Hi Stefan, a quick clarification on configure:
right now, in configure, there's
* "Advanced Options (experts only)"
which usually don't have both enable and disable for each option, and
* "Optional features, enabled with --enable-FEATURE and
disabled with --disable-FEATURE, default is enabled if available:"
How do you think SafeStack should be classified?
* If we do it as Advanced option, we should probably force it disabled
unless --enable-safe-stack is provided. In this case
--disable-safe-stack is not really necessary.
* If we do it as optional feature, I have two ways to handle the default:
1. enable/disable based on the compilation flags given to configure
2. enable every time the provided compiler supports it
On 5/27/2020 7:12 AM, Stefan Hajnoczi wrote:
On Fri, May 22, 2020 at 11:24:46AM -0400, Daniele Buono wrote:
I would feel more confident by adding another check in configure to make
sure that the user didn't enable SafeStack manually through other means,
like manually setting the option through extra_cflags.
What do you think?
Sure, a compile_prog call could check if SafeStack is enable when it
shouldn't be.
This can be done together with a --disable option.
Stefan
