20:17:55 +00:00
Simon J. Gerraty
aab5fee072 We need an extra -I from lib/msun
and we need to supress dependency on it - cyclic.
2013-10-13 00:29:14 +00:00
Simon J. Gerraty
d1d0158641 Merge from head 2013-09-05 20:18:59 +00:00
Pawel Jakub Dawidek
7008be5bd7 Change the cap_rights_t type from uint64_t to a structure that we can extend
in the future in a backward compatible (API and ABI) way.

The cap_rights_t represents capability rights. We used to use one bit to
represent one right, but we are running out of spare bits. Currently the new
structure provides place for 114 rights (so 50 more than the previous
cap_rights_t), but it is possible to grow the structure to hold at least 285
rights, although we can make it even larger if 285 rights won't be enough.

The structure definition looks like this:

	struct cap_rights {
		uint64_t	cr_rights[CAP_RIGHTS_VERSION + 2];
	};

The initial CAP_RIGHTS_VERSION is 0.

The top two bits in the first element of the cr_rights[] array contain total
number of elements in the array - 2. This means if those two bits are equal to
0, we have 2 array elements.

The top two bits in all remaining array elements should be 0.
The next five bits in all array elements contain array index. Only one bit is
used and bit position in this five-bits range defines array index. This means
there can be at most five array elements in the future.

To define new right the CAPRIGHT() macro must be used. The macro takes two
arguments - an array index and a bit to set, eg.

	#define	CAP_PDKILL	CAPRIGHT(1, 0x0000000000000800ULL)

We still support aliases that combine few rights, but the rights have to belong
to the same array element, eg:

	#define	CAP_LOOKUP	CAPRIGHT(0, 0x0000000000000400ULL)
	#define	CAP_FCHMOD	CAPRIGHT(0, 0x0000000000002000ULL)

	#define	CAP_FCHMODAT	(CAP_FCHMOD | CAP_LOOKUP)

There is new API to manage the new cap_rights_t structure:

	cap_rights_t *cap_rights_init(cap_rights_t *rights, ...);
	void cap_rights_set(cap_rights_t *rights, ...);
	void cap_rights_clear(cap_rights_t *rights, ...);
	bool cap_rights_is_set(const cap_rights_t *rights, ...);

	bool cap_rights_is_valid(const cap_rights_t *rights);
	void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
	void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
	bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);

Capability rights to the cap_rights_init(), cap_rights_set(),
cap_rights_clear() and cap_rights_is_set() functions are provided by
separating them with commas, eg:

	cap_rights_t rights;

	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT);

There is no need to terminate the list of rights, as those functions are
actually macros that take care of the termination, eg:

	#define	cap_rights_set(rights, ...)				\
		__cap_rights_set((rights), __VA_ARGS__, 0ULL)
	void __cap_rights_set(cap_rights_t *rights, ...);

Thanks to using one bit as an array index we can assert in those functions that
there are no two rights belonging to different array elements provided
together. For example this is illegal and will be detected, because CAP_LOOKUP
belongs to element 0 and CAP_PDKILL to element 1:

	cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL);

Providing several rights that belongs to the same array's element this way is
correct, but is not advised. It should only be used for aliases definition.

This commit also breaks compatibility with some existing Capsicum system calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.

Sponsored by:	The FreeBSD Foundation
2013-09-05 00:09:56 +00:00
Jeremie Le Hen
54f82841d5 Turn libc.so into an ld script rather than a symlink pointing to the
real shared object and libssp_nonshared.a.

This was the last showstopper that prevented from enabling SSP for ports
by default.  portmgr@ performed a buildworld which showed no significant
breakage with this patch.

Details:

On i386 for PIC objects, gcc uses the __stack_chk_fail_local hidden
symbol instead of calling __stack_chk_fail directly [1].  This happen
not only with our gcc-4.2.1 but also with the latest gcc-4.8.  If you
want the very nasty details, see [2].

