[hardening-discuss] Bug#475764: finetune arm(el) rules

Riku Voipio riku.voipio at iki.fi
Sat Apr 12 20:10:23 UTC 2008 

Package: hardening-wrapper
Version: 1.8
Severity: wishlist
Tags: patch

On arm, -fPIE / -pie are not really usefull (there is no arm kernel patch
for addressspace randomization). Also the idea of having 10-20% larger
binaries on arm is not really popular with arm users/gcc upstream.

Unrelated, I noticed the stack-protector debian/rules check looks if
DEB_HOST_ARCH_CPU is "armel". This will never be the case,
DEB_HOST_ARCH_CPU is "arm" on armel systems:

$ dpkg-architecture
 DEB_BUILD_ARCH=armel
 DEB_BUILD_ARCH_OS=linux
 DEB_BUILD_ARCH_CPU=arm
 DEB_BUILD_GNU_CPU=arm
 DEB_BUILD_GNU_SYSTEM=linux-gnueabi
 DEB_BUILD_GNU_TYPE=arm-linux-gnueabi
 DEB_HOST_ARCH=armel
 DEB_HOST_ARCH_OS=linux
 DEB_HOST_ARCH_CPU=arm
 DEB_HOST_GNU_CPU=arm
 DEB_HOST_GNU_SYSTEM=linux-gnueabi
 DEB_HOST_GNU_TYPE=arm-linux-gnueabi


-- 
"rm -rf" only sounds scary if you don't have backups
-------------- next part --------------
Index: debian/rules
===================================================================
--- debian/rules	(revision 31)
+++ debian/rules	(working copy)
@@ -10,13 +10,13 @@
 # Calculate arch-specific defaults
 DEFAULT_PIE=0
 ifneq (,$(findstring :$(DEB_HOST_ARCH_OS):,:linux:knetbsd:))
-  ifeq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:hppa:m68k:))
+  ifeq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:hppa:m68k:arm:))
     # PIE enabled only on linux/knetbsd, but not on hppa, m68k
     DEFAULT_PIE=1
   endif
 endif
 DEFAULT_STACKPROT=1
-ifneq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:ia64:alpha:arm:armel:))
+ifneq (,$(findstring :$(DEB_HOST_ARCH_CPU):,:ia64:alpha:arm:))
   # Stack protector disabled on ia64, alpha.
   #   "warning: -fstack-protector not supported for this target"
   # Stack protector disabled on arm, armel.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/hardening-discuss/attachments/20080412/85e56eca/attachment.pgp

More information about the hardening-discuss mailing list