From mboxrd@z Thu Jan  1 00:00:00 1970
From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated.
 857b2c795e2c982cb5967725ba01a1e3c29d43f5
Date: Mon, 18 Jan 2016 23:27:19 +0100
Message-ID: <20160118222719.6022B21A01@argus.ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6084528798769105733=="
List-Id: <ipfire-scm.lists.ipfire.org>

--===============6084528798769105733==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  857b2c795e2c982cb5967725ba01a1e3c29d43f5 (commit)
      from  cc9f461f74525fa3f7300a86676634780c884a21 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 857b2c795e2c982cb5967725ba01a1e3c29d43f5
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Jan 18 22:26:23 2016 +0000

    Improve hardening by using -fstack-protector-strong
   =20
    This functionality is now available for us since we updated
    to GCC 4.9 and just improves the stack smashing protector
    in GCC.
   =20
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/kernel/kernel.config.armv5tel-ipfire-kirkwood | 4 ++--
 config/kernel/kernel.config.armv5tel-ipfire-multi    | 4 ++--
 config/kernel/kernel.config.armv5tel-ipfire-rpi      | 4 ++--
 config/kernel/kernel.config.i586-ipfire              | 4 ++--
 config/kernel/kernel.config.i586-ipfire-pae          | 4 ++--
 config/kernel/kernel.config.x86_64-ipfire            | 4 ++--
 tools/make-functions                                 | 2 +-
 7 files changed, 13 insertions(+), 13 deletions(-)

