Enable hardening for cross builds

To: debian-glibc@lists.debian.org
Subject: Enable hardening for cross builds
From: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Date: Mon, 19 Dec 2011 11:47:11 +0100
Message-id: <[🔎] 4EEF162F.8020006@linaro.org>

Default Debian/Ubuntu cross compiler did not had hardening supportenabled but this got changed in gcc-4.6 4.6.2-6 version. Due to thiseglibc is no longer cross buildable as "-fno-stack-protector-U_FORTIFY_SOURCE" are set only for native builds.


This change sets those flags for both native and cross builds.

I am not subscribed to ML.

=== modified file 'debian/rules'
--- debian/rules	2011-08-09 20:34:55 +0000
+++ debian/rules	2011-12-07 12:56:21 +0000
@@ -109,9 +109,6 @@
 slibdir=/lib/$(DEB_HOST_MULTIARCH)
 libdir=/usr/lib/$(DEB_HOST_MULTIARCH)
 
-BUILD_CC = gcc-4.6 -fno-stack-protector -U_FORTIFY_SOURCE
-BUILD_CXX = g++-4.6 -fno-stack-protector -U_FORTIFY_SOURCE
-
 RUN_TESTSUITE = yes
 
 # Set CC and CXX for cross-compiling
@@ -119,10 +116,13 @@
 CC     = $(DEB_HOST_GNU_TYPE)-gcc
 CXX    = $(DEB_HOST_GNU_TYPE)-g++
 else
-CC     = $(BUILD_CC)
-CXX    = $(BUILD_CXX)
+CC     = gcc-4.6
+CXX    = g++-4.6
 endif
 
+CC  += -fno-stack-protector -U_FORTIFY_SOURCE
+CXX += -fno-stack-protector -U_FORTIFY_SOURCE
+
 BUILD_CFLAGS = -O2 -g
 HOST_CFLAGS = -pipe -O2 -fstrict-aliasing -g $(call xx,extra_cflags)

Reply to:

Follow-Ups:
- Re: Enable hardening for cross builds
  - From: Aurelien Jarno <aurelien@aurel32.net>

Prev by Date: r5096 - in tzdata/trunk/debian: . po
Next by Date: Re: Enable hardening for cross builds
Previous by thread: r5096 - in tzdata/trunk/debian: . po
Next by thread: Re: Enable hardening for cross builds
Index(es):
- Date
- Thread