From 8735fdbd4ceeb78442804b393d49f5e7f56c1967 Mon Sep 17 00:00:00 2001
From: ru <ru@FreeBSD.org>
Date: Wed, 25 Jun 2008 21:33:28 +0000
Subject: Enable GCC stack protection (aka Propolice) for userland: - It is
 opt-out for now so as to give it maximum testing, but it may be   turned
 opt-in for stable branches depending on the consensus.  You   can turn it off
 with WITHOUT_SSP. - WITHOUT_SSP was previously used to disable the build of
 GNU libssp.   It is harmless to steal the knob as SSP symbols have been
 provided   by libc for a long time, GNU libssp should not have been much
 used. - SSP is disabled in a few corners such as system bootstrap programs  
 (sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves. -
 It should be safe to use -fstack-protector-all to build world, however   libc
 will be automatically downgraded to -fstack-protector because it   breaks
 rtld otherwise. - This option is unavailable on ia64.

Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.

Submitted by:	Jeremie Le Hen <jeremie@le-hen.org>
---
 lib/csu/Makefile.inc | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 lib/csu/Makefile.inc

(limited to 'lib/csu')

diff --git a/lib/csu/Makefile.inc b/lib/csu/Makefile.inc
new file mode 100644
index 0000000..09bde81
--- /dev/null
+++ b/lib/csu/Makefile.inc
@@ -0,0 +1,3 @@
+# $FreeBSD$
+
+WITHOUT_SSP=
-- 
cgit v1.1