public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug driver/115293] New: Warn if a compiler flag downgrades protection provided by -fhardened
@ 2024-05-30 13:53 siddhesh at gcc dot gnu.org
2024-05-30 13:55 ` [Bug driver/115293] " siddhesh at gcc dot gnu.org
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: siddhesh at gcc dot gnu.org @ 2024-05-30 13:53 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115293
Bug ID: 115293
Summary: Warn if a compiler flag downgrades protection provided
by -fhardened
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: driver
Assignee: unassigned at gcc dot gnu.org
Reporter: siddhesh at gcc dot gnu.org
Target Milestone: ---
When -fhardened is passed alongside options it enables, the options could
override behaviour enabled by -fhardened. This is by design, but there's a hole
in this, in that accidentally passing, e.g. -fstack-protector alongside
-fhardened could downgrade stack protection.
Add a new warning (-Wweakened-hardening) that points out such a situation,
allowing developers to turn off the warning if the downgrade in hardening is
deliberate.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug driver/115293] Warn if a compiler flag downgrades protection provided by -fhardened
2024-05-30 13:53 [Bug driver/115293] New: Warn if a compiler flag downgrades protection provided by -fhardened siddhesh at gcc dot gnu.org
@ 2024-05-30 13:55 ` siddhesh at gcc dot gnu.org
2024-05-30 13:55 ` sjames at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: siddhesh at gcc dot gnu.org @ 2024-05-30 13:55 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115293
Siddhesh Poyarekar <siddhesh at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Version|13.0 |14.0
CC| |mpolacek at gcc dot gnu.org
Severity|normal |enhancement
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug driver/115293] Warn if a compiler flag downgrades protection provided by -fhardened
2024-05-30 13:53 [Bug driver/115293] New: Warn if a compiler flag downgrades protection provided by -fhardened siddhesh at gcc dot gnu.org
2024-05-30 13:55 ` [Bug driver/115293] " siddhesh at gcc dot gnu.org
@ 2024-05-30 13:55 ` sjames at gcc dot gnu.org
2024-05-30 13:57 ` siddhesh at gcc dot gnu.org
2024-05-30 14:07 ` siddhesh at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: sjames at gcc dot gnu.org @ 2024-05-30 13:55 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115293
--- Comment #1 from Sam James <sjames at gcc dot gnu.org> ---
We have -Whardened already which is maybe a good fit?
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug driver/115293] Warn if a compiler flag downgrades protection provided by -fhardened
2024-05-30 13:53 [Bug driver/115293] New: Warn if a compiler flag downgrades protection provided by -fhardened siddhesh at gcc dot gnu.org
2024-05-30 13:55 ` [Bug driver/115293] " siddhesh at gcc dot gnu.org
2024-05-30 13:55 ` sjames at gcc dot gnu.org
@ 2024-05-30 13:57 ` siddhesh at gcc dot gnu.org
2024-05-30 14:07 ` siddhesh at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: siddhesh at gcc dot gnu.org @ 2024-05-30 13:57 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115293
--- Comment #2 from Siddhesh Poyarekar <siddhesh at gcc dot gnu.org> ---
Oh, I had overlooked -Whardened; so it looks like we already do this.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug driver/115293] Warn if a compiler flag downgrades protection provided by -fhardened
2024-05-30 13:53 [Bug driver/115293] New: Warn if a compiler flag downgrades protection provided by -fhardened siddhesh at gcc dot gnu.org
` (2 preceding siblings ...)
2024-05-30 13:57 ` siddhesh at gcc dot gnu.org
@ 2024-05-30 14:07 ` siddhesh at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: siddhesh at gcc dot gnu.org @ 2024-05-30 14:07 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=115293
Siddhesh Poyarekar <siddhesh at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |INVALID
Status|UNCONFIRMED |RESOLVED
--- Comment #3 from Siddhesh Poyarekar <siddhesh at gcc dot gnu.org> ---
Invalid, since this is already implemented through -Whardened.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-05-30 14:07 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-05-30 13:53 [Bug driver/115293] New: Warn if a compiler flag downgrades protection provided by -fhardened siddhesh at gcc dot gnu.org
2024-05-30 13:55 ` [Bug driver/115293] " siddhesh at gcc dot gnu.org
2024-05-30 13:55 ` sjames at gcc dot gnu.org
2024-05-30 13:57 ` siddhesh at gcc dot gnu.org
2024-05-30 14:07 ` siddhesh at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).