On Wed, 11 Sep 2013 04:49:55 +0000 (UTC) Duncan <1i5t5.dun...@cox.net> wrote:
> If I'm not mistaken, dirtyepic intends to patch gcc directly to enable > -fstack-protector, changing the default at that level so it'll be used > unless -fno-stack-protector is in CFLAGS. At least, that's how I > interpret (dirtyepic): > > "'filter-flags -fstack-protector [won't] actually work > (we have to patch the compiler, not just add it to the > default flags in the profiles or something)." Actually it turns out I was completely wrong about this. The hardened flag filtering in flag-o-matic dumps the compiler specs (the rules that determine what flags to use) to check if hardened features are enabled and only negates them if they are. The quick hack I did for my testing was failing that check so the flags weren't being disabled. -- Ryan Hill psn: dirtyepic_sk gcc-porting/toolchain/wxwidgets @ gentoo.org 47C3 6D62 4864 0E49 8E9E 7F92 ED38 BD49 957A 8463
signature.asc
Description: PGP signature
