build-sys: Add probing for -fstack-protector

Add probing for -fstack-protector to the existing -fstack-protector-strong since not all platforms support either one of them. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2026-02-05 05:59:18 +00:00 · 2022-03-02 13:52:53 -05:00 · 2022-03-02 13:52:53 -05:00 · 8a05e8fd52
commit 8a05e8fd52
parent 5796d4895f
1 changed files with 6 additions and 3 deletions
--- a/configure.ac
+++ b/configure.ac
@ -400,9 +400,12 @@ AC_ARG_ENABLE([hardening],
  AS_HELP_STRING([--disable-hardening], [Disable hardening flags]))

 if test "x$enable_hardening" != "xno"; then
-	TMP="$($CC -fstack-protector-strong $srcdir/include/swtpm/tpm_ioctl.h 2>&1)"
-	if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then
-		HARDENING_CFLAGS="-fstack-protector -Wstack-protector"
+	# Some versions of gcc fail with -Wstack-protector,
+	# some with -Wstack-protector-strong enabled
+	if ! $CC -fstack-protector-strong -Wstack-protector $srcdir/include/swtpm/tpm_ioctl.h 2>/dev/null; then
+		if $CC -fstack-protector -Wstack-protector $srcdir/include/swtpm/tpm_ioctl.h 2>/dev/null; then
+			HARDENING_CFLAGS="-fstack-protector -Wstack-protector"
+		fi
 	else
 		HARDENING_CFLAGS="-fstack-protector-strong -Wstack-protector"
 	fi