[libvirt] [PATCH 0/3] build: use -fstack-protector-strong
Tested with gcc-4.9.0 and clang-3.4.1. Ján Tomko (3): build: remove duplicit warning suppression build: remove ssp-buffer-size build: prefer -fstack-protector-strong to -all m4/virt-compile-warnings.m4 | 36 +++++++++++++++++++++--------------- 1 file changed, 21 insertions(+), 15 deletions(-) -- 1.8.5.5
These warnings have alread been added to $dontwarn. --- m4/virt-compile-warnings.m4 | 3 --- 1 file changed, 3 deletions(-) diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index 574fbc4..fb82238 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -119,9 +119,6 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ # ideally we'd turn many of them on dontwarn="$dontwarn -Wfloat-equal" dontwarn="$dontwarn -Wdeclaration-after-statement" - dontwarn="$dontwarn -Wcast-qual" - dontwarn="$dontwarn -Wconversion" - dontwarn="$dontwarn -Wsign-conversion" dontwarn="$dontwarn -Wpacked" dontwarn="$dontwarn -Wunused-macros" dontwarn="$dontwarn -Woverlength-strings" -- 1.8.5.5
On 06/11/2014 03:00 AM, Ján Tomko wrote:
These warnings have alread been added to $dontwarn.
s/alread/already/
--- m4/virt-compile-warnings.m4 | 3 --- 1 file changed, 3 deletions(-)
ACK
diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index 574fbc4..fb82238 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -119,9 +119,6 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ # ideally we'd turn many of them on dontwarn="$dontwarn -Wfloat-equal" dontwarn="$dontwarn -Wdeclaration-after-statement" - dontwarn="$dontwarn -Wcast-qual" - dontwarn="$dontwarn -Wconversion" - dontwarn="$dontwarn -Wsign-conversion" dontwarn="$dontwarn -Wpacked" dontwarn="$dontwarn -Wunused-macros" dontwarn="$dontwarn -Woverlength-strings"
-- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
This option only makes sense for -fstack-protector. With -fstack-protector-all or -fstack-protector-strong, functions are protected regardless of buffer size. https://bugzilla.redhat.com/show_bug.cgi?id=1105456 --- m4/virt-compile-warnings.m4 | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index fb82238..196afa7 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -166,16 +166,11 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ *-*-linux*) dnl Fedora only uses -fstack-protector, but doesn't seem to dnl be great overhead in adding -fstack-protector-all instead - dnl wantwarn="$wantwarn -fstack-protector" + dnl + dnl We also don't need ssp-buffer-size with -all, + dnl since functions are protected regardless of buffer size. + dnl wantwarn="$wantwarn --param=ssp-buffer-size=4" wantwarn="$wantwarn -fstack-protector-all" - wantwarn="$wantwarn --param=ssp-buffer-size=4" - dnl Even though it supports it, clang complains about - dnl use of --param=ssp-buffer-size=4 unless used with - dnl the -c arg. It doesn't like it when used with args - dnl that just link together .o files. Unfortunately - dnl we can't avoid that with automake, so we must turn - dnl off the following clang specific warning - wantwarn="$wantwarn -Wno-unused-command-line-argument" ;; *-*-freebsd*) dnl FreeBSD ships old gcc 4.2.1 which doesn't handle -- 1.8.5.5
On 06/11/2014 03:00 AM, Ján Tomko wrote:
This option only makes sense for -fstack-protector. With -fstack-protector-all or -fstack-protector-strong, functions are protected regardless of buffer size.
https://bugzilla.redhat.com/show_bug.cgi?id=1105456 --- m4/virt-compile-warnings.m4 | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-)
ACK. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Check upfront if it's supported, to avoid putting both of them on the command line. --- m4/virt-compile-warnings.m4 | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index 196afa7..6d632f9 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -156,6 +156,15 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ wantwarn="$wantwarn -Wframe-larger-than=4096" dnl wantwarn="$wantwarn -Wframe-larger-than=256" + AC_CACHE_CHECK([whether the C compiler supports stack-protector-strong], + [lv_cv_gcc_fstack_protector_strong], [ + save_CFLAGS=$CFLAGS + CFLAGS='-fstack-protector-strong -Werror' + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]])], + [lv_cv_gcc_fstack_protector_strong=yes], + [lv_cv_gcc_fstack_protector_strong=no]) + CFLAGS=$save_CFLAGS]) + # Extra special flags dnl -fstack-protector stuff passes gl_WARN_ADD with gcc dnl on Mingw32, but fails when actually used @@ -164,13 +173,18 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ dnl "error: -fstack-protector not supported for this target [-Werror]" ;; *-*-linux*) - dnl Fedora only uses -fstack-protector, but doesn't seem to - dnl be great overhead in adding -fstack-protector-all instead + dnl Prefer -fstack-protector-strong if it's available. + dnl There doesn't seem to be great overhead in adding + dnl -fstack-protector-all instead of -fstack-protector. dnl - dnl We also don't need ssp-buffer-size with -all, + dnl We also don't need ssp-buffer-size with -all or -strong, dnl since functions are protected regardless of buffer size. dnl wantwarn="$wantwarn --param=ssp-buffer-size=4" - wantwarn="$wantwarn -fstack-protector-all" + if test "$lv_cv_gcc_fstack_protector_strong" = yes; then + wantwarn="$wantwarn -fstack-protector-strong" + else + wantwarn="$wantwarn -fstack-protector-all" + fi ;; *-*-freebsd*) dnl FreeBSD ships old gcc 4.2.1 which doesn't handle -- 1.8.5.5
On Wed, Jun 11, 2014 at 11:00:22AM +0200, Ján Tomko wrote:
Check upfront if it's supported, to avoid putting both of them on the command line. --- m4/virt-compile-warnings.m4 | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index 196afa7..6d632f9 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -156,6 +156,15 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ wantwarn="$wantwarn -Wframe-larger-than=4096" dnl wantwarn="$wantwarn -Wframe-larger-than=256"
+ AC_CACHE_CHECK([whether the C compiler supports stack-protector-strong], + [lv_cv_gcc_fstack_protector_strong], [ + save_CFLAGS=$CFLAGS + CFLAGS='-fstack-protector-strong -Werror' + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]])], + [lv_cv_gcc_fstack_protector_strong=yes], + [lv_cv_gcc_fstack_protector_strong=no]) + CFLAGS=$save_CFLAGS])
This is really re-inventing the gnulib compiler arg checking which I don't think is desirable.