Difference in files:
diff --git a/config/kernel/kernel.config.armv5tel-ipfire-kirkwood b/config/ke=
rnel/kernel.config.armv5tel-ipfire-kirkwood
index 656a451..a35ec0b 100644
--- a/config/kernel/kernel.config.armv5tel-ipfire-kirkwood
+++ b/config/kernel/kernel.config.armv5tel-ipfire-kirkwood
@@ -194,10 +194,10 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=3Dy
 CONFIG_HAVE_ARCH_SECCOMP_FILTER=3Dy
 CONFIG_SECCOMP_FILTER=3Dy
 CONFIG_HAVE_CC_STACKPROTECTOR=3Dy
-CONFIG_CC_STACKPROTECTOR=3Dy
+# CONFIG_CC_STACKPROTECTOR is not set
 # CONFIG_CC_STACKPROTECTOR_NONE is not set
 CONFIG_CC_STACKPROTECTOR_REGULAR=3Dy
-# CONFIG_CC_STACKPROTECTOR_STRONG is not set
+CONFIG_CC_STACKPROTECTOR_STRONG=3Dy
 CONFIG_HAVE_CONTEXT_TRACKING=3Dy
 CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=3Dy
 CONFIG_HAVE_IRQ_TIME_ACCOUNTING=3Dy
diff --git a/config/kernel/kernel.config.armv5tel-ipfire-multi b/config/kerne=
l/kernel.config.armv5tel-ipfire-multi
index 4cab4b6..50106bc 100644
--- a/config/kernel/kernel.config.armv5tel-ipfire-multi
+++ b/config/kernel/kernel.config.armv5tel-ipfire-multi
@@ -217,10 +217,10 @@ CONFIG_HAVE_ARCH_JUMP_LABEL=3Dy
 CONFIG_ARCH_WANT_IPC_PARSE_VERSION=3Dy
 CONFIG_HAVE_ARCH_SECCOMP_FILTER=3Dy
 CONFIG_HAVE_CC_STACKPROTECTOR=3Dy
-CONFIG_CC_STACKPROTECTOR=3Dy
+# CONFIG_CC_STACKPROTECTOR is not set
 # CONFIG_CC_STACKPROTECTOR_NONE is not set
 CONFIG_CC_STACKPROTECTOR_REGULAR=3Dy
-# CONFIG_CC_STACKPROTECTOR_STRONG is not set
+CONFIG_CC_STACKPROTECTOR_STRONG=3Dy
 CONFIG_HAVE_CONTEXT_TRACKING=3Dy
 CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=3Dy
 CONFIG_HAVE_IRQ_TIME_ACCOUNTING=3Dy
diff --git a/config/kernel/kernel.config.armv5tel-ipfire-rpi b/config/kernel/=
kernel.config.armv5tel-ipfire-rpi
index 798d883..5bde322 100644
--- a/config/kernel/kernel.config.armv5tel-ipfire-rpi
+++ b/config/kernel/kernel.config.armv5tel-ipfire-rpi
@@ -194,10 +194,10 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=3Dy
 CONFIG_HAVE_ARCH_SECCOMP_FILTER=3Dy
 CONFIG_SECCOMP_FILTER=3Dy
 CONFIG_HAVE_CC_STACKPROTECTOR=3Dy
-CONFIG_CC_STACKPROTECTOR=3Dy
+# CONFIG_CC_STACKPROTECTOR is not set
 # CONFIG_CC_STACKPROTECTOR_NONE is not set
 CONFIG_CC_STACKPROTECTOR_REGULAR=3Dy
-# CONFIG_CC_STACKPROTECTOR_STRONG is not set
+CONFIG_CC_STACKPROTECTOR_STRONG=3Dy
 CONFIG_HAVE_CONTEXT_TRACKING=3Dy
 CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=3Dy
 CONFIG_HAVE_IRQ_TIME_ACCOUNTING=3Dy
diff --git a/config/kernel/kernel.config.i586-ipfire b/config/kernel/kernel.c=
onfig.i586-ipfire
index 7fc8862..6a7309a 100644
--- a/config/kernel/kernel.config.i586-ipfire
+++ b/config/kernel/kernel.config.i586-ipfire
@@ -245,10 +245,10 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=3Dy
 CONFIG_HAVE_ARCH_SECCOMP_FILTER=3Dy
 CONFIG_SECCOMP_FILTER=3Dy
 CONFIG_HAVE_CC_STACKPROTECTOR=3Dy
-CONFIG_CC_STACKPROTECTOR=3Dy
+# CONFIG_CC_STACKPROTECTOR is not set
 # CONFIG_CC_STACKPROTECTOR_NONE is not set
 CONFIG_CC_STACKPROTECTOR_REGULAR=3Dy
-# CONFIG_CC_STACKPROTECTOR_STRONG is not set
+CONFIG_CC_STACKPROTECTOR_STRONG=3Dy
 CONFIG_HAVE_IRQ_TIME_ACCOUNTING=3Dy
 CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=3Dy
 CONFIG_HAVE_ARCH_SOFT_DIRTY=3Dy
diff --git a/config/kernel/kernel.config.i586-ipfire-pae b/config/kernel/kern=
el.config.i586-ipfire-pae
index cccd702..d45c303 100644
--- a/config/kernel/kernel.config.i586-ipfire-pae
+++ b/config/kernel/kernel.config.i586-ipfire-pae
@@ -244,10 +244,10 @@ CONFIG_ARCH_WANT_IPC_PARSE_VERSION=3Dy
 CONFIG_HAVE_ARCH_SECCOMP_FILTER=3Dy
 CONFIG_SECCOMP_FILTER=3Dy
 CONFIG_HAVE_CC_STACKPROTECTOR=3Dy
-CONFIG_CC_STACKPROTECTOR=3Dy
+# CONFIG_CC_STACKPROTECTOR is not set
 # CONFIG_CC_STACKPROTECTOR_NONE is not set
 CONFIG_CC_STACKPROTECTOR_REGULAR=3Dy
-# CONFIG_CC_STACKPROTECTOR_STRONG is not set
+CONFIG_CC_STACKPROTECTOR_STRONG=3Dy
 CONFIG_HAVE_IRQ_TIME_ACCOUNTING=3Dy
 CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=3Dy
 CONFIG_HAVE_ARCH_SOFT_DIRTY=3Dy
diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel=
.config.x86_64-ipfire
index 438b0d9..4dd6ba6 100644
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -251,10 +251,10 @@ CONFIG_ARCH_WANT_OLD_COMPAT_IPC=3Dy
 CONFIG_HAVE_ARCH_SECCOMP_FILTER=3Dy
 CONFIG_SECCOMP_FILTER=3Dy
 CONFIG_HAVE_CC_STACKPROTECTOR=3Dy
-CONFIG_CC_STACKPROTECTOR=3Dy
+# CONFIG_CC_STACKPROTECTOR is not set
 # CONFIG_CC_STACKPROTECTOR_NONE is not set
 CONFIG_CC_STACKPROTECTOR_REGULAR=3Dy
-# CONFIG_CC_STACKPROTECTOR_STRONG is not set
+CONFIG_CC_STACKPROTECTOR_STRONG=3Dy
 CONFIG_HAVE_CONTEXT_TRACKING=3Dy
 CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=3Dy
 CONFIG_HAVE_IRQ_TIME_ACCOUNTING=3Dy
diff --git a/tools/make-functions b/tools/make-functions
index 7386750..a42e3fa 100644
--- a/tools/make-functions
+++ b/tools/make-functions
@@ -109,7 +109,7 @@ configure_target() {
 	MACHINE=3D"${TARGET_ARCH}"
=20
 	CFLAGS=3D"-O2 -pipe -Wall -Wp,-D_FORTIFY_SOURCE=3D2 -fexceptions -fPIC"
-	CFLAGS=3D"${CFLAGS} -fstack-protector-all --param=3Dssp-buffer-size=3D4 ${C=
FLAGS_ARCH}"
+	CFLAGS=3D"${CFLAGS} -fstack-protector-strong --param=3Dssp-buffer-size=3D4 =
${CFLAGS_ARCH}"
 	CXXFLAGS=3D"${CFLAGS}"
 }
=20


hooks/post-receive
--
IPFire 2.x development tree

--===============6084528798769105733==--