Message ID | 20181105200750.6039-1-romain.naour@gmail.com |
---|---|
State | Accepted |
Commit | a75ee0e8124023185f4a05e95b2fcd29fa9449d8 |
Headers | show |
Series | Config.in: security hardening: disable FORTIFY_SOURCE for gcc < 6 | expand |
Romain , On Mon, Nov 5, 2018, 14:07 Romain Naour <romain.naour@gmail.com wrote: > As reported in the bug report [1], gcc < 6 doesn't build when > FORTIFY_SOURCE is set to 1 or 2. The issue is related to the > upstream bug report [2] but the patch fixing the issue for gcc 6 > has not been backported to earlier gcc versions. > > Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1 > and BR2_FORTIFY_SOURCE_2. > Sorry about the HTML email. Could this dependency be conditional on if a internal toolchain is used? > [1] https://bugs.busybox.net/show_bug.cgi?id=11476 > [2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164 > [3] > https://github.com/gcc-mirror/gcc/commit/55f12fce4ccf77513644a247f9c401a5b1fa2402 > > Signed-off-by: Romain Naour <romain.naour@gmail.com> > Cc: Matthew Weber <matthew.weber@rockwellcollins.com> > Cc: Peter Korsgaard <peter@korsgaard.com> > --- > To be backported up to Buildroot 2018.02.x. > --- > Config.in | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/Config.in b/Config.in > index 584a1f087f..6176433fc0 100644 > --- a/Config.in > +++ b/Config.in > @@ -798,6 +798,8 @@ config BR2_FORTIFY_SOURCE_NONE > > config BR2_FORTIFY_SOURCE_1 > bool "Conservative" > + # gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164 > + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_6 > help > This option sets _FORTIFY_SOURCE to 1 and only introduces > checks that shouldn't change the behavior of conforming > @@ -805,6 +807,8 @@ config BR2_FORTIFY_SOURCE_1 > > config BR2_FORTIFY_SOURCE_2 > bool "Aggressive" > + # gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164 > + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_6 > help > This option sets _FORTIFY_SOURCES to 2 and some more > checking is added, but some conforming programs might fail. > -- > 2.14.5 > > <div dir="auto"><div>Romain ,</div><div dir="auto"><br></div><div dir="auto"><br><div dir="auto"><br></div><br><br><div class="gmail_quote" dir="auto"><div dir="ltr">On Mon, Nov 5, 2018, 14:07 Romain Naour <<a href="mailto:romain.naour@gmail.com">romain.naour@gmail.com</a> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">As reported in the bug report [1], gcc < 6 doesn't build when<br> FORTIFY_SOURCE is set to 1 or 2. The issue is related to the<br> upstream bug report [2] but the patch fixing the issue for gcc 6<br> has not been backported to earlier gcc versions.<br> <br> Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1<br> and BR2_FORTIFY_SOURCE_2.<br></blockquote></div></div><div dir="auto"><br></div><div dir="auto">Sorry about the HTML email. </div><div dir="auto"><br></div><div dir="auto">Could this dependency be conditional on if a internal toolchain is used? </div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto"><div class="gmail_quote" dir="auto"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <br> [1] <a href="https://bugs.busybox.net/show_bug.cgi?id=11476" rel="noreferrer noreferrer" target="_blank">https://bugs.busybox.net/show_bug.cgi?id=11476</a><br> [2] <a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164" rel="noreferrer noreferrer" target="_blank">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164</a><br> [3] <a href="https://github.com/gcc-mirror/gcc/commit/55f12fce4ccf77513644a247f9c401a5b1fa2402" rel="noreferrer noreferrer" target="_blank">https://github.com/gcc-mirror/gcc/commit/55f12fce4ccf77513644a247f9c401a5b1fa2402</a><br> <br> Signed-off-by: Romain Naour <<a href="mailto:romain.naour@gmail.com" target="_blank" rel="noreferrer">romain.naour@gmail.com</a>><br> Cc: Matthew Weber <<a href="mailto:matthew.weber@rockwellcollins.com" target="_blank" rel="noreferrer">matthew.weber@rockwellcollins.com</a>><br> Cc: Peter Korsgaard <<a href="mailto:peter@korsgaard.com" target="_blank" rel="noreferrer">peter@korsgaard.com</a>><br> ---<br> To be backported up to Buildroot 2018.02.x.