[Buildroot] [PATCH 2/2] lxc: fix build without stack protector

Fabrice Fontaine fontaine.fabrice at gmail.com
Mon Dec 3 22:13:04 UTC 2018


Dear Thomas,
Le lun. 3 déc. 2018 à 23:01, Thomas Petazzoni
<thomas.petazzoni at bootlin.com> a écrit :
>
> Hello,
>
> On Mon,  3 Dec 2018 22:46:37 +0100, Fabrice Fontaine wrote:
> > Add an option to disable the stack protector flags added in version
> > 3.0.3 by
> > https://github.com/lxc/lxc/commit/2268c27754152aa538db2c9e3753d72d19bcd17a
> >
> > Fixes:
> >  - http://autobuild.buildroot.org/results/0b90e7dca2984652842832a41abad93ac49a9b86
> >
> > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
>
> Thanks for working on this!
>
>
> > ++if test "x$enable_hardening" = "xyes"; then
> > ++    AX_CHECK_COMPILE_FLAG([-fstack-clash-protection], [CFLAGS="$CFLAGS -fstack-clash-protection"],,[-Werror])
> > ++    AX_CHECK_COMPILE_FLAG([-fstack-protector-strong], [CFLAGS="$CFLAGS -fstack-protector-strong"],,[-Werror])
> > ++    AX_CHECK_COMPILE_FLAG([-g], [CFLAGS="$CFLAGS -g"],,[-Werror])
>
> Why is -g handled as one of the hardening flags ? Building with
> debugging symbols can hardly be considered "hardening" :-)
Indeed ...
>
> Also, is upstream going to accept this --enable/--disable option ?
> Should we instead use AX_CHECK_LINK_FLAG() ?
I didn't think about this solution and I have not send this second
patch upstream yet. I will try it and send a v2.
>
> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
Best Regards,

Fabrice


More information about the buildroot mailing list