[LinuxBIOS] Possible stack protect solutions
Jordan Crouse
jordan.crouse at amd.com
Thu Dec 20 18:57:58 CET 2007
On 20/12/07 09:50 -0800, ron minnich wrote:
> Here's where the action is in build_target:
>
>
> # make sure config.py is up-to-date
>
> export PYTHONPATH=$config_dir
> $PYTHON $config_py $config_lb $lbpath
>
> exit $?
>
> This is at the end.
>
> So we could, at the end, before exit, compute the distro-specific
> flags and then append them to $build_dir/Makefile.settings and
> $build_dir/*/Makefile.settings (I'm sorry for this part, I can only
> say mea culpa. Somebody got clever). Then all makefiles would pick
> that up -- they all include it.
>
> That would probably do it.
This is the right solution - it will fix us now and forever (or until
V3, which ever comes first).
but I don't claim to be a buildtarget hacker - if somebody can get a
patch going, I'll test.
This is what buildrom does to check for the flag (paraphrasing from
the Make syntax):
$(CC) -fno-stack-protector -xc /dev/null -o .$$.tmp > /dev/null 2>&1
If successful then the flag is valid. Error and its not.
Again, hugs and kisses to the gcc guys for making this so easy for us.
Jordan
--
Jordan Crouse
Systems Software Development Engineer
Advanced Micro Devices, Inc.
More information about the coreboot
mailing list