|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Minios-devel] [UNIKRAFT PATCH v4 3/4] build: Add option to toggle the stack protection
From: Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
This patch adds build option to select different stack protection
levels.
Signed-off-by: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
---
Makefile.uk | 10 ++++++++--
lib/Config.uk | 4 ++++
lib/uksp/Config.uk | 1 -
lib/uksp/Makefile.uk | 16 ++++++++++++++++
4 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/Makefile.uk b/Makefile.uk
index 67c372e5..177618d7 100644
--- a/Makefile.uk
+++ b/Makefile.uk
@@ -8,12 +8,12 @@ ASFLAGS += -U __linux__ -U __FreeBSD__ -U __sun__
-D__ASSEMBLY__
ASINCLUDES += -nostdinc -nostdlib -I$(CONFIG_UK_BASE)/include
CFLAGS += -U __linux__ -U __FreeBSD__ -U __sun__
-CFLAGS += -fno-stack-protector -fno-omit-frame-pointer -fno-tree-sra
+CFLAGS += -fno-omit-frame-pointer -fno-tree-sra
CFLAGS += -Wall -Wextra
CINCLUDES += -nostdinc -nostdlib -I$(CONFIG_UK_BASE)/include
CXXFLAGS += -U __linux__ -U __FreeBSD__ -U __sun__
-CXXFLAGS += -fno-stack-protector -fno-omit-frame-pointer -fno-tree-sra
+CXXFLAGS += -fno-omit-frame-pointer -fno-tree-sra
CXXFLAGS += -Wall -Wextra
CXXINCLUDES += -nostdinc -nostdlib -I$(CONFIG_UK_BASE)/include
@@ -28,6 +28,12 @@ GOCINCLUDES += -nostdinc -nostdlib
-I$(CONFIG_UK_BASE)/include
LIBLDFLAGS += -nostdinc -nostdlib -Wl,--omagic -Wl,-r -Wl,-d
-Wl,--build-id=none
LDFLAGS += -nostdinc -nostdlib -Wl,--omagic -Wl,--build-id=none
+ifneq ($(HAVE_STACKPROTECTOR),y)
+CFLAGS += -fno-stack-protector
+CXXFLAGS += -fno-stack-protector
+GOFLAGS += -fno-stack-protector
+endif
+
CFLAGS-$(CONFIG_OPTIMIZE_NONE) += -O0 -fno-optimize-sibling-calls
-fno-tree-vectorize
CXXFLAGS-$(CONFIG_OPTIMIZE_NONE) += -O0 -fno-optimize-sibling-calls
-fno-tree-vectorize
GOCFLAGS-$(CONFIG_OPTIMIZE_NONE) += -O0 -fno-optimize-sibling-calls
-fno-tree-vectorize
diff --git a/lib/Config.uk b/lib/Config.uk
index e83ed30b..4fb934b1 100644
--- a/lib/Config.uk
+++ b/lib/Config.uk
@@ -28,3 +28,7 @@ config HAVE_NW_STACK
config HAVE_SYSCALL
bool
default n
+
+config HAVE_STACKPROTECTOR
+ bool
+ default n
diff --git a/lib/uksp/Config.uk b/lib/uksp/Config.uk
index 2ec953d4..3791b5ae 100644
--- a/lib/uksp/Config.uk
+++ b/lib/uksp/Config.uk
@@ -48,5 +48,4 @@ config LIBUKSP_VALUE_CONSTANT
int "Canary value"
depends on LIBUKSP_VALUE_USECONSTANT
default 42
-
endif
diff --git a/lib/uksp/Makefile.uk b/lib/uksp/Makefile.uk
index 6c391c9d..bd8bde7f 100644
--- a/lib/uksp/Makefile.uk
+++ b/lib/uksp/Makefile.uk
@@ -3,3 +3,19 @@ $(eval $(call addlib_s,libuksp,$(CONFIG_LIBUKSP)))
CINCLUDES-y += -I$(LIBUKSP_BASE)/include
LIBUKSP_SRCS-y += $(LIBUKSP_BASE)/ssp.c
+
+CFLAGS-$(CONFIG_STACKPROTECTOR_NONE) += -fno-stack-protector
+CXXFLAGS-$(CONFIG_STACKPROTECTOR_NONE) += -fno-stack-protector
+GOFLAGS-$(CONFIG_STACKPROTECTOR_NONE) += -fno-stack-protector
+
+CFLAGS-$(CONFIG_STACKPROTECTOR_REGULAR) += -fstack-protector
-mstack-protector-guard=global
+CXXFLAGS-$(CONFIG_STACKPROTECTOR_REGULAR) += -fstack-protector
-mstack-protector-guard=global
+GOFLAGS-$(CONFIG_STACKPROTECTOR_REGULAR) += -fstack-protector
-mstack-protector-guard=global
+
+CFLAGS-$(CONFIG_STACKPROTECTOR_STRONG) += -fstack-protector-strong
-mstack-protector-guard=global
+CXXFLAGS-$(CONFIG_STACKPROTECTOR_STRONG) += -fstack-protector-strong
-mstack-protector-guard=global
+GOFLAGS-$(CONFIG_STACKPROTECTOR_STRONG) +=
-fstack-protector-strong -mstack-protector-guard=global
+
+CFLAGS-$(CONFIG_STACKPROTECTOR_ALL) += -fstack-protector-all
-mstack-protector-guard=global
+CXXFLAGS-$(CONFIG_STACKPROTECTOR_ALL) += -fstack-protector-all
-mstack-protector-guard=global
+GOFLAGS-$(CONFIG_STACKPROTECTOR_ALL) += -fstack-protector-all
-mstack-protector-guard=global
--
2.20.1
_______________________________________________
Minios-devel mailing list
Minios-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/minios-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |