[LinuxBIOS] Possible stack protect solutions

Jordan Crouse jordan.crouse at amd.com
Thu Dec 20 18:57:58 CET 2007


On 20/12/07 09:50 -0800, ron minnich wrote:
> Here's where the action is in build_target:
> 
> 
> # make sure config.py is up-to-date
> 
> export PYTHONPATH=$config_dir
> $PYTHON $config_py $config_lb $lbpath
> 
> exit $?
> 
> This is at the end.
> 
> So we could, at the end, before exit, compute the distro-specific
> flags and then append them to $build_dir/Makefile.settings and
> $build_dir/*/Makefile.settings (I'm sorry for this part, I can  only
> say mea culpa. Somebody got clever). Then all makefiles would pick
> that up -- they all include it.
> 
> That would probably do it.

This is the right solution - it will fix us now and forever (or until
V3, which ever comes first).

but I don't claim to be a buildtarget hacker - if somebody can get a
patch going, I'll test.

This is what buildrom does to check for the flag (paraphrasing from
the Make syntax):

$(CC) -fno-stack-protector -xc /dev/null -o .$$.tmp  > /dev/null 2>&1

If successful then the flag is valid.  Error and its not.

Again, hugs and kisses to the gcc guys for making this so easy for us.

Jordan

-- 
Jordan Crouse
Systems Software Development Engineer 
Advanced Micro Devices, Inc.






More information about the coreboot mailing list