On 12/04/14 17:52, Thomas Bächler wrote:
Am 12.04.2014 09:22, schrieb Allan McRae:
Hi all,
gcc-4.9 is due to be released on the 22nd. This brings a new stack protection flag, -fstack-protector-strong. See this blog post for some details [1].
I would like to do two things with the release of gcc-4.9: 1) Add -fstack-protector-strong to our CFLAGS 2) Rebuild all [core] packages
The rebuild would not only add the extra stack protection, but also ensure all [core] packages have .MTREE files (which become more useful with the next pacman release, although still do not test checksums).
Don't they already have them?
.MTREE files were introduced with pacman-4.1 on 2013-04-01. There appears to be a few packages without them still: https://www.archlinux.org/packages/?repo=Core&sort=last_update
Any opinions on both of these points?
The kernel also has a new option CONFIG_CC_STACKPROTECTOR_STRONG in 3.14. Obviously, this is currently disabled in our build.