Opened 14 months ago

Closed 4 months ago

#27530 closed defect (fixed)

Configure: Use AC_TRY_RUN() to check that --enable-gcc-hardening works

Reported by: teor Owned by: nickm
Priority: Low Milestone: Tor: 0.4.1.x-final
Component: Core Tor/Tor Version: Tor: unspecified
Severity: Normal Keywords: fast-fix, postfreeze-ok, 041-can, 041-should, asn-merge
Cc: mikeperry Actual Points: .1
Parent ID: #28611 Points: .2
Reviewer: teor Sponsor:

Description

Split off #27460 Comment 3:

maybe in 0.3.5 we should change the implementation of gcc-hardening so that it does an AC_TRY_RUN() to see whether it can use these compiler flags safely. That could be another ticket, though.

When we merge to 0.3.5, we should also revert #27460.

Child Tickets

Change History (18)

comment:1 Changed 13 months ago by nickm

Parent ID: #27389

comment:2 Changed 13 months ago by nickm

Milestone: Tor: 0.3.5.x-finalTor: 0.3.6.x-final

Deferring various feature-y things to 0.3.6. If one of these is actually happening in 0.3.5, please let me know!

comment:3 Changed 12 months ago by teor

Owner: teor deleted

Anyone can do this patch.

comment:4 Changed 12 months ago by nickm

Milestone: Tor: 0.3.6.x-finalTor: 0.4.0.x-final

Tor 0.3.6.x has been renamed to 0.4.0.x.

comment:5 Changed 11 months ago by teor

Parent ID: #28611

We will probably deal with this in #28611.

comment:6 Changed 9 months ago by nickm

Keywords: postfreeze-ok added

Mark some tickets as postfreeze-ok, to indicate that I think they are okay to accept in 0.4.0 post-freeze. Does not indicate that they are all necessary to do postfreeze.

comment:7 Changed 8 months ago by dgoulet

Keywords: 040-can added
Priority: MediumLow

Bug triage of 0.4.0 tickets. These are now in the "CAN" section. Lower priority than "040-must".

comment:8 Changed 8 months ago by nickm

Owner: set to nickm
Status: assignedaccepted

comment:9 Changed 8 months ago by nickm

Points: .2

comment:10 Changed 7 months ago by nickm

Milestone: Tor: 0.4.0.x-finalTor: 0.4.1.x-final

comment:11 Changed 5 months ago by nickm

Keywords: 041-can added; 040-can removed

comment:12 Changed 5 months ago by nickm

Keywords: 041-should added

comment:13 Changed 5 months ago by nickm

I'm not 100% sure that the approach suggested above is the way I'd like to do it. The basic hardening features that we use are not stuff that we want to turn off silently. But maybe we should generate a more useful failure message if we are unable to build with them, and tell the user to do --disable-gcc-hardening themself.

comment:14 Changed 5 months ago by nickm

Actual Points: .1
Status: acceptedneeds_review

See branch ticket27530 with PR at https://github.com/torproject/tor/pull/1060 for an implementation of the above approach.

comment:15 Changed 5 months ago by asn

Reviewer: teor

comment:16 Changed 4 months ago by teor

Status: needs_reviewmerge_ready

Looks good to me!

comment:17 Changed 4 months ago by nickm

Keywords: asn-merge added

comment:18 Changed 4 months ago by asn

Resolution: fixed
Status: merge_readyclosed

Merged to 042.

Note: See TracTickets for help on using tickets.