diff options
| -rw-r--r-- | CHANGES | 4 | ||||
| -rw-r--r-- | Mk/bsd.port.mk | 5 | ||||
| -rw-r--r-- | Mk/bsd.ssp.mk | 2 | ||||
| -rw-r--r-- | UPDATING | 10 |
4 files changed, 10 insertions, 11 deletions
@@ -13,7 +13,7 @@ All ports committers are allowed to commit to this file. 20130920: AUTHOR: bdrewery@FreeBSD.org - SSP support has been added to ports with WITH_SSP for i386 and amd64 + SSP support has been added to ports with WITH_SSP_PORTS for i386 and amd64 on FreeBSD 10, and amd64 on earlier versions. SSP_UNSAFE is added to disable in a port if it fails to build, but @@ -24,7 +24,7 @@ AUTHOR: bdrewery@FreeBSD.org On FreeBSD 10, this uses an ldscript in /usr/lib/libc.so to pull in libssp_nonshared.a to address issues linking on i386 [1]. - On earlier FreeBSD versions the WITH_SSP knob will add -lssp_nonshared + On earlier FreeBSD versions the WITH_SSP_PORTS knob will add -lssp_nonshared to LDFLAGS on i386. This is not needed on amd64. However, several hundred ports do not currently respect LDFLAGS, so this support is disabled currently as it causes build failures if a dependency is looking for the stack_chk diff --git a/Mk/bsd.port.mk b/Mk/bsd.port.mk index b047f7a8ce2e..240304788d82 100644 --- a/Mk/bsd.port.mk +++ b/Mk/bsd.port.mk @@ -301,7 +301,8 @@ FreeBSD_MAINTAINER= portmgr@FreeBSD.org # passed to the compiler by setting DEBUG_FLAGS. It is # set to "-g" at default. # -# WITH_SSP - If set, SSP_FLAGS (defaults to -fstack-protector) +# WITH_SSP_PORTS +# - If set, SSP_FLAGS (defaults to -fstack-protector) # is added to CFLAGS and the necessary flags # are added to LDFLAGS. Note that SSP_UNSAFE # can be used in Makefiles by port maintainers @@ -1570,7 +1571,7 @@ DEBUG_FLAGS?= -g CFLAGS:= ${CFLAGS:N-O*:N-fno-strict*} ${DEBUG_FLAGS} .endif -.if defined(WITH_SSP) +.if defined(WITH_SSP) || defined(WITH_SSP_PORTS) .include "${PORTSDIR}/Mk/bsd.ssp.mk" .endif diff --git a/Mk/bsd.ssp.mk b/Mk/bsd.ssp.mk index c71b3b3722c4..adb6a3bfcf0d 100644 --- a/Mk/bsd.ssp.mk +++ b/Mk/bsd.ssp.mk @@ -16,7 +16,7 @@ SSP_UNSAFE= yes SSP_NEED_NONSHARED= yes .endif -.if defined(WITH_SSP) && !defined(WITHOUT_SSP) && !defined(SSP_UNSAFE) && \ +.if !defined(WITHOUT_SSP) && !defined(SSP_UNSAFE) && \ (${ARCH} == i386 || ${ARCH} == amd64) # Overridable as a user may want to use -fstack-protector-all SSP_CFLAGS?= -fstack-protector @@ -25,20 +25,18 @@ you update your ports collection, before attempting any port upgrades. AFFECTS: Users of ports AUTHOR: bdrewery@FreeBSD.org - Optional Stack Protector [1] support has been added with the WITH_SSP + Optional Stack Protector [1] support has been added with the WITH_SSP_PORTS knob. - .if !empty(.CURDIR:M/usr/ports*) - WITH_SSP= yes - .endif + WITH_SSP_PORTS= yes This currently is only supported on FreeBSD 10 amd64/i386 and earlier - releases on amd64 only. + releases on amd64. The default SSP_CLFAGS is -fstack-protector, but -fstack-protector-all may optionally be set instead. - To enable support, add WITH_SSP=yes to your make.conf and rebuild all + To enable support, add WITH_SSP_PORTS=yes to your make.conf and rebuild all ports. # portmaster -af |