Re: [PATCH] tools: bpf: Disable stack protector

From: Yonghong Song
Date: Tue Jan 17 2023 - 11:23:06 EST

Next message: Tvrtko Ursulin: "Re: [RFC 04/12] drm/cgroup: Track clients per owning process"
Previous message: Evgenii Shatokhin: "Re: [PATCH -next V7 6/7] samples: ftrace: Add riscv support for SAMPLE_FTRACE_DIRECT[_MULTI]"
In reply to: Peter Foley: "Re: [PATCH] tools: bpf: Disable stack protector"
Next in thread: Jose E. Marchesi: "Re: [PATCH] tools: bpf: Disable stack protector"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/16/23 11:09 PM, Peter Foley wrote:

On Mon, Jan 16, 2023 at 11:05 PM Yonghong Song <yhs@xxxxxxxx> wrote:

If I understand correctly (by inspecting clang code), the stack
protector is off by default. Do you have link to Gentoo build
page to show how they enable stack protector? cmake config or
a private patch?

The relevant override appears to be
https://github.com/gentoo/gentoo/blob/c5247250e9d4a09e67a602965a5f72be3cebbf34/sys-devel/clang-common/clang-common-15.0.7.ebuild#L93

Thanks for the link. Looks like this is a security feature added by hardened_gentoo progject (https://wiki.gentoo.org/wiki/Hardened_Gentoo)
which unconditionally added -fstack-protector-strong to the clang
compilation flag.

Next message: Tvrtko Ursulin: "Re: [RFC 04/12] drm/cgroup: Track clients per owning process"
Previous message: Evgenii Shatokhin: "Re: [PATCH -next V7 6/7] samples: ftrace: Add riscv support for SAMPLE_FTRACE_DIRECT[_MULTI]"
In reply to: Peter Foley: "Re: [PATCH] tools: bpf: Disable stack protector"
Next in thread: Jose E. Marchesi: "Re: [PATCH] tools: bpf: Disable stack protector"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]