[PATCH] Add support for stack-protector
Joel Peshkin
joel.peshkin at broadcom.com
Sun Jan 10 20:44:15 CET 2021
Hi Heinrich,
Thank you for your comments. I have 2 questions about how to proceed....
1) Unit test
I can add a function that can be used to trigger an overrun, but I am not
sure where to include it as the stack protector prints the error message
and then resets uboot so it wouldn't fir in a unit test suite.
I could add a CONFIG_STACKPROTECTOR_TEST_FAIL to add a
"test_stackprotector fail" command to the CLI and you could call the
underlying stackprot_test_fail() from code hacked into SPL and TPL
2) Standalone/EFI
What we did for our own standalone code was to add the KBUILD_CFLAGS +=
-fno-stack-protector to the Makefile for our specific standalone. The
problem is there is no generic place from which all standalone/EFI is
called, so I could just leave this for maintainers of specific
standalone/EPI programs to add IF they are enabling STACKPROTECTOR (If they
don't enable it, they don't need to do anything) or I could add
KBUILD_CFLAGS += -fno-stack-protector to both lib/efi_setlftest/Makefile
and lib/efi_loader/Makefile
What would you suggest?
Regards,
Joel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4166 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20210110/ade01a9b/attachment.bin>
More information about the U-Boot
mailing list