[hardening-discuss] Bug#475764: finetune arm(el) rules
Riku Voipio
riku.voipio at iki.fi
Sat Apr 12 20:10:23 UTC 2008
Package: hardening-wrapper
Version: 1.8
Severity: wishlist
Tags: patch
On arm, -fPIE / -pie are not really usefull (there is no arm kernel patch
for addressspace randomization). Also the idea of having 10-20% larger
binaries on arm is not really popular with arm users/gcc upstream.
Unrelated, I noticed the stack-protector debian/rules check looks if
DEB_HOST_ARCH_CPU is "armel". This will never be the case,
DEB_HOST_ARCH_CPU is "arm" on armel systems:
$ dpkg-architecture
DEB_BUILD_ARCH=armel
DEB_BUILD_ARCH_OS=linux
DEB_BUILD_ARCH_CPU=arm
DEB_BUILD_GNU_CPU=arm
DEB_BUILD_GNU_SYSTEM=linux-gnueabi
DEB_BUILD_GNU_TYPE=arm-linux-gnueabi
DEB_HOST_ARCH=armel
DEB_HOST_ARCH_OS=linux
DEB_HOST_ARCH_CPU=arm
DEB_HOST_GNU_CPU=arm
DEB_HOST_GNU_SYSTEM=linux-gnueabi
DEB_HOST_GNU_TYPE=arm-linux-gnueabi
--
"rm -rf" only sounds scary if you don't have backups
-------------- next part --------------
Index: debian/rules
===================================================================
--- debian/rules (revision 31)
+++ debian/rules (working copy)
@@ -10,13 +10,13 @@
# Calculate arch-specific defaults
DEFAULT_PIE=0
ifneq (,$(findstring :$(DEB_HOST_ARCH_OS):,:linux:knetbsd:))
- ifeq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:hppa:m68k:))
+ ifeq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:hppa:m68k:arm:))
# PIE enabled only on linux/knetbsd, but not on hppa, m68k
DEFAULT_PIE=1
endif
endif
DEFAULT_STACKPROT=1
-ifneq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:ia64:alpha:arm:armel:))
+ifneq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:ia64:alpha:arm:))
# Stack protector disabled on ia64, alpha.
# "warning: -fstack-protector not supported for this target"
# Stack protector disabled on arm, armel.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/hardening-discuss/attachments/20080412/85e56eca/attachment.pgp
More information about the hardening-discuss
mailing list