+2016-12-26 Nick Alcock <nick.alcock@oracle.com>
+
+ [BZ #7065]
+ Enable stack protectore if requested by ./configure.
+ * Makeconfig (+stack-protector): New variable.
+ (+cflags): Use it.
+
2016-12-26 Nick Alcock <nick.alcock@oracle.com>
[BZ #7065]
# disable any optimization that assume default rounding mode.
+math-flags = -frounding-math
+# We might want to compile with some stack-protection flag.
+ifneq ($(stack-protector),)
++stack-protector=$(stack-protector)
+endif
+
# This is the program that generates makefile dependencies from C source files.
# The -MP flag tells GCC >= 3.2 (which we now require) to produce dummy
# targets for headers so that removed headers don't break the build.
+cflags := $(default_cflags)
endif # $(+cflags) == ""
-+cflags += $(cflags-cpu) $(+gccwarn) $(+merge-constants) $(+math-flags)
++cflags += $(cflags-cpu) $(+gccwarn) $(+merge-constants) $(+math-flags) \
+ $(+stack-protector)
+gcc-nowarn := -w
# Don't duplicate options if we inherited variables from the parent.
* The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014,
are added to libc. They convert a floating-point number into string.
+* Most of glibc can now be built with the stack smashing protector enabled.
+ It is recommended to build glibc with --enable-stack-protector=strong.
+ Implemented by Nick Alcock (Oracle).
+
* The function explicit_bzero, from OpenBSD, has been added to libc. It is
intended to be used instead of memset() to erase sensitive data after use;
the compiler will not optimize out calls to explicit_bzero even if they