[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#841368: gcc-6 6.2.0-7 breaks kernel build if stack protection is enabled

2016-10-21 1:49 GMT+03:00 Ben Hutchings <ben@decadent.org.uk>:
> It's a bug when a compiler fails to compile valid code.
> Ben.
> --
> Ben Hutchings
> Never put off till tomorrow what you can avoid all together.

Dear Ben, there are no actual bug in compiler, just a caveat to work with it.

Some time ago i had experience to build fully hardened nginx build,
and I was forced to build shared libraries with -fPIC but not -fPIE
due to linker errors.

Solution was to separate build to executable only and shared-libraries only;
this is semi-true: executable is successfully linked with -fPIC flag,
but it's not used in packaging because of executable already built with -fPIE.

This bug report is just another round of game with compiler/linker flags.
In my turn, I would rather define protective flags to provide backward
and forward compatibility.

Konstantin Demin
--- a/debian/rules.real
+++ b/debian/rules.real
@@ -168,6 +168,7 @@ else
 	echo 'override CROSS_COMPILE = $$(DEB_HOST_GNU_TYPE)-' >> '$(DIR)/.kernelvariables'
 	echo 'endif' >> '$(DIR)/.kernelvariables'
+	echo 'KCFLAGS += -fno-PIC -fno-PIE' >> '$(DIR)/.kernelvariables'
 	echo 'CFLAGS_KERNEL += $(CFLAGS_KERNEL)' >> '$(DIR)/.kernelvariables'
 	echo 'CFLAGS_MODULE += $(CFLAGS_KERNEL)' >> '$(DIR)/.kernelvariables'

Reply to: