sys-libs/glibc: switch -fstack-protector-all to -strong, bug #712356

--enable-stack-protector=all adds protection to functions that don't
have a chance to corrupt stack. On top of that glibc's own tests fail
on static IFUNC resolver.

Let's use -fstack-protector-strong which matches Gentoo's gcc default.

Should fix at least the following test failures:
    FAIL: elf/ifuncmain9picstatic
    FAIL: elf/ifuncmain9static

Reported-by: Toralf Förster
Bug: https://bugs.gentoo.org/712356
Bug: https://sourceware.org/PR25680
Package-Manager: Portage-2.3.94, Repoman-2.3.20
Signed-off-by: Sergei Trofimovich <[email protected]>

Author: Sergei Trofimovich

sys-libs/glibc/glibc-2.31-r1.ebuild

@@ -870,7 +870,11 @@ glibc_do_configure() {
 			myconf+=( --enable-stack-protector=no )
 			;;
 		*)
-			myconf+=( --enable-stack-protector=$(usex ssp all no) )
+			# Use '=strong' instead of '=all' to protect only functions
+			# worth protecting from stack smashes.
+			# '=all' is also known to have a problem in IFUNC resolution
+			# tests: https://sourceware.org/PR25680, bug #712356.
+			myconf+=( --enable-stack-protector=$(usex ssp strong no) )
 			;;
 	esac
 	myconf+=( --enable-stackguard-randomization )

sys-libs/glibc/glibc-9999.ebuild

@@ -869,7 +869,11 @@ glibc_do_configure() {
 			myconf+=( --enable-stack-protector=no )
 			;;
 		*)
-			myconf+=( --enable-stack-protector=$(usex ssp all no) )
+			# Use '=strong' instead of '=all' to protect only functions
+			# worth protecting from stack smashes.
+			# '=all' is also known to have a problem in IFUNC resolution
+			# tests: https://sourceware.org/PR25680, bug #712356.
+			myconf+=( --enable-stack-protector=$(usex ssp strong no) )
 			;;
 	esac
 	myconf+=( --enable-stackguard-randomization )