OTOH the problem doesn't exist on other architectures.  It also doesn't
exist with Clang as the latter will somehow manage to create the
function in the object file at compile time (contrary to only
referencing it through a symbol that will be brought in at link time).

In a perfect world, when an object file is compiled with
-fstack-protector, it will be linked into a binary or a DSO with this
same flag as well, so GCC will add libssp_nonshared.a to the linker
command-line.  Unfortunately, we don't control softwares in ports and we
may have such broken DSO.  This is the whole point of this patch.

You can reproduce the problem on i386 by compiling a source file into an
object file with "-fstack-protector-all -fPIE" and linking it
into a binary without "-fstack-protector".

This ld script automatically proposes libssp_nonshared.a along with the
real libc DSO to the linker.  It is important to understand that the
object file contained in this library will be pulled in the resulting
binary _only if_ the linker notices one of its symbols is needed (i.e.
one of the SSP symbol is missing).

A theorical performance impact could be when compiling, but my testing
showed less than 0.1% of difference.

[1] For 32-bit code gcc saves the PIC register setup by using
    __stack_chk_fail_local hidden function instead of calling
    __stack_chk_fail directly.  See comment line 19460 in:
    src/contrib/gcc/config/i386/i386.c

[2] When compiling a source file to an object file, if you use something
    which is external to the compilation unit, GCC doesn't know yet if
    this symbol will be inside or outside the DSO.  So it expects the
    worst case and routes the symbol through the GOT, which means
    additional space and extra relocation for rtld(1).

    Declaring a symbol has hidden tells GCC to use the optimal route (no
    GOT), but on the other hand this means the symbol has to be provided
    in the same DSO (namely libssp_nonshared.a).

    On i386, GCC actually uses an hidden symbol for SSP in PIC objects
    to save PIC register setup, as said in [1].

PR:		ports/138228
PR:		ports/168010
Reviewed by:	kib, kan
2013-06-12 21:12:05 +00:00
Marcel Moolenaar
7750ad47a9 Sync FreeBSD's bmake branch with Juniper's internal bmake branch.
Requested by: Simon Gerraty <sjg@juniper.net>
2012-08-22 19:25:57 +00:00
Gleb Kurtsou
c7e5232438 Disable NLS catalog use in libc if built with WITHOUT_NLS option.
Functions affected: strerror, strsignal, gai_strerror.
2012-05-21 08:10:42 +00:00
Marcel Moolenaar
46ad370763 Don't link against libssp if MK_SSP is set to no.
Note that this still misses a proper dependency at this time.
2012-05-19 17:49:20 +00:00
Jason Evans
a4bd5210d5 Import jemalloc 9ef7f5dc34ff02f50d401e41c8d9a4a928e7c2aa (dev branch,
prior to 3.0.0 release) as contrib/jemalloc, and integrate it into libc.
The code being imported by this commit diverged from
lib/libc/stdlib/malloc.c in March 2010, which means that a portion of
the jemalloc 1.0.0 ChangeLog entries are relevant, as are the entries
for all subsequent releases.
2012-04-17 07:22:14 +00:00
Ed Schouten
46632c18bd Merge index() and strchr() together.
As I looked through the C library, I noticed the FreeBSD MIPS port has a
hand-written version of index(). This is nice, if it weren't for the
fact that most applications call strchr() instead.

Also, on the other architectures index() and strchr() are identical,
meaning we have two identical pieces of code in the C library and
statically linked applications.

Solve this by naming the actual file strchr.[cS] and let it use
__strong_reference()/STRONG_ALIAS() to provide the index() routine. Do
the same for rindex()/strrchr().

This seems to make the C libraries and static binaries slightly smaller,
but this reduction in size seems negligible.
2012-01-03 07:14:01 +00:00
Gabor Kovesdan
ad30f8e79b Add the BSD-licensed Citrus iconv to the base system with default off
setting. It can be built by setting the WITH_ICONV knob. While this
knob is unset, the library part, the binaries, the header file and
the metadata files will not be built or installed so it makes no impact
on the system if left turned off.

