Opened 9 months ago

Last modified 12 days ago

#28611 new enhancement

Add `-mstack-protector-guard=global` to CFLAGS instead of `--disable-gcc-hardening` configure option on Windows?

Reported by: grj Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: 029-backport, 035-backport, win32, postfreeze-ok, 040-deferred-20190220, 033-unreached-backport
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

workaround https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86832#c8

Tor compiles fine on Windows mingw gcc 8.2 without --disable-gcc-hardening if add -mstack-protector-guard=global to CFLAGS

Child Tickets

TicketTypeStatusOwnerSummary
#27530defectclosednickmConfigure: Use AC_TRY_RUN() to check that --enable-gcc-hardening works

Change History (9)

comment:1 Changed 9 months ago by nickm

Keywords: 029-backport 033-backport 034-backport 035-backport win32 added
Milestone: Tor: 0.4.0.x-final

comment:2 Changed 9 months ago by teor

-mstack-protector-guard=global -fstack-protector{,-all,-strong,-explicit} is required on gcc 8.2 on some targets, to work around https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86832

The gcc issue should be fixed in the next gcc release.

So let's combine this ticket and #27530.

If --enable-expensive-hardening is set:

  • AC_TRY_RUN with tor's standard hardening flags
  • if that doesn't work, use -mstack-protector-guard=global -fstack-protector{,-all,-strong,-explicit}
  • if that doesn't work, disable hardening
  • if that doesn't work, fail configure

comment:4 Changed 7 months ago by nickm

Keywords: postfreeze-ok added

Mark some tickets as postfreeze-ok, to indicate that I think they are okay to accept in 0.4.0 post-freeze. Does not indicate that they are all necessary to do postfreeze.

comment:5 Changed 6 months ago by nickm

Keywords: 040-deferred-20190220 added
Milestone: Tor: 0.4.0.x-finalTor: unspecified

Deferring 51 tickets from 0.4.0.x-final. Tagging them with 040-deferred-20190220 for visibility. These are the tickets that did not get 040-must, 040-can, or tor-ci.

comment:6 Changed 6 months ago by teor

Keywords: 033-backport removed

These open, non-merge_ready tickets can not get backported to 0.3.3, because 0.3.3 is now unsupported.

comment:7 Changed 6 months ago by teor

Keywords: 033-backport-unreached added

Hmm, I guess they should still get 033-backport-unreached

comment:8 Changed 2 months ago by nickm

Keywords: 034-backport removed

Removing 034-backport from all open tickets: 034 has reached EOL.

comment:9 Changed 12 days ago by teor

Keywords: 033-unreached-backport added; 033-backport-unreached removed

Fix 033-unreached-backport spelling.

Note: See TracTickets for help on using tickets.