@@ -164,13 +173,18 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ dnl "error: -fstack-protector not supported for this target [-Werror]" ;; *-*-linux*) - dnl Fedora only uses -fstack-protector, but doesn't seem to - dnl be great overhead in adding -fstack-protector-all instead + dnl Prefer -fstack-protector-strong if it's available. + dnl There doesn't seem to be great overhead in adding + dnl -fstack-protector-all instead of -fstack-protector. dnl - dnl We also don't need ssp-buffer-size with -all, + dnl We also don't need ssp-buffer-size with -all or -strong, dnl since functions are protected regardless of buffer size. dnl wantwarn="$wantwarn --param=ssp-buffer-size=4" - wantwarn="$wantwarn -fstack-protector-all" + if test "$lv_cv_gcc_fstack_protector_strong" = yes; then + wantwarn="$wantwarn -fstack-protector-strong" + else + wantwarn="$wantwarn -fstack-protector-all" + fi ;; *-*-freebsd*) dnl FreeBSD ships old gcc 4.2.1 which doesn't handle
I'd suggest we only list 'wantwarn="$wantwarn -fstack-protector-strong' here. Then, after the 'gl_WARN_ADD' call has processed everything in $wantwarn we check to see if $WARNING_CFLAGS contains the desired -fstack-protector-strong arg and if not, we call gl_WARN_ADD for -fstack-protector-all Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
Try -fstack-protector-strong first on Linux. If that fails, fall back to -fstack-protector-all. --- m4/virt-compile-warnings.m4 | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index 196afa7..532a777 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -164,13 +164,14 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ dnl "error: -fstack-protector not supported for this target [-Werror]" ;; *-*-linux*) - dnl Fedora only uses -fstack-protector, but doesn't seem to - dnl be great overhead in adding -fstack-protector-all instead + dnl Prefer -fstack-protector-strong if it's available. + dnl There doesn't seem to be great overhead in adding + dnl -fstack-protector-all instead of -fstack-protector. dnl - dnl We also don't need ssp-buffer-size with -all, + dnl We also don't need ssp-buffer-size with -all or -strong, dnl since functions are protected regardless of buffer size. dnl wantwarn="$wantwarn --param=ssp-buffer-size=4" - wantwarn="$wantwarn -fstack-protector-all" + wantwarn="$wantwarn -fstack-protector-strong" ;; *-*-freebsd*) dnl FreeBSD ships old gcc 4.2.1 which doesn't handle @@ -201,6 +202,19 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ gl_WARN_ADD([$w]) done + case $host in + *-*-linux*) + dnl Fall back to -fstack-protector-all if -strong is not available + case $WARN_CFLAGS in + *-fstack-protector-strong*) + ;; + *) + gl_WARN_ADD(["-fstack-protector-all"]) + ;; + esac + ;; + esac + # Silence certain warnings in gnulib, and use improved glibc headers AC_DEFINE([lint], [1], [Define to 1 if the compiler is checking for lint.]) -- 1.8.5.5
On Wed, Jun 11, 2014 at 02:11:46PM +0200, Ján Tomko wrote:
Try -fstack-protector-strong first on Linux. If that fails, fall back to -fstack-protector-all. --- m4/virt-compile-warnings.m4 | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4 index 196afa7..532a777 100644 --- a/m4/virt-compile-warnings.m4 +++ b/m4/virt-compile-warnings.m4 @@ -164,13 +164,14 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ dnl "error: -fstack-protector not supported for this target [-Werror]" ;; *-*-linux*) - dnl Fedora only uses -fstack-protector, but doesn't seem to - dnl be great overhead in adding -fstack-protector-all instead + dnl Prefer -fstack-protector-strong if it's available. + dnl There doesn't seem to be great overhead in adding + dnl -fstack-protector-all instead of -fstack-protector. dnl - dnl We also don't need ssp-buffer-size with -all, + dnl We also don't need ssp-buffer-size with -all or -strong, dnl since functions are protected regardless of buffer size. dnl wantwarn="$wantwarn --param=ssp-buffer-size=4" - wantwarn="$wantwarn -fstack-protector-all" + wantwarn="$wantwarn -fstack-protector-strong" ;; *-*-freebsd*) dnl FreeBSD ships old gcc 4.2.1 which doesn't handle @@ -201,6 +202,19 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[ gl_WARN_ADD([$w]) done
+ case $host in + *-*-linux*) + dnl Fall back to -fstack-protector-all if -strong is not available + case $WARN_CFLAGS in + *-fstack-protector-strong*) + ;; + *) + gl_WARN_ADD(["-fstack-protector-all"]) + ;; + esac + ;; + esac + # Silence certain warnings in gnulib, and use improved glibc headers AC_DEFINE([lint], [1], [Define to 1 if the compiler is checking for lint.])
ACK Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
participants (3)
-
Daniel P. Berrange -
Eric Blake -
Ján Tomko