On Sat, 29 Sep 2007 16:05:48 -0400
Thor Lancelot Simon <tls@rek.tjls.com> wrote:

> On Sat, Sep 29, 2007 at 12:25:55AM +0200, Juan RP wrote:
> > On Fri, 28 Sep 2007 16:23:58 -0600
> > "John R. Shannon" <john@johnrshannon.com> wrote:
> > 
> > > What does USE_SSP=YES do now? It does not compile the kernel with 
> > > -fstack-protector
> > 
> > USE_FORT is the one to build a kernel with -fstack-protector.
> 
> I don't think this is how it's _supposed_ to be.  Are we talking about
> netbsd-4 or -current?  If the former, xtos' patch to pull up the USE_SSP/
> USE_FORT support might be broken.  If the latter, there is probably a
> mistake in my changes that reorganized the USE_SSP support and added
> USE_FORT.
> 
> USE_FORT just builds userland code with -D_FORTIFY_SOURCE=2, which is
> not presently useful for the kernel.

Take a look at sys/conf/Makefile.kern.inc:

.if ${USE_FORT:Uno} == "yes"
CFLAGS+=-fstack-protector -Wstack-protector --param ssp-buffer-size=1
LDFLAGS+=-fstack-protector -Wstack-protector --param ssp-buffer-size=1
.endif

-- 
Juan Romero Pardines	- The NetBSD Project
http://plog.xtrarom.org	- NetBSD/pkgsrc news in Spanish