Opened 21 months ago

Last modified 7 months ago

#28611 new enhancement

Add `-mstack-protector-guard=global` to CFLAGS instead of `--disable-gcc-hardening` configure option on Windows?

Reported by: grj Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: 035-backport, win32, postfreeze-ok, 040-deferred-20190220, 033-unreached-backport
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:



Tor compiles fine on Windows mingw gcc 8.2 without --disable-gcc-hardening if add -mstack-protector-guard=global to CFLAGS

Child Tickets

#27530defectclosednickmConfigure: Use AC_TRY_RUN() to check that --enable-gcc-hardening works

Change History (10)

comment:1 Changed 21 months ago by nickm

Keywords: 029-backport 033-backport 034-backport 035-backport win32 added
Milestone: Tor: 0.4.0.x-final

comment:2 Changed 21 months ago by teor

-mstack-protector-guard=global -fstack-protector{,-all,-strong,-explicit} is required on gcc 8.2 on some targets, to work around

The gcc issue should be fixed in the next gcc release.

So let's combine this ticket and #27530.

If --enable-expensive-hardening is set:

  • AC_TRY_RUN with tor's standard hardening flags
  • if that doesn't work, use -mstack-protector-guard=global -fstack-protector{,-all,-strong,-explicit}
  • if that doesn't work, disable hardening
  • if that doesn't work, fail configure

comment:4 Changed 19 months ago by nickm

Keywords: postfreeze-ok added

Mark some tickets as postfreeze-ok, to indicate that I think they are okay to accept in 0.4.0 post-freeze. Does not indicate that they are all necessary to do postfreeze.

comment:5 Changed 18 months ago by nickm

Keywords: 040-deferred-20190220 added
Milestone: Tor: 0.4.0.x-finalTor: unspecified

Deferring 51 tickets from 0.4.0.x-final. Tagging them with 040-deferred-20190220 for visibility. These are the tickets that did not get 040-must, 040-can, or tor-ci.

comment:6 Changed 18 months ago by teor

Keywords: 033-backport removed

These open, non-merge_ready tickets can not get backported to 0.3.3, because 0.3.3 is now unsupported.

comment:7 Changed 18 months ago by teor

Keywords: 033-backport-unreached added

Hmm, I guess they should still get 033-backport-unreached

comment:8 Changed 14 months ago by nickm

Keywords: 034-backport removed

Removing 034-backport from all open tickets: 034 has reached EOL.

comment:9 Changed 12 months ago by teor

Keywords: 033-unreached-backport added; 033-backport-unreached removed

Fix 033-unreached-backport spelling.

comment:10 Changed 7 months ago by teor

Keywords: 029-backport removed

0.2.9 is no longer maintained as of 1 January 2020. Therefore, we won't be backporting anything to it.

(None of these tickets are merge_ready, so we can just delete the backport tag.)

Note: See TracTickets for help on using tickets.