From owner-freebsd-current@FreeBSD.ORG Tue Jun 13 15:52:23 2006 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 942DB16A41B for ; Tue, 13 Jun 2006 15:52:23 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from smtp5-g19.free.fr (smtp5-g19.free.fr [212.27.42.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id D480E43D55 for ; Tue, 13 Jun 2006 15:52:20 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (tataz.chchile.org [82.233.239.98]) by smtp5-g19.free.fr (Postfix) with ESMTP id 8067827570; Tue, 13 Jun 2006 17:52:17 +0200 (CEST) Received: from obiwan.tataz.chchile.org (unknown [192.168.1.25]) by tatooine.tataz.chchile.org (Postfix) with ESMTP id 1C6C29C170; Tue, 13 Jun 2006 15:52:37 +0000 (UTC) Received: by obiwan.tataz.chchile.org (Postfix, from userid 1000) id 04C39405A; Tue, 13 Jun 2006 17:52:36 +0200 (CEST) Date: Tue, 13 Jun 2006 17:52:36 +0200 From: Jeremie Le Hen To: "M. Warner Losh" Message-ID: <20060613155236.GL19457@obiwan.tataz.chchile.org> References: <4489DCAE.3070005@overflow.no> <20060609233148.GA88285@gothmog.pc> <20060610.001741.1021577364.imp@bsdimp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060610.001741.1021577364.imp@bsdimp.com> User-Agent: Mutt/1.5.11 Cc: keramida@ceid.upatras.gr, rip@overflow.no, drosih@rpi.edu, freebsd-current@freebsd.org Subject: Re: [fbsd] Re: [fbsd] Integrating ProPolice/SSP into FreeBSD X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jun 2006 15:52:23 -0000 Hi, Thanks to everyone who gave me some feedback. On 2006-06-09 16:40, Chris wrote: > : > > : > > I'm using it successfuly with the stackp-gap and the random > : > > mmap on 6.1-RELEASE. No problems at all really :) Except > : > > that I want a nob for gcc to use the protection by default. > : > > We discussed this in another email. Chris, Yes, indeed. I forgot to keep you in touch as I had promised, nevertheless I have thought about it. When I started my patch back in 2005, I did have an option to use stack protector by default. However, this led to an heavy ratio of noise in the Makefiles, given the WITH_*/WITHOUT_* wasn't there yet in that time. If I add this now, I think it would be less intrusive than it was, but only for CURRENT. RELENG_6 still uses the old NO_* knobs, and this would be a mess like it has been in the past. Currently I am willing to maintain a patch for each branch. There is already a small gap between them and I really don't want to see it become wider. I could probably implement this stuff in CURRENT, but I am pretty sure this would lead to a non-negligible number of RELENG_6 users asking me why this hasn't been implemented for their branch. IOW, I think I should prevent from implementing this option for the moment, at least while RELENG_7 hasn't been branched. On Sat, Jun 10, 2006 at 12:17:41AM -0600, M. Warner Losh wrote: > In message: > Garance A Drosihn writes: > : At 2:31 AM +0300 6/10/06, Giorgos Keramidas wrote: > : >You can always use `/etc/make.conf' to set it globally, right? > : > : Not quite globally. That will only set it for programs > : whose makefiles .include /usr/share/mk/sys.mk . That's > : all of buildworld, but it wouldn't include programs that > : people are building on their own. > > Actually, all invocationso of make use /usr/share/mk/sys.mk. It is > global. And therefore /etc/make.conf is included for all Makefiles in > the system (except when one uses gmake :-). I wanted to use share/mk/sys.mk for a while because it was indeed read by make(1) upon each invocation, but meanwhile I was a little reluctant because the SSP stuff has really nothing to do with what was already living there. Finally, I decided to be as little intrusive as I could and modified bsd.sys.mk. Thus GCC would be merely SSP-ready for all applications. I added the required glue in Makefiles in order to make buildworld and (most) ports work without any pain, with the help of WITH(OUT)_SSP. It is up to the user to manage with the SSP flags if he uses gmake or BSD make without bsd.prog.mk, bsd.lib.mk or bsd.port.mk. (For pedantic people, I don't mean bsd.sys.mk is used for ports. Actually I created bsd.ssp.mk which is included in both bsd.sys.mk and bsd.port.mk.) Thank you. Best regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >