From: Jakub Jelinek <jakub@redhat.com>
To: Marek Polacek <polacek@redhat.com>
Cc: Richard Biener <richard.guenther@gmail.com>,
iain@sandoe.co.uk, GCC Patches <gcc-patches@gcc.gnu.org>
Subject: Re: [PATCH v5] gcc: Introduce -fhardened
Date: Mon, 20 Nov 2023 17:32:47 +0100 [thread overview]
Message-ID: <ZVuKJyOwi7s35HGS@tucnak> (raw)
In-Reply-To: <ZVaAylotDULKTs/N@redhat.com>
On Thu, Nov 16, 2023 at 03:51:22PM -0500, Marek Polacek wrote:
> Thanks, that's a good point. In this version I've added a target hook.
>
> On my system, -D_FORTIFY_SOURCE=3 will be used, and if I remove
> linux_fortify_source_default_level it's =2 as expected.
>
> The only problem was that it doesn't seem to be possible to use
> targetm. in opts.cc -- I get an undefined reference. But since
> the opts.cc use is for --help only, it's not a big deal either way.
>
> Bootstrapped/regtested on x86_64-pc-linux-gnu, ok for trunk?
>
> -- >8 --
> In <https://gcc.gnu.org/pipermail/gcc-patches/2023-August/628748.html>
> I proposed -fhardened, a new umbrella option that enables a reasonable set
> of hardening flags. The read of the room seems to be that the option
> would be useful. So here's a patch implementing that option.
>
> Currently, -fhardened enables:
>
> -D_FORTIFY_SOURCE=3 (or =2 for older glibcs)
> -D_GLIBCXX_ASSERTIONS
> -ftrivial-auto-var-init=zero
> -fPIE -pie -Wl,-z,relro,-z,now
> -fstack-protector-strong
> -fstack-clash-protection
> -fcf-protection=full (x86 GNU/Linux only)
>
> -fhardened will not override options that were specified on the command line
> (before or after -fhardened). For example,
>
> -D_FORTIFY_SOURCE=1 -fhardened
>
> means that _FORTIFY_SOURCE=1 will be used. Similarly,
>
> -fhardened -fstack-protector
>
> will not enable -fstack-protector-strong.
>
> Currently, -fhardened is only supported on GNU/Linux.
>
> In DW_AT_producer it is reflected only as -fhardened; it doesn't expand
> to anything. This patch provides -Whardened, enabled by default, which
> warns when -fhardened couldn't enable a particular option. I think most
> often it will say that _FORTIFY_SOURCE wasn't enabled because optimization
> were not enabled.
>
> gcc/c-family/ChangeLog:
>
> * c-opts.cc: Include "target.h".
> (c_finish_options): Maybe cpp_define _FORTIFY_SOURCE
> and _GLIBCXX_ASSERTIONS.
>
> gcc/ChangeLog:
>
> * common.opt (Whardened, fhardened): New options.
> * config.in: Regenerate.
> * config/bpf/bpf.cc: Include "opts.h".
> (bpf_option_override): If flag_stack_protector_set_by_fhardened_p, do
> not inform that -fstack-protector does not work.
> * config/i386/i386-options.cc (ix86_option_override_internal): When
> -fhardened, maybe enable -fcf-protection=full.
> * config/linux-protos.h (linux_fortify_source_default_level): Declare.
> * config/linux.cc (linux_fortify_source_default_level): New.
> * config/linux.h (TARGET_FORTIFY_SOURCE_DEFAULT_LEVEL): Redefine.
> * configure: Regenerate.
> * configure.ac: Check if the linker supports '-z now' and '-z relro'.
> Check if -fhardened is supported on $target_os.
> * doc/invoke.texi: Document -fhardened and -Whardened.
> * doc/tm.texi: Regenerate.
> * doc/tm.texi.in (TARGET_FORTIFY_SOURCE_DEFAULT_LEVEL): Add.
> * gcc.cc (driver_handle_option): Remember if any link options or -static
> were specified on the command line.
