Re: Bug#841368: gcc-6 6.2.0-7 breaks kernel build if stack protection is enabled
2016-10-21 1:49 GMT+03:00 Ben Hutchings <firstname.lastname@example.org>:
> It's a bug when a compiler fails to compile valid code.
> Ben Hutchings
> Never put off till tomorrow what you can avoid all together.
Dear Ben, there are no actual bug in compiler, just a caveat to work with it.
Some time ago i had experience to build fully hardened nginx build,
and I was forced to build shared libraries with -fPIC but not -fPIE
due to linker errors.
Solution was to separate build to executable only and shared-libraries only;
this is semi-true: executable is successfully linked with -fPIC flag,
but it's not used in packaging because of executable already built with -fPIE.
This bug report is just another round of game with compiler/linker flags.
In my turn, I would rather define protective flags to provide backward
and forward compatibility.
@@ -168,6 +168,7 @@ else
echo 'override CROSS_COMPILE = $$(DEB_HOST_GNU_TYPE)-' >> '$(DIR)/.kernelvariables'
echo 'endif' >> '$(DIR)/.kernelvariables'
+ echo 'KCFLAGS += -fno-PIC -fno-PIE' >> '$(DIR)/.kernelvariables'
echo 'CFLAGS_KERNEL += $(CFLAGS_KERNEL)' >> '$(DIR)/.kernelvariables'
echo 'CFLAGS_MODULE += $(CFLAGS_KERNEL)' >> '$(DIR)/.kernelvariables'