From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=SyUQ=CI=gmail.com=bugaevc@sourceware.org>
Received: from mail-oo1-xc2a.google.com (mail-oo1-xc2a.google.com [IPv6:2607:f8b0:4864:20::c2a])
	by sourceware.org (Postfix) with ESMTPS id D72C9385843E
	for <libc-alpha@sourceware.org>; Tue, 20 Jun 2023 12:53:25 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org D72C9385843E
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com
Received: by mail-oo1-xc2a.google.com with SMTP id 006d021491bc7-55b3a245359so3145292eaf.2
        for <libc-alpha@sourceware.org>; Tue, 20 Jun 2023 05:53:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687265605; x=1689857605;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=pwAc8y/oa/NkiJHybnNTWMxIXs05rJJNSnaWnRxaarE=;
        b=ZqWVSuVaFkEb9icyFONpmtWwvnqiMUbqHMACg0aD3qB7mzIuidSHepO1RTR/Zf6Pfl
         EQ8bEk8FzRcxZxkKw4VlvM3xGiZuLTQ+qcQgEAOW1akXqnUtZiRdQtrB0N8yokv2WTNB
         AO+MdYGjvyPKuqddrpYN7MlrudGbCrKICliiRfK/LT3MM4FOtCxDeNTqFrw5A8ME2R6i
         teQ+kqXYoBH+9AeaHyZwpNCOU5DptNyefdrYSxBPzvOGYCQfWISf/lxP2CLmBPGgpEqO
         VgdLxSnVZmFKjCZSVhQhoiwFwxKOxaRsuZWIyF8qMdDAB+VyHAe3QN5tJ42kJf98vgX7
         SLIA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687265605; x=1689857605;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=pwAc8y/oa/NkiJHybnNTWMxIXs05rJJNSnaWnRxaarE=;
        b=Azkj+GQu4Oc90mNgv5P9MMJb/LYqr8TfDcsNx81BB7izLnBkq53G+HvFjeUlf7wEen
         3NlVr7st4SdZaeLdggz4l8mnr0rdbtFGkYKwQPThFJ5fDQ7R7+cLdO2fXE1H11NqYwPH
         pNONaLdlgBOUWSs2UY0aRCcXmS06fzuNZxKxTVS/zjdb6oqxTicWJ/3RGjkq09W2FVVw
         QkhxTLJoobl/jZddiobgJWE3+e4bzneJiiTisLJ0Zo/jg1HppGy28uLvyAghGf2b3K79
         t+sNtQV7jngzO+m/SN2fewzoWt/KYtOTtn0BTnte+wHd4bEQlrxVYuWsoHdHPVZOWvz8
         w1Ng==
X-Gm-Message-State: AC+VfDxn7AcQrEAkG7fi6IfLUUiVRT1C2ks7BiGmbyhBopO6vZcoy0Ci
	tOu8xMnANb5bUN5LJmLdAutPm+jK/rkbyLB3H/E=
X-Google-Smtp-Source: ACHHUZ4Hdb9XaWQpUZdG21o5wlI72BrcMv6xmChvIkbryeb7jJUO8gRgvH7uNqMniQNPeT5IAkjAxFFUook1PEE4KME=
X-Received: by 2002:a05:6808:bd0:b0:39e:bfe9:6391 with SMTP id
 o16-20020a0568080bd000b0039ebfe96391mr10672476oik.1.1687265605099; Tue, 20
 Jun 2023 05:53:25 -0700 (PDT)
MIME-Version: 1.0
References: <20230617222218.642125-1-bugaevc@gmail.com> <1249c048-c72d-0bf1-f0e0-2e619cfe5372@redhat.com>
 <CAN9u=Hda-rKrY2yXesbHDxk1jpbMoTKFp5qOQvsrpKojQb71aw@mail.gmail.com>
 <783b1d24-f2b4-3a3c-d636-2b231be3b823@linaro.org> <2B723D88-546D-4AA6-8BDA-7B6CC9F5D404@linaro.org>
 <CAN9u=HcNj1k4FBB9ZoUrwqL_gyP_7jV2zDsk65nHaReC_8e-Lw@mail.gmail.com>
 <4F21801F-83DB-44EE-A463-9C6FC42F81B4@linaro.org> <CAN9u=Hfih5tBTkkvrqUMLWX+N9qYNJTRkLGwLJoEj+LqaszwdA@mail.gmail.com>
 <99B8C69B-D3F3-4ED3-9F3B-19BC586BF6B6@linaro.org>
In-Reply-To: <99B8C69B-D3F3-4ED3-9F3B-19BC586BF6B6@linaro.org>
From: Sergey Bugaev <bugaevc@gmail.com>
Date: Tue, 20 Jun 2023 15:53:14 +0300
Message-ID: <CAN9u=HdLDFFRd-Z9iZg+1VKaUTSqm8YhJVOEHWSdUh0eg16vtA@mail.gmail.com>
Subject: Re: [PATCH v3 0/5] fcntl fortification
To: Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org>
Cc: "Carlos O'Donell" <carlos@redhat.com>, 
	Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>, Libc-alpha <libc-alpha@sourceware.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-2.2 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <libc-alpha.sourceware.org>

On Tue, Jun 20, 2023 at 3:38=E2=80=AFPM Maxim Kuvyrkov
<maxim.kuvyrkov@linaro.org> wrote:
> We don't set _FORTIFY_SOURCE in our CI's glibc build, but, I think, it co=
mes from Ubuntu's GCC, where it may be enabled by default.  Or are you usin=
g Ubuntu and not seeing this with default Ubuntu toolchain?

I'm not using Ubuntu.

Do they just set _FORTIFY_SOURCE by default -- i.e. not only when
building OS packages, but for all compilations? That's... unusual :|

It's also concerning that check-installed-headers doesn't check this
configuration (_FORTIFY_SOURCE with non-GNU C standard), and we're
only finding out about this by accident. There's a comment in
check-installed-headers.sh that says:

# An exhaustive test of feature selection macros would take far too long.
# These are probably the most commonly used three.

That makes sense when running the testsuite locally since you want it
to finish in minutes, not days, but wouldn't checking all combinations
(or at least _a lot_ more of them) make more sense for CI?

Sergey