> (process_command): When -fhardened, maybe enable -pie and
> -Wl,-z,relro,-z,now.
> * opts.cc (flag_stack_protector_set_by_fhardened_p): New global.
> (finish_options): When -fhardened, enable
> -ftrivial-auto-var-init=zero and -fstack-protector-strong.
> (print_help_hardened): New.
> (print_help): Call it.
> * target.def (fortify_source_default_level): New target hook.
> * targhooks.cc (default_fortify_source_default_level): New.
> * targhooks.h (default_fortify_source_default_level): Declare.
> * toplev.cc (process_options): When -fhardened, enable
> -fstack-clash-protection. If flag_stack_protector_set_by_fhardened_p,
> do not warn that -fstack-protector not supported for this target.
> Don't enable -fhardened when !HAVE_FHARDENED_SUPPORT.
>
> gcc/testsuite/ChangeLog:
>
> * gcc.misc-tests/help.exp: Test -fhardened.
> * c-c++-common/fhardened-1.S: New test.
> * c-c++-common/fhardened-1.c: New test.
> * c-c++-common/fhardened-10.c: New test.
> * c-c++-common/fhardened-11.c: New test.
> * c-c++-common/fhardened-12.c: New test.
> * c-c++-common/fhardened-13.c: New test.
> * c-c++-common/fhardened-14.c: New test.
> * c-c++-common/fhardened-15.c: New test.
> * c-c++-common/fhardened-2.c: New test.
> * c-c++-common/fhardened-3.c: New test.
> * c-c++-common/fhardened-4.c: New test.
> * c-c++-common/fhardened-5.c: New test.
> * c-c++-common/fhardened-6.c: New test.
> * c-c++-common/fhardened-7.c: New test.
> * c-c++-common/fhardened-8.c: New test.
> * c-c++-common/fhardened-9.c: New test.
> * gcc.target/i386/cf_check-6.c: New test.
LGTM.
Jakub
next prev parent reply other threads:[~2023-11-21 8:22 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-15 15:08 [PATCH] " Marek Polacek
2023-09-18 6:57 ` Richard Biener
2023-09-19 14:58 ` Marek Polacek
2023-09-19 15:14 ` Jakub Jelinek
2023-10-11 20:48 ` [PATCH v2] " Marek Polacek
2023-10-18 20:12 ` Qing Zhao
2023-10-19 18:32 ` Marek Polacek
2023-10-19 12:24 ` Richard Biener
2023-10-19 12:33 ` Sam James
2023-10-19 18:33 ` Marek Polacek
2023-10-23 19:25 ` [PATCH v3] " Marek Polacek
2023-10-24 7:22 ` Richard Biener
2023-10-24 19:09 ` Marek Polacek
2023-10-26 15:55 ` Richard Biener
2023-11-03 22:51 ` [PATCH v4] " Marek Polacek
2023-11-13 15:41 ` Marek Polacek
2023-11-14 7:46 ` Richard Biener
2023-11-14 16:00 ` Marek Polacek
2023-11-15 11:42 ` Richard Biener
2023-11-15 12:25 ` Jakub Jelinek
2023-11-16 20:51 ` [PATCH v5] " Marek Polacek
2023-11-20 16:32 ` Jakub Jelinek [this message]
2023-11-21 15:41 ` Marek Polacek
2023-11-23 16:59 ` Marek Polacek
2023-10-24 7:44 ` [PATCH v3] " Iain Sandoe
2023-10-24 9:34 ` Iain Sandoe
2023-10-24 19:03 ` Marek Polacek
2023-10-24 19:16 ` Iain Sandoe
2023-11-26 10:59 [PATCH v5] " FX Coudert
2023-11-27 15:00 ` Marek Polacek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZVuKJyOwi7s35HGS@tucnak \
--to=jakub@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=iain@sandoe.co.uk \
--cc=polacek@redhat.com \
--cc=richard.guenther@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).