"Strong" stack protection for GCC

-fstack-protector-strong does not stack-protect every function, only those with char arrays. If you want to stack-protect literally *everything*, use -fstack-protector-all. (This really does have a noticeable performance impact, though, and I'm not sure the kernel has been tested with it. It certainly requires more attention, because things like kernels often have functions in assembler which either assume that they themselves, or that functions they call, do not use the stack-protector -- and if those functions don't use char arrays, they will always be right: so they are suddenly broken by the use of -fstack-protector-all. It took me a while to fix all the glibc bugs in this area. God knows what kernel problems would show up.)