Mark CC_STACKPROTECTOR as being BROKEN
authorLinus Torvalds <torvalds@woody.linux-foundation.org>
Fri, 22 Feb 2008 16:21:38 +0000 (08:21 -0800)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Fri, 22 Feb 2008 16:21:38 +0000 (08:21 -0800)
It's always been broken, but recent fixes actually made it do something,
and now the brokenness shows up as the resulting kernel simply not
working at all.

So it used to be that you could enable this config option, and it just
didn't do anything.  Now we'd better stop people from enabling it by
mistake, since it _does_ do something, but does it so badly as to be
unusable.

Code to actually make it work is pending, but incomplete and won't be
merged into 2.6.25 in any case.

Acked-by: Arjan van de Ven <arjan@infradead.org>
Acked-by: Sam Ravnborg <sam@ravnborg.org>
Cc: James Morris <jmorris@namei.org>
Cc: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
arch/x86/Kconfig

index 3be2305709b7e4a6f99ef6a5d95aace793c73952..4a88cf7695b418927c61ce760259db85bbd68cfe 100644 (file)
@@ -1054,7 +1054,7 @@ config SECCOMP
 
 config CC_STACKPROTECTOR
        bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)"
-       depends on X86_64 && EXPERIMENTAL
+       depends on X86_64 && EXPERIMENTAL && BROKEN
        help
          This option turns on the -fstack-protector GCC feature. This
          feature puts, at the beginning of critical functions, a canary