Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20111106193350.GA20337@openwall.com>
Date: Sun, 6 Nov 2011 23:33:50 +0400
From: Solar Designer <solar@...nwall.com>
To: owl-dev@...ts.openwall.com
Subject: Re: %optflags for new gcc

On Sun, Nov 06, 2011 at 08:45:19PM +0400, Vasiliy Kulikov wrote:
> In Ubuntu's gcc (from Ubuntu 10.04, some of them might be included
> upstream):
> 
> http://archive.ubuntu.com/ubuntu/pool/main/g/gcc-4.4/gcc-4.4_4.4.3-4ubuntu5.diff.gz

There's also:

http://archive.ubuntu.com/ubuntu/pool/main/g/gcc-4.6/gcc-4.6_4.6.2-2ubuntu1.diff.gz

> gcc-default-format-security.diff
> # DP: Turn on -Wformat -Wformat-security by  default for C, C++, ObjC,
> # ObjC++.

Yes, and then there are testsuite-hardening-format.diff and
testsuite-hardening-printf-types.diff.  These are just for the
testsuite, which I understand we currently don't run anyway, but I think
the issues patched there may be representative of what we'll see in
other packages if we enable -Wformat by default.

I'm not sure that we want to enable those warnings by default (without
-Wall) just to have extra stuff to patch then.  It is not obvious where
to stop in enabling more warnings by default (if go that route at all).

I briefly thought of making -Wformat-security the default without also
enabling -Wformat, but apparently that's not supported.

> gcc-default-fortify-source.diff
> # DP: Turn on -D_FORTIFY_SOURCE=2 by default for C, C++, ObjC, ObjC++.
> 
> 
> gcc-default-relro.diff
> # DP: Turn on -Wl,-z,relro by default.
> 
> 
> gcc-default-ssp.diff
> # DP: Turn on -fstack-protector by default for C, C++, ObjC, ObjC++.

Right.

> # DP: Build libgcc using -fno-stack-protector.

I guess this is to allow building programs that would use libgcc, but
not depend on the ssp symbols from glibc?

> libstdc++-pic.diff
> # DP: Build and install libstdc++_pic.a library.

Who/what would know to use this library?  Is there some logic to probe
for *_pic.a library filenames automatically?

> note-gnu-stack.diff
> # DP: Add .note.GNU-stack sections for gcc's crt files, libffi and boehm-gc
> # DP: Taken from FC.

Surprisingly, this patch is still present in
gcc-4.6_4.6.2-2ubuntu1.diff.gz.  Also, it is mostly by Jakub Jelinek,
who I understand is an upstream maintainer of gcc.  The remaining
portions of it are for relatively uncommon archs, though.

On a related note, I am similarly puzzled by Jakub's patches in Fedora's
package of gcc.  Perhaps there's some reason why Jakub feels those are
not appropriate for the upstream gcc.

> testsuite-hardening-*
> Fix testsuites to pass -W* checks

Oh, you spotted those too.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.