From: Magnus Granberg <zorry@gentoo.org>
To: gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] Hardened meeting summary 2010-05-16
Date: Tue, 18 May 2010 00:37:08 +0200 [thread overview]
Message-ID: <201005180037.08101.zorry@gentoo.org> (raw)
In-Reply-To: <4BF1A6D5.3070804@wildgooses.com>
måndag 17 maj 2010 22.28.05 skrev Ed W:
> On 16/05/2010 21:20, Magnus Granberg wrote:
> > Hi
> >
> > Here is the summary of the meeting 2010-05-16
> >
> > 1,0 Toolchain
> > We have an open bug #318171 for the merge of SSP and GCC>=4.4.3
> > support. http://bugs.gentoo.org/show_bug.cgi?id=318171
> > We are waiting for toolchain to approve the changes to toolchain.eclass
> > and glibc that we need. Then we will have GCC 4.4.3 and 4.5.0 with full
> > hardened (PIE/SSP) support in the tree. Grub need to be bumped to the new
> > patchset.
> > We have no time line on it for we are waiting on toolchain.
>
> I see a comment in there: "Cleaned some code and removed SSP support for
> gcc 4.3.X " - I think this might need some watching and perhaps a
> warning here? Sounds like if you now update say a "stable" hardened
> amd64 machine pulling in stable gcc 4.3.X then you might be suddenly
> loosing your hardened compiler?
>
> I understand this is avoided if using your overlay, but it seems like a
> potential pitfall for anyone using the "stable" hardened tree?
>
> Can anyone comment if this is the case or I'm worrying over nothing?
>
> Ta
>
> Ed W
>
I only removed the code for default enable option for SSP. GCC 4.3.X still
support SSP if you add -fstack-protector. The GCC 4.4.3 is on the way to get
stable in 1-4 weeks i hope. Is up to the archs teams now to mark it stablel.
Hardened at gentoo.org
Magnus Granberg (Zorry)
next prev parent reply other threads:[~2010-05-17 22:38 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-16 20:20 [gentoo-hardened] Hardened meeting summary 2010-05-16 Magnus Granberg
2010-05-17 8:34 ` Javier Juan Martínez Cabezón
2010-05-17 11:05 ` Magnus Granberg
2010-05-17 20:28 ` Ed W
2010-05-17 22:11 ` [gentoo-hardened] " Peter Hjalmarsson
2010-05-18 3:19 ` Javier Juan Martínez Cabezón
2010-05-17 22:37 ` Magnus Granberg [this message]
2010-05-20 9:05 ` [gentoo-hardened] " Radoslaw Madej
2010-05-20 18:06 ` Ed W
2010-05-27 9:54 ` Fredric Johansson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201005180037.08101.zorry@gentoo.org \
--to=zorry@gentoo.org \
--cc=gentoo-hardened@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox