[LinuxBIOS] Possible stack protect solutions

Jordan Crouse jordan.crouse at amd.com
Thu Dec 20 18:57:58 CET 2007

On 20/12/07 09:50 -0800, ron minnich wrote:
> Here's where the action is in build_target:
> # make sure config.py is up-to-date
> export PYTHONPATH=$config_dir
> $PYTHON $config_py $config_lb $lbpath
> exit $?
> This is at the end.
> So we could, at the end, before exit, compute the distro-specific
> flags and then append them to $build_dir/Makefile.settings and
> $build_dir/*/Makefile.settings (I'm sorry for this part, I can  only
> say mea culpa. Somebody got clever). Then all makefiles would pick
> that up -- they all include it.
> That would probably do it.

This is the right solution - it will fix us now and forever (or until
V3, which ever comes first).

but I don't claim to be a buildtarget hacker - if somebody can get a
patch going, I'll test.

This is what buildrom does to check for the flag (paraphrasing from
the Make syntax):

$(CC) -fno-stack-protector -xc /dev/null -o .$$.tmp  > /dev/null 2>&1

If successful then the flag is valid.  Error and its not.

Again, hugs and kisses to the gcc guys for making this so easy for us.


Jordan Crouse
Systems Software Development Engineer 
Advanced Micro Devices, Inc.

More information about the coreboot mailing list