This work is based on the iconv implementation in NetBSD but a great
number of improvements and feature additions have been included:

- Some utilities have been added. There is a conversion table generator,
  which can compare conversion tables to reference data generated by
  GNU libiconv. This helps ensuring conversion compatibility.
- UTF-16 surrogate support and some endianness issues have been fixed.
- The rather chaotic Makefiles to build metadata have been refactored
  and cleaned up, now it is easy to read and it is also easier to add
  support for new encodings.
- A bunch of new encodings and encoding aliases have been added.
- Support for 1->2, 1->3 and 1->4 mappings, which is needed for
  transliterating with flying accents as GNU does, like "u.
- Lots of warnings have been fixed, the major part of the code is
  now WARNS=6 clean.
- New section 1 and section 5 manual pages have been added.
- Some GNU-specific calls have been implemented:
  iconvlist(), iconvctl(), iconv_canonicalize(), iconv_open_into()
- Support for GNU's //IGNORE suffix has been added.
- The "-" argument for stdin is now recognized in iconv(1) as per POSIX.
- The Big5 conversion module has been fixed.
- The iconv.h header files is supposed to be compatible with the
  GNU version, i.e. sources should build with base iconv.h and
  GNU libiconv. It also includes a macro magic to deal with the
  char ** and const char ** incompatibility.
- GNU compatibility: "" or "char" means the current local
  encoding in use
- Various cleanups and style(9) fixes.

Approved by:	delphij (mentor)
Obtained from:	The NetBSD Project
Sponsored by:	Google Summer of Code 2009
2011-02-25 00:04:39 +00:00
Jayachandran C.
7b87c35eba Fix n32 compile.
These changes are needed to fix n32 compile after the recent change of
mips n32 MACHINE_ARCH to mipsn32eb/mipsn32el.

Reviewed by:	imp, bz (earlier version)
2011-01-27 14:16:12 +00:00
Warner Losh
cd2ae2532f Retire TARGET_ABI.
Implement MACHINE_ARCH=mips64e[lb] to build N64 images.  This replaces
MACHINE_ARCH=mipse[lb] TARGET_ABI=n64.

MACHINE_ARCH=mipsn32e[lb] has been added, but currently requires
WITHOUT_CDDL due to atomic issues in libzfs.  I've not investigated
this much, but implemented this to preserve as much of the TARGET_ABI
functionality that I could.  Since its presence doesn't affect the
working cases, I've kept it in for now.

Added mips64e[lb] to make universe, so more kernels build.

And I think this (finally) closes the curtain on the tbemd tree.
2011-01-07 20:26:33 +00:00
David Xu
f4213b9006 To support stack unwinding for cancellation points, add -fexceptions flag
for them, two functions _pthread_cancel_enter and _pthread_cancel_leave
are added to let thread enter and leave a cancellation point, it also
makes it possible that other functions can be cancellation points in
libraries without having to be rewritten in libthr.
2010-09-25 01:57:47 +00:00
Nathan Whitehorn
f61ce56845 Allow ABIs to provide their own LIBC_ARCH in a more generic way. As a side
effect, this fixes the build on powerpc64.

Reviewed by:	imp
2010-08-25 20:48:24 +00:00
Warner Losh
bff351d7fe Fix an accidental sed... 2010-08-24 21:28:34 +00:00
Warner Losh
2c0959ae6b Powerpc is special here. powerpc and powerpc64 use different ABIs, so
their implementations aren't in the same files.  Introduce LIBC_ARCH
and use that in preference to MACHINE_CPUARCH.  Tested by amd64 and
powerpc64 builds (thanks nathanw@)
2010-08-24 20:54:43 +00:00
Warner Losh
25faff346c MFtbemd:
Prefer MACHNE_CPUARCH to MACHINE_ARCH in most contexts where you want
to test of all the CPUs of a given family conform.
2010-08-23 22:24:11 +00:00
Konstantin Belousov
aeaffd647e Style.
MFC after:	3 days
2010-08-23 15:18:35 +00:00
Rui Paulo
271e7c594b Disable all warnings when building gdtoa. This allows building libc with
clang.
The general idea is that the vendor will not accept our compilation
patches and so disabling the warnings is the best way to go as it makes
future imports bearable.

