From 878fadd74fca27759a9635534bbeeb2fcf2536c4 Mon Sep 17 00:00:00 2001 From: Oliver Smith Date: Thu, 8 Apr 2021 11:58:59 +0200 Subject: [PATCH] firmware: disable stack protector by default Disable stack protector for all boards/apps by default, not only qmod-dfu. Use 'make STACK_PROTECTOR=1' to enable. This was recommened by Eric: "I'd argue that we do not want this in general, since it adds canaries to all functions that deal with buffers, and therefore impacts the overall timing in a non determinstic way depending on inlining and optimizations, while contributing nothing in non debug builds." Related: OS#5081 Change-Id: I30ad97f231ea5b401def650bc9adc7e9f2770df0 --- firmware/Makefile | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/firmware/Makefile b/firmware/Makefile index b147b0d7..684f223a 100644 --- a/firmware/Makefile +++ b/firmware/Makefile @@ -59,11 +59,6 @@ OUTPUT = $(BOARD)-$(APP) BIN = bin OBJ = obj/$(BOARD) -# Disable stack protector for code in small ROM regions (OS#5081) -ifeq ($(BOARD)-$(APP), qmod-dfu) -CFLAGS_EXTRA ?= -fno-stack-protector -endif - #------------------------------------------------------------------------------- # Tools #------------------------------------------------------------------------------- @@ -183,7 +178,14 @@ CFLAGS += -ffunction-sections -g $(OPTIMIZATION) $(INCLUDES) -D$(CHIP) -DTRACE_L CFLAGS += -DGIT_VERSION=\"$(GIT_VERSION)\" CFLAGS += -DBOARD=\"$(BOARD)\" -DBOARD_$(BOARD) CFLAGS += -DAPPLICATION=\"$(APP)\" -DAPPLICATION_$(APP) -CFLAGS += $(CFLAGS_EXTRA) + +# Disable stack protector by default (OS#5081) +ifeq ($(STACK_PROTECTOR), 1) +CFLAGS += -fstack-protector +else +CFLAGS += -fno-stack-protector +endif + ASFLAGS = -mcpu=cortex-m3 -mthumb -Wall -g $(OPTIMIZATION) $(INCLUDES) -D$(CHIP) -D__ASSEMBLY__ LDFLAGS = -mcpu=cortex-m3 -mthumb -Wl,--cref -Wl,--check-sections -Wl,--gc-sections -Wl,--entry=ResetException -Wl,--unresolved-symbols=report-all -Wl,--warn-common -Wl,--warn-section-align -Wl,--print-memory-usage -Wl,--no-undefined $(LIB) #LD_OPTIONAL=-Wl,--print-gc-sections -Wl,--stats