[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] [tor/master] Add support for gcc compiler/linker hardening flags.

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] [tor/master] Add support for gcc compiler/linker hardening flags.
From: arma@xxxxxxxxxxxxxx
Date: Fri, 7 May 2010 16:06:16 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-cvs-outgoing@xxxxxxxx
Delivered-to: or-cvs@xxxxxxxx
Delivery-date: Fri, 07 May 2010 12:06:23 -0400
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>
Date: Fri, 6 Nov 2009 15:45:27 -0800
Subject: Add support for gcc compiler/linker hardening flags.
Commit: 04fa935e02270bc90aca0f1c652d31c7a872175b

This patch adds support for two new configure options:
    '--enable-gcc-hardening'
    This sets CFLAGS to include:
        "-D_FORTIFY_SOURCE=2 -fstack-protector-all"
        "-fwrapv -fPIE -Wstack-protector -Wformat -Wformat-security"
        "-Wpointer-sign"
    It sets LDFLAGS to include:
        "-pie"

    '--enable-linker-hardening'
    This sets LDFLAGS to include:
        " -z relro -z now"
---
 changes/compileTimeHardening |   12 ++++++++++++
 configure.in                 |   21 +++++++++++++++++++++
 2 files changed, 33 insertions(+), 0 deletions(-)
 create mode 100644 changes/compileTimeHardening

diff --git a/changes/compileTimeHardening b/changes/compileTimeHardening
new file mode 100644
index 0000000..9e90dd2
--- /dev/null
+++ b/changes/compileTimeHardening
@@ -0,0 +1,12 @@
+Add two new configure flags:
+    --enable-gcc-hardening
+        This turns on gcc compile time hardening options. It ensures that
+        signed ints have defined behavior (-fwrapv), -D_FORTIFY_SOURCE=2 is
+        enabled (requiring -O2), stack smashing protection with canaries
+        (-fstack-protector-all), ASLR protection if supported by the kernel
+        (-fPIE, -pie). Additional security related warnings are enabled.
+        Verified as working on Mac OS X and Debian Lenny.
+
+    --enable-linker-hardening
+        This turns on ELF specific hardening features (relro, now). This does
+        not work with Mac OS X or any other non-ELF binary format.
diff --git a/configure.in b/configure.in
index 10e509d..07b3ff4 100644
--- a/configure.in
+++ b/configure.in
@@ -90,6 +90,27 @@ AC_ARG_ENABLE(gcc-warnings,
 AC_ARG_ENABLE(gcc-warnings-advisory,
      AS_HELP_STRING(--enable-gcc-warnings-advisory, [enable verbose warnings, excluding -Werror]))
 
+dnl Adam shostack suggests the following for Windows:
+dnl -D_FORTIFY_SOURCE=2 -fstack-protector-all
+dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
+dnl This requires that we use gcc and that we add -O2 to the CFLAGS.
+AC_ARG_ENABLE(gcc-hardening,
+     AS_HELP_STRING(--enable-gcc-hardening, enable compiler security checks),
+[if test x$enableval = xyes; then
+    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2 -fstack-protector-all"
+    CFLAGS+=" -fwrapv -fPIE -Wstack-protector -Wformat -Wformat-security"
+    CFLAGS+=" -Wpointer-sign"
+    LDFLAGS+=" -pie"
+fi])
+
+dnl Linker hardening options
+dnl Currently these options are ELF specific - you can't use this with MacOSX
+AC_ARG_ENABLE(linker-hardening,
+        AS_HELP_STRING(--enable-linker-hardening, enable linker security fixups),
+[if test x$enableval = xyes; then
+    LDFLAGS+=" -z relro -z now"
+fi])
+
 AC_ARG_ENABLE(local-appdata,
    AS_HELP_STRING(--enable-local-appdata, default to host local application data paths on Windows))
 if test "$enable_local_appdata" = "yes"; then
-- 
1.6.5

Prev by Author: [or-cvs] [tor/master] release notes entry for 0.2.1.26
Next by Author: [or-cvs] [tor/master] use ssp-buffer-size=1 to avoid Werror failures
Previous by thread: [or-cvs] r22294: {translation} updated files from pootle (in translation/trunk/projects/website: el/docs sr)
Next by thread: [or-cvs] r22295: {arm} Util for improved system call handling. added: system tools (in arm/trunk: interface util)
Index(es):
- Author
- Thread