mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-04 15:13:58 +01:00
HBSD: Disable cfi-icall scheme for OpenSSH's ssh-sk-helper
The FIDO/U2F helper program for OpenSSH violates the cfi-icall CFI scheme. Until I get more time to determine the cause, and a potential fix, disable cfi-icall for the program. Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org> MFC-to: 13-STABLE
This commit is contained in:
parent
9e3df47102
commit
dcd402abb9
@ -11,6 +11,8 @@ LIBADD= ssh crypto z
|
||||
LIBADD+= fido2 cbor
|
||||
.endif
|
||||
|
||||
CFI_OVERRIDE= -fno-sanitize=cfi-icall
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
|
||||
.PATH: ${SSHDIR}
|
||||
|
Loading…
Reference in New Issue
Block a user