CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Kyle Evans <kevans@FreeBSD.org>
	Mon, 13 May 2024 05:23:50 +0000 (00:23 -0500)
committer	Kyle Evans <kevans@FreeBSD.org>
	Mon, 13 May 2024 05:23:50 +0000 (00:23 -0500)
commit	9bfd3b4076a7b0dfd27ab22318e5113dc84fea28
tree	0e755357e72f4d6c174d903d2a5b94ce39883359	tree \| snapshot
parent	e55512504d0178983978d64d67eed1cc85826523	commit \| diff

Add a build knob for _FORTIFY_SOURCE

In the future, we will Default to _FORTIFY_SOURCE=2 if SSP is enabled,
otherwise default to _FORTIFY_SOURCE=0. For now we default it to 0
unconditionally to ease bisect across older versions without the new
symbols, and we'll put out a call for testing.

include/*.h include their ssp/*.h equivalents as needed based on the
knob. Programs and users are allowed to override FORTIFY_SOURCE in their
Makefiles or src.conf/make.conf to force it off.

Reviewed by: des, markj
Relnotes: yes
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32308

include/stdio.h		diff \| blob \| history
include/string.h		diff \| blob \| history
include/strings.h		diff \| blob \| history
include/unistd.h		diff \| blob \| history
lib/libthr/Makefile		diff \| blob \| history
libexec/rtld-elf/Makefile		diff \| blob \| history
share/man/man7/security.7		diff \| blob \| history
share/mk/bsd.sys.mk		diff \| blob \| history
tools/build/options/WITHOUT_SSP		diff \| blob \| history
tools/build/options/WITH_SSP		diff \| blob \| history