override local default to -fstack-protector-strong

This is a no-op on a toolchain compiled with the basic mitigations enabled by default, so this is generally a no-op anywhere this project is likely to be deployed. SSP has a very low performance cost so there's little reason to avoid it, even though it also has zero value for this code in practice. It would be great if one of the more modern approaches was widely adopted, but unfortunately SSP is as good as it gets for portable options. It doesn't provide any protection against external writes to the stack data which is all that's really needed here. ShadowCallStack is a great option for arm64, but it's substantially more difficult to protect return addresses well on x86_64 due to the design of the ISA and ABI.
2019-07-19 11:23:44 -04:00 · 2019-07-19 11:23:44 -04:00 · 90d12fb340
commit 90d12fb340
parent 77743e5a36
1 changed files with 1 additions and 1 deletions
--- a/2
+++ b/2
@ -25,7 +25,7 @@ $(shell $(CC) -E $1 - </dev/null >/dev/null 2>&1 && echo $1 || echo $2)
 endef

 CPPFLAGS := -D_GNU_SOURCE
-SHARED_FLAGS := -O3 -flto -fPIC -fvisibility=hidden $(call safe_flag,-fno-plt) $(call safe_flag,-fstack-clash-protection) -pipe -Wall -Wextra $(call safe_flag,-Wcast-align=strict) -Wcast-qual -Wwrite-strings
+SHARED_FLAGS := -O3 -flto -fPIC -fvisibility=hidden $(call safe_flag,-fno-plt) $(call safe_flag,-fstack-clash-protection) -fstack-protector-strong -pipe -Wall -Wextra $(call safe_flag,-Wcast-align=strict) -Wcast-qual -Wwrite-strings

 ifeq ($(CONFIG_NATIVE),true)
    SHARED_FLAGS += -march=native