Commit 2c020a99 authored by Linus Torvalds's avatar Linus Torvalds

Mark CC_STACKPROTECTOR as being BROKEN

It's always been broken, but recent fixes actually made it do something,
and now the brokenness shows up as the resulting kernel simply not
working at all.

So it used to be that you could enable this config option, and it just
didn't do anything.  Now we'd better stop people from enabling it by
mistake, since it _does_ do something, but does it so badly as to be
unusable.

Code to actually make it work is pending, but incomplete and won't be
merged into 2.6.25 in any case.
Acked-by: default avatarArjan van de Ven <arjan@infradead.org>
Acked-by: default avatarSam Ravnborg <sam@ravnborg.org>
Cc: James Morris <jmorris@namei.org>
Cc: Ingo Molnar <mingo@elte.hu>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent f9cb02b0
...@@ -1054,7 +1054,7 @@ config SECCOMP ...@@ -1054,7 +1054,7 @@ config SECCOMP
config CC_STACKPROTECTOR config CC_STACKPROTECTOR
bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)" bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)"
depends on X86_64 && EXPERIMENTAL depends on X86_64 && EXPERIMENTAL && BROKEN
help help
This option turns on the -fstack-protector GCC feature. This This option turns on the -fstack-protector GCC feature. This
feature puts, at the beginning of critical functions, a canary feature puts, at the beginning of critical functions, a canary
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment