Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge remote-tracking branch 'public/hardening_flags_must_link'

Nick Mathewson 8 years ago
parent
c404905822 d9080f5d3a
commit
617b920551
2 changed files with 26 additions and 5 deletions
Split View Show Diff Stats
  1. 6 0
      changes/bug18895
  2. 20 5
      configure.ac

+ 6 - 0
changes/bug18895
View File 

@@ -0,0 +1,6 @@
 
+  o Minor features (build):
 
+    - When building on a system without runtime support for some of the
 
+      runtime hardening options, try to log a useful warning at configuration
 
+      time, rather than an incomprehensible warning at link time.
 
+      If expensive hardening was requested, this warning becomes an error.
 
+      Closes ticket 18895.

+ 20 - 5
configure.ac
View File 

@@ -790,14 +790,29 @@ m4_ifdef([AS_VAR_IF],[
 
        TOR_CHECK_CFLAGS(-fPIE)
 
        TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
 
     fi
 
-    TOR_TRY_COMPILE_WITH_CFLAGS(-ftrapv, , CFLAGS_FTRAPV="-ftrapv", true)
 
-    TOR_TRY_COMPILE_WITH_CFLAGS(-fwrapv, , CFLAGS_FWRAPV="-fwrapv", true)
 
+    TOR_TRY_COMPILE_WITH_CFLAGS(-ftrapv, also_link, CFLAGS_FTRAPV="-ftrapv", true)
 
+    TOR_TRY_COMPILE_WITH_CFLAGS(-fwrapv, also_link, CFLAGS_FWRAPV="-fwrapv", true)
 
+    if test "$tor_cv_cflags__ftrapv" = "yes" && test "$tor_can_link__ftrapv" != "yes"; then
 
+      AC_MSG_WARN([The compiler supports -ftrapv, but for some reason I was not able to link with -ftrapv. Are you missing run-time support? Run-time hardening will not work as well as it should.])
 
+    fi
 
 fi
 
 
 if test "x$enable_expensive_hardening" = "xyes"; then
 
-   TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=address], , CFLAGS_ASAN="-fsanitize=address", true)
 
-   TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=undefined], , CFLAGS_UBSAN="-fsanitize=undefined", true)
 
-   TOR_CHECK_CFLAGS([-fno-omit-frame-pointer])
 
+   if test "$tor_cv_cflags__ftrapv" != "yes"; then
 
+     AC_MSG_ERROR([You requested expensive hardening, but the compiler does not seem to support -ftrapv.])
 
+   fi
 
+
 
+   TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=address], also_link, CFLAGS_ASAN="-fsanitize=address", true)
 
+    if test "$tor_cv_cflags__fsanitize_address" = "yes" && test "$tor_can_link__fsanitize_address" != "yes"; then
 
+      AC_MSG_ERROR([The compiler supports -fsanitize=address, but for some reason I was not able to link when using it. Are you missing run-time support? With GCC you need libubsan.so, and with Clang you need libclang_rt.ubsan*])
 
+    fi
 
+
 
+   TOR_TRY_COMPILE_WITH_CFLAGS([-fsanitize=undefined], also_link, CFLAGS_UBSAN="-fsanitize=undefined", true)
 
+    if test "$tor_cv_cflags__fsanitize_address" = "yes" && test "$tor_can_link__fsanitize_address" != "yes"; then
 
+      AC_MSG_ERROR([The compiler supports -fsanitize=undefined, but for some reason I was not able to link when using it. Are you missing run-time support? With GCC you need libasan.so, and with Clang you need libclang_rt.ubsan*])
 
+    fi
 
+
 
+TOR_CHECK_CFLAGS([-fno-omit-frame-pointer])
 
 fi
 
 
 CFLAGS_BUGTRAP="$CFLAGS_FTRAPV $CFLAGS_ASAN $CFLAGS_UBSAN"