Enable -fstack-protector=* when requested by configure [BZ #7065]

ChangeLog

@@ -1,3 +1,10 @@
+2016-12-26  Nick Alcock  <nick.alcock@oracle.com>
+
+	[BZ #7065]
+	Enable stack protectore if requested by ./configure.
+	* Makeconfig (+stack-protector): New variable.
+	(+cflags): Use it.
+
 2016-12-26  Nick Alcock  <nick.alcock@oracle.com>
 
 	[BZ #7065]

Makeconfig

@@ -807,6 +807,11 @@ endif
 # disable any optimization that assume default rounding mode.
 +math-flags = -frounding-math
 
+# We might want to compile with some stack-protection flag.
+ifneq ($(stack-protector),)
++stack-protector=$(stack-protector)
+endif
+
 # This is the program that generates makefile dependencies from C source files.
 # The -MP flag tells GCC >= 3.2 (which we now require) to produce dummy
 # targets for headers so that removed headers don't break the build.
@@ -866,7 +871,8 @@ ifeq	"$(strip $(+cflags))" ""
 +cflags	:= $(default_cflags)
 endif	# $(+cflags) == ""
 
-+cflags += $(cflags-cpu) $(+gccwarn) $(+merge-constants) $(+math-flags)
++cflags += $(cflags-cpu) $(+gccwarn) $(+merge-constants) $(+math-flags) \
+	   $(+stack-protector)
 +gcc-nowarn := -w
 
 # Don't duplicate options if we inherited variables from the parent.

NEWS

@@ -89,6 +89,10 @@ Version 2.25
 * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014,
   are added to libc.  They convert a floating-point number into string.
 
+* Most of glibc can now be built with the stack smashing protector enabled.
+  It is recommended to build glibc with --enable-stack-protector=strong.
+  Implemented by Nick Alcock (Oracle).
+
 * The function explicit_bzero, from OpenBSD, has been added to libc.  It is
   intended to be used instead of memset() to erase sensitive data after use;
   the compiler will not optimize out calls to explicit_bzero even if they