#
319025 |
|
28-May-2017 |
ngie |
MFC r309412,r316109,r316132:
r309412 (by imp):
dd is currently a bootstrap tool. It really doesn't have any business being a bootstrap tool. However, for reproducible build output, FreeBSD added dd status=none because it was otherwise difficult to suppress the status information, but retain any errors that might happen. There's no real reason that dd has to be a build tool, other than we use status=none unconditional. Remove dd from a bootstrap tool entirely by only using status=none when available. This may also help efforts to build the system on non-FreeBSD hosts as well.
r316109:
Don't hardcode input files for stage 1/2 bootloaders; use .ALLSRC instead
This is a better pattern to follow when creating the bootloaders and doing the relevant space checks to make sure that the sizes aren't exceeded (and thus, copy-pasting is a bit less error prone).
r316132:
Parameterize out 7680 (15 * 512) as BOOT2SIZE, similar to sys/boot/i386/zfsboot/...
This is being done to make it easier to change in the future--this action might be needed sooner rather than later because of gcc 6.3.0 bailing, stating that there is negative free space left (deficit) in the boot2 bootloader.
|
#
180012 |
|
25-Jun-2008 |
ru |
Enable GCC stack protection (aka Propolice) for userland: - It is opt-out for now so as to give it maximum testing, but it may be turned opt-in for stable branches depending on the consensus. You can turn it off with WITHOUT_SSP. - WITHOUT_SSP was previously used to disable the build of GNU libssp. It is harmless to steal the knob as SSP symbols have been provided by libc for a long time, GNU libssp should not have been much used. - SSP is disabled in a few corners such as system bootstrap programs (sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves. - It should be safe to use -fstack-protector-all to build world, however libc will be automatically downgraded to -fstack-protector because it breaks rtld otherwise. - This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel: - It is opt-out for now so as to give it maximum testing. - Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
|