Feature #5922
closed
Want support for building with -fstack-protector
100%
Description
Stack smashing protection (in the form of gcc's -fstack-protector and family) is the default in the latest version of GCC, will soon be the default for the Linux kernel, and has been the default across most of the BSD family for years. We should support building with it.
This requires a small addition to the kernel and libc (the exception handler and an init function to generate a stack canary value). For starters we should make the kernel build work, since we have all the relevant code in one place and panic() exists to let us safely get out of a broken context.
Related issues
Updated by Andrew Stormont about 6 years ago
- Related to Feature #5788: Want support for GCC's stack protector in libc added
Updated by Andrew Stormont almost 6 years ago
Link to webrev that was posted to the mailing list: https://xylem.cooperi.net/~alex/webrev-5922/
Updated by Andrew Stormont almost 6 years ago
Revised version: https://xylem.cooperi.net/~alex/webrev-5922-2/
Updated by Andrew Stormont almost 6 years ago
FWIW the changes look good to me. I might be able to help with testing if that's what's holding up the integration process.
Updated by Electric Monk almost 6 years ago
- Status changed from New to Closed
- % Done changed from 30 to 100
git commit 6a59053b922dcd35760db6b042abda7cb6ef1c80
commit 6a59053b922dcd35760db6b042abda7cb6ef1c80
Author: Alex Wilson <alex@uq.edu.au>
Date: 2015-08-10T22:47:52.000Z
5922 Want support for building with -fstack-protector
Reviewed by: Josef 'Jeff' Sipek <josef.sipek@nexenta.com>
Reviewed by: Richard Lowe <richlowe@richlowe.net>
Approved by: Robert Mustacchi <rm@joyent.com>
Updated by Andrew Stormont almost 6 years ago
Nice one! Now we just need to get these functions implemented in libc and we'll have full support.