diff options
Diffstat (limited to 'Mk/Features/ssp.mk')
| -rw-r--r-- | Mk/Features/ssp.mk | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/Mk/Features/ssp.mk b/Mk/Features/ssp.mk index 4213e6d668a6..2af92acd1d8e 100644 --- a/Mk/Features/ssp.mk +++ b/Mk/Features/ssp.mk @@ -1,4 +1,12 @@ # SSP Support +# +# The -fstack-protector-strong flag enables "stack smashing" protection on a +# wider set of functions than the default -fstack-protector, but without the +# full performance cost of -fstack-protector-all. Under the hood it inserts a +# small "canary" value on the stack just before the saved return address; at +# function exit it checks that the canary hasn't been overwritten by a buffer +# overflow. If it has been clobbered, the runtime aborts the program rather +# than returning into corrupted code. .if !defined(_SSP_MK_INCLUDED) _SSP_MK_INCLUDED= yes |