From owner-cvs-all@FreeBSD.ORG Mon Jul 7 11:49:27 2008 Return-Path: Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E98F41065681; Mon, 7 Jul 2008 11:49:26 +0000 (UTC) (envelope-from stas@ht-systems.ru) Received: from smtp.ht-systems.ru (mr0.ht-systems.ru [78.110.50.55]) by mx1.freebsd.org (Postfix) with ESMTP id 5CE728FC2C; Mon, 7 Jul 2008 11:49:25 +0000 (UTC) (envelope-from stas@ht-systems.ru) Received: from [83.166.229.34] (helo=sputnik.SpringDaemons.com) by smtp.ht-systems.ru with esmtpa (Exim 4.62) (envelope-from ) id 1KFpDf-0008Uc-0B; Mon, 07 Jul 2008 15:49:23 +0400 Received: by sputnik.SpringDaemons.com (Postfix, from userid 1024) id 9AADA9413AE; Mon, 7 Jul 2008 15:50:23 +0400 (MSD) Date: Mon, 7 Jul 2008 15:50:17 +0400 From: Stanislav Sedov To: Ruslan Ermilov Message-Id: <20080707155017.6850f3a5.stas@FreeBSD.org> In-Reply-To: <200806252138.m5PLcajG067917@repoman.freebsd.org> References: <200806252138.m5PLcajG067917@repoman.freebsd.org> Organization: The FreeBSD Project X-XMPP: ssedov@jabber.ru X-Voice: +7 916 849 20 23 X-PGP-Fingerprin: F21E D6CC 5626 9609 6CE2 A385 2BF5 5993 EB26 9581 X-Mailer: carrier-pigeon Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="PGP-SHA1"; boundary="Signature=_Mon__7_Jul_2008_15_50_17_+0400_.6RIoY2=y8UbqJsY" Cc: arm@FreeBSD.org, cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src Makefile.inc1 src/gnu/lib Makefile src/gnu/lib/csu Makefile src/gnu/lib/libssp Makefile src/lib/csu Makefile.inc src/lib/libc Makefile src/lib/libstand Makefile src/lib/libthr Makefile src/libexec/rtld-elf Makefile src/release Makefile ... X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2008 11:49:27 -0000 --Signature=_Mon__7_Jul_2008_15_50_17_+0400_.6RIoY2=y8UbqJsY Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, 25 Jun 2008 21:33:28 +0000 (UTC) Ruslan Ermilov mentioned: > ru 2008-06-25 21:33:28 UTC >=20 > FreeBSD src repository >=20 > Modified files: > . Makefile.inc1=20 > gnu/lib Makefile=20 > gnu/lib/csu Makefile=20 > gnu/lib/libssp Makefile=20 > lib/libc Makefile=20 > lib/libstand Makefile=20 > lib/libthr Makefile=20 > libexec/rtld-elf Makefile=20 > release Makefile=20 > release/picobsd/build picobsd=20 > rescue/librescue Makefile=20 > rescue/rescue Makefile=20 > share/mk bsd.sys.mk=20 > sys/boot/arm/at91 Makefile.inc=20 > sys/boot/efi Makefile.inc=20 > sys/boot/i386 Makefile.inc=20 > sys/boot/i386/loader Makefile=20 > sys/boot/ia64 Makefile.inc=20 > sys/boot/ia64/common Makefile=20 > sys/boot/ia64/efi Makefile=20 > sys/boot/ia64/ski Makefile=20 > sys/boot/pc98 Makefile.inc=20 > sys/boot/pc98/loader Makefile=20 > sys/boot/powerpc/ofw Makefile=20 > sys/boot/sparc64 Makefile.inc=20 > sys/boot/sparc64/loader Makefile=20 > sys/conf files kern.mk kern.pre.mk=20 > tools/build/options WITHOUT_SSP=20 > Added files: > lib/csu Makefile.inc=20 > sys/boot Makefile.inc=20 > sys/boot/arm Makefile.inc=20 > sys/boot/ofw Makefile.inc=20 > sys/boot/powerpc Makefile.inc=20 > sys/boot/uboot Makefile.inc=20 > sys/kern stack_protector.c=20 > Log: > SVN rev 180012 on 2008-06-25 21:33:28Z by ru > =20 > Enable GCC stack protection (aka Propolice) for userland: > - It is opt-out for now so as to give it maximum testing, but it may be > turned opt-in for stable branches depending on the consensus. You > can turn it off with WITHOUT_SSP. > - WITHOUT_SSP was previously used to disable the build of GNU libssp. > It is harmless to steal the knob as SSP symbols have been provided > by libc for a long time, GNU libssp should not have been much used. > - SSP is disabled in a few corners such as system bootstrap programs > (sys/boot), process bootstrap code (rtld, csu) and SSP symbols themse= lves. > - It should be safe to use -fstack-protector-all to build world, however > libc will be automatically downgraded to -fstack-protector because it > breaks rtld otherwise. > - This option is unavailable on ia64. > =20 > Enable GCC stack protection (aka Propolice) for kernel: > - It is opt-out for now so as to give it maximum testing. > - Do not compile your kernel with -fstack-protector-all, it won't work. > =20 This break world on at91rm9200 and, probably, on other arm targets. I haven't digged into the problem deeply, but the kernel doesn't seem to be able to execute any ssp-enabled binaries (coredumps with bus error). --=20 Stanislav Sedov ST4096-RIPE --Signature=_Mon__7_Jul_2008_15_50_17_+0400_.6RIoY2=y8UbqJsY Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkhyAv8ACgkQK/VZk+smlYH7wgCdEDhyxBb/XIihWFzg1u6dm6EG xYgAn3pCjUvTzsfePCxwO8OTlLMYn9EB =H2uL -----END PGP SIGNATURE----- --Signature=_Mon__7_Jul_2008_15_50_17_+0400_.6RIoY2=y8UbqJsY--