The diff below changes GCC's default behavior to -fstack-protector-all
(i.e., add stack protection code to every function instead of just
some based on heuristics), but you can still revert to the heuristic
behavior by passing -fstack-protector on the command line.
Beware this diff has only received very light testing so far, so
expect things to break and to need to rollback or reinstall. Please
report back to the list what breaks so we can take a look and figure
out how to address it.
For most things that break, it should be possible to just add
CFLAGS+=-fstack-protector to an appropriate Makefile to at least get
the old behavior. Expect at least ld.so on sparc, sparc64, and
powerpc to need -fstack-protector. The kernel is likely to need this
too.
To apply the patch:
$ cd /usr/src/gnu/gcc/gcc
$ patch < /path/to/diff
$ cd /usr/src/gnu/usr.bin/cc
$ make depend
$ make
$ make install
You can now try building things as usual.
Thanks!
Index: toplev.c
===================================================================
RCS file: /cvs/src/gnu/gcc/gcc/toplev.c,v
retrieving revision 1.2
diff -u -p -r1.2 toplev.c
--- toplev.c 30 May 2010 22:04:10 -0000 1.2
+++ toplev.c 12 Sep 2012 17:03:45 -0000
@@ -1834,7 +1834,7 @@ process_options (void)
/* Targets must be able to place spill slots at lower addresses. If the
target already uses a soft frame pointer, the transition is trivial. */
if (flag_stack_protect == -1)
- flag_stack_protect = FRAME_GROWS_DOWNWARD ? 1 : 0;
+ flag_stack_protect = FRAME_GROWS_DOWNWARD ? 2 : 0;
if (!FRAME_GROWS_DOWNWARD && flag_stack_protect)
{
warning (0, "-fstack-protector not supported for this target");
