[CFT] SSP Package Repository available
Matthias Andree
mandree at FreeBSD.org
Wed Aug 20 19:26:29 UTC 2014
Am 20.08.2014 um 18:34 schrieb Bryan Drewery:
> We have not had any feedback on this yet and want to get it enabled by
> default for ports and packages.
Oops. Sorry about being silent about that;
I did enable WITH_SSP_PORTS=yes right after the original announcement on
my main 9.3-amd64 development machine (run mostly headless, but it does
have a full GNOME2 install) without ill effects, so at least it does not
appear to jam everything right away, and given that Fedora is using it
and they are rather talkative to upstreams about bugs, you'd think most
packages that have issues are fixed now.
Is there any way we can detect the effects of -fstack-protector from the
resulting executable, with peeking at objdump output? Like so:
$ objdump -R /usr/local/bin/twolame | grep stack_chk
0000000000605ce0 R_X86_64_COPY __stack_chk_guard
00000000006053b0 R_X86_64_JUMP_SLOT __stack_chk_fail
Should we have stage-qa - at least in DEVELOPER=yes WITH_SSP_PORTS=yes
mode - check that either -fstack-protector{,-all,-strong} actually
propagated through the build system?
More information about the freebsd-ports
mailing list