Submitted by:	Dimitry Andric <dimitry at andric.com>
Discussed with:	das
2010-08-01 12:35:01 +00:00
Nathan Whitehorn
840b91cc52 Provide 64-bit PowerPC support in libc.
Obtained from:	projects/ppc64
2010-07-10 14:45:03 +00:00
Jayachandran C.
9279d32a64 Merge jmallett@'s n64 work into HEAD - changeset 2
Update libc Makefiles.
Add makecontext implementation.

Changes from http://svn.freebsd.org/base/user/jmallett/octeon

Approved by:	rrs(mentor), jmallett
2010-06-16 14:13:36 +00:00
Warner Losh
52e0ea7a0d Merge r195030 from project/mips to head by hand
r195030 | gonzo | 2009-06-25 19:27:31 -0600 (Thu, 25 Jun 2009) | 4 lines
- Switch to libc softfloat from libgcc implementation. The problem
    with latter is that it is not complete, fpsetXXX/fpgetXXX
    functions are missing.
2010-01-09 00:01:35 +00:00
Alexander Kabaev
2286fe7635 Second attempt at eliminating .text relocations in shared libraries
compiled with stack protector.

Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC
generates local calls to this function which result in absolute
relocations put into position-independent code segment, making dynamic
loader do extra work every time given shared library is being relocated
and making affected text pages non-shareable.

Reviewed by:        kib
Approved by:        re (kib)
2009-07-14 21:19:13 +00:00
Alexander Kabaev
d48890cfb8 Back out previous revision until better tested fix is ready.
Approved by: re (impliciti, by approving previos check-in)
2009-06-29 01:33:59 +00:00
Alexander Kabaev
a162c9ae9c Eliminate .text relocations in shared libraries compiled with stack protector.
Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC generates
local calls to this function which result in absolute relocations put into
position-independent code segment, making dynamic loader do extra work everys
time given shared library is being relocated and making affected text pages
non-shareable.

Reviewed by:        kib
Approved by:        re (kensmith)
2009-06-28 23:51:39 +00:00
Gabor Kovesdan
fe73c506a4 - Reenable Native Language Support in libc. This feature was disabled due
to possible breakages in the catalog handling code.  Since then, that
  code has been replaced by the secure code from NetBSD but NLS in libc
  remained turned off.  Tests have shown that the feature is stable and
  working so we can now turn it on again.

- Add several new catalog files:
  - ca_ES.ISO8859-1
  - de_DE.ISO8859-1
  - el_GR.ISO8859-7  (by manolis@ and keramida@)
  - es_ES.ISO8859-1  (kern/123179, by carvay@)
  - fi_FI.ISO8859-1
  - fr_FR.ISO8859-1  (kern/78756, by thierry@)
  - hu_HU.ISO8859-2  (by gabor@)
  - it_IT.ISO8859-15
  - nl_NL.ISO8859-1  (corrections by rene@)
  - no_NO.ISO8859-1
  - mn_MN.UTF-8      (by ganbold@)
  - sk_SK.ISO8859-2
  - sv_SE.ISO8859-1
  (The catalogs without explicit source has been obtained from NetBSD.)

Approved by:	attilio
2009-03-13 10:40:38 +00:00
Ruslan Ermilov
042df2e2da Enable GCC stack protection (aka Propolice) for userland:
- It is opt-out for now so as to give it maximum testing, but it may be
  turned opt-in for stable branches depending on the consensus.  You
  can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
  It is harmless to steal the knob as SSP symbols have been provided
  by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
  (sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
  libc will be automatically downgraded to -fstack-protector because it
  breaks rtld otherwise.
- This option is unavailable on ia64.

Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.

Submitted by:	Jeremie Le Hen <jeremie@le-hen.org>
2008-06-25 21:33:28 +00:00