<br> ---<br> Config.in | 4 ++++<br> 1 file changed, 4 insertions(+)<br> <br> diff --git a/Config.in b/Config.in<br> index 584a1f087f..6176433fc0 100644<br> --- a/Config.in<br> +++ b/Config.in<br> @@ -798,6 +798,8 @@ config BR2_FORTIFY_SOURCE_NONE<br> <br> config BR2_FORTIFY_SOURCE_1<br> bool "Conservative"<br> + # gcc bug <a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164" rel="noreferrer noreferrer" target="_blank">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164</a><br> + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_6<br> help<br> This option sets _FORTIFY_SOURCE to 1 and only introduces<br> checks that shouldn't change the behavior of conforming<br> @@ -805,6 +807,8 @@ config BR2_FORTIFY_SOURCE_1<br> <br> config BR2_FORTIFY_SOURCE_2<br> bool "Aggressive"<br> + # gcc bug <a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164" rel="noreferrer noreferrer" target="_blank">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164</a><br> + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_6<br> help<br> This option sets _FORTIFY_SOURCES to 2 and some more<br> checking is added, but some conforming programs might fail.<br> -- <br> 2.14.5<br> <br> </blockquote></div></div></div>
>>>>> "Matthew" == Matthew Weber <matthew.weber@rockwellcollins.com> writes: > Romain , > On Mon, Nov 5, 2018, 14:07 Romain Naour <romain.naour@gmail.com wrote: >> As reported in the bug report [1], gcc < 6 doesn't build when >> FORTIFY_SOURCE is set to 1 or 2. The issue is related to the >> upstream bug report [2] but the patch fixing the issue for gcc 6 >> has not been backported to earlier gcc versions. >> >> Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1 >> and BR2_FORTIFY_SOURCE_2. >> > Sorry about the HTML email. > Could this dependency be conditional on if a internal toolchain is used? Ahh yes, if this is really about *building* gcc, then it should be depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6
Peter/Romain, On Mon, Nov 5, 2018 at 4:17 PM Peter Korsgaard <peter@korsgaard.com> wrote: > > >>>>> "Matthew" == Matthew Weber <matthew.weber@rockwellcollins.com> writes: > > > Romain , > > On Mon, Nov 5, 2018, 14:07 Romain Naour <romain.naour@gmail.com wrote: > > >> As reported in the bug report [1], gcc < 6 doesn't build when > >> FORTIFY_SOURCE is set to 1 or 2. The issue is related to the > >> upstream bug report [2] but the patch fixing the issue for gcc 6 > >> has not been backported to earlier gcc versions. > >> > >> Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1 > >> and BR2_FORTIFY_SOURCE_2. > >> > > > Sorry about the HTML email. > > > Could this dependency be conditional on if a internal toolchain is used? > > Ahh yes, if this is really about *building* gcc, then it should be > > depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6 > Correct. I'll have to dig a bit and see what the minimum supported external toolchain version is. I believe 5.4.x Matt
>>>>> "Romain" == Romain Naour <romain.naour@gmail.com> writes: > As reported in the bug report [1], gcc < 6 doesn't build when > FORTIFY_SOURCE is set to 1 or 2. The issue is related to the > upstream bug report [2] but the patch fixing the issue for gcc 6 > has not been backported to earlier gcc versions. > Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1 > and BR2_FORTIFY_SOURCE_2. > [1] https://bugs.busybox.net/show_bug.cgi?id=11476 > [2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164 > [3] https://github.com/gcc-mirror/gcc/commit/55f12fce4ccf77513644a247f9c401a5b1fa2402 > Signed-off-by: Romain Naour <romain.naour@gmail.com> > Cc: Matthew Weber <matthew.weber@rockwellcollins.com> > Cc: Peter Korsgaard <peter@korsgaard.com> > --- > To be backported up to Buildroot 2018.02.x. Committed after adding the internal toolchain dependency as pointed out by Matthew, thanks.
All, On Mon, Nov 5, 2018 at 4:21 PM Matthew Weber <matthew.weber@rockwellcollins.com> wrote: > > Peter/Romain, > > > On Mon, Nov 5, 2018 at 4:17 PM Peter Korsgaard <peter@korsgaard.com> wrote: > > > > >>>>> "Matthew" == Matthew Weber <matthew.weber@rockwellcollins.com> writes: > > > > > Romain , > