diff options
author | fanquake <fanquake@gmail.com> | 2022-06-21 07:21:32 +0100 |
---|---|---|
committer | fanquake <fanquake@gmail.com> | 2022-06-21 09:21:00 +0100 |
commit | 4e569c8bd85e0dbdb1fad7ba6ad5fab31753016a (patch) | |
tree | ce7394269b37e0b7027ce939403a285059bfc506 /contrib | |
parent | 1d39c9ca0672e7ad4c1f0959f9d58d2fcc7dc46b (diff) |
guix: remove explicit glibc stack protector disabling
While glibc 2.25 and newer *can* be built with stack-smashing-protection
enabled, it isn't used by default, and still isn't, as of glibc 2.35,
so I can't see a reason to explicitly disable it.
I'd also like to move in the direction of enabling, by default,
hardening options for the toolchains we build, so removing the explicit
disabling is a step in that direction.
Will be following up with some changes based on this PR.
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/guix/manifest.scm | 16 |
1 files changed, 1 insertions, 15 deletions
diff --git a/contrib/guix/manifest.scm b/contrib/guix/manifest.scm index 34a9c608db..5d8cf69f76 100644 --- a/contrib/guix/manifest.scm +++ b/contrib/guix/manifest.scm @@ -132,25 +132,11 @@ chain for " target " development.")) (define base-gcc gcc-10) (define base-linux-kernel-headers linux-libre-headers-5.15) -;; Building glibc with stack smashing protector first landed in glibc 2.25, use -;; this function to disable for older glibcs -;; -;; From glibc 2.25 changelog: -;; -;; * Most of glibc can now be built with the stack smashing protector enabled. -;; It is recommended to build glibc with --enable-stack-protector=strong. -;; Implemented by Nick Alcock (Oracle). -(define (make-glibc-without-ssp xglibc) - (package-with-extra-configure-variable - (package-with-extra-configure-variable - xglibc "libc_cv_ssp" "no") - "libc_cv_ssp_strong" "no")) - (define* (make-bitcoin-cross-toolchain target #:key (base-gcc-for-libc base-gcc) (base-kernel-headers base-linux-kernel-headers) - (base-libc (make-glibc-without-ssp (make-glibc-without-werror glibc-2.24))) + (base-libc (make-glibc-without-werror glibc-2.24)) (base-gcc (make-gcc-rpath-link base-gcc))) "Convenience wrapper around MAKE-CROSS-TOOLCHAIN with default values desirable for building Bitcoin Core release binaries." |