Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 14a3f40a authored Oct 23, 2009 by Arjan van de Ven Committed by Ingo Molnar Oct 23, 2009

x86: Remove STACKPROTECTOR_ALL



STACKPROTECTOR_ALL has a really high overhead (runtime and stack
footprint) and is not really worth it protection wise (the
normal STACKPROTECTOR is in effect for all functions with
buffers already), so lets just remove the option entirely.

Reported-by: Dave Jones <davej@redhat.com>
Reported-by: Chuck Ebbert <cebbert@redhat.com>
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Cc: Eric Sandeen <sandeen@redhat.com>
LKML-Reference: <20091023073101.3dce4ebb@infradead.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>

parent 02dd0a06

arch/x86/Kconfig

+0 −4

Original line number	Diff line number	Diff line
		@@ -1443,12 +1443,8 @@ config SECCOMP

		If unsure, say Y. Only embedded should say N here.

		config CC_STACKPROTECTOR_ALL
		bool

		config CC_STACKPROTECTOR
		bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)"
		select CC_STACKPROTECTOR_ALL
		---help---
		This option turns on the -fstack-protector GCC feature. This
		feature puts, at the beginning of functions, a canary value on

arch/x86/Makefile

+0 −1

Original line number	Diff line number	Diff line
		@@ -76,7 +76,6 @@ ifdef CONFIG_CC_STACKPROTECTOR
		cc_has_sp := $(srctree)/scripts/gcc-x86_$(BITS)-has-stack-protector.sh
		ifeq ($(shell $(CONFIG_SHELL) $(cc_has_sp) $(CC) $(biarch)),y)
		stackp-y := -fstack-protector
		stackp-$(CONFIG_CC_STACKPROTECTOR_ALL) += -fstack-protector-all
		KBUILD_CFLAGS += $(stackp-y)
		else
		$(warning stack protector enabled but no compiler support)