diff mbox

[PULL,06/10] Enforce stack protector usage

Message ID 1405008253-9816-7-git-send-email-pbonzini@redhat.com
State New
Headers show

Commit Message

Paolo Bonzini July 10, 2014, 4:04 p.m. UTC 
From: Miroslav Rezanina <mrezanin@redhat.com>

If --enable-stack-protector is used is used, configure script try to use
--fstack-protector-strong. In case it's not supported, --fstack-protector-all
is enabled. If both protectors are not supported, configure does not use
any protector at all without any notification.

This patch reports error when user requests stack protector to be used and
both protector modes are not supported. Behavior is not changed in case
user do not use any of --enable-stack-protector/--disable-stack-protector.

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
[Fix non-POSIX operator in test. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 configure | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)
diff mbox

Patch

diff --git a/configure b/configure
index 7dd43fd..f7685b5 100755
--- a/configure
+++ b/configure
@@ -1489,8 +1489,9 @@  for flag in $gcc_flags; do
     fi
 done
 
-if test "$stack_protector" != "no" ; then
+if test "$stack_protector" != "no"; then
   gcc_flags="-fstack-protector-strong -fstack-protector-all"
+  sp_on=0
   for flag in $gcc_flags; do
     # We need to check both a compile and a link, since some compiler
     # setups fail only on a .c->.o compile and some only at link time
@@ -1498,9 +1499,15 @@  if test "$stack_protector" != "no" ; then
        compile_prog "-Werror $flag" ""; then
       QEMU_CFLAGS="$QEMU_CFLAGS $flag"
       LIBTOOLFLAGS="$LIBTOOLFLAGS -Wc,$flag"
+      sp_on=1
       break
     fi
   done
+  if test "$stack_protector" = yes; then
+    if test $sp_on = 0; then
+      error_exit "Stack protector not supported"
+    fi
+  fi
 fi
 
 # Workaround for http://gcc.gnu.org/PR55489.  Happens with -fPIE/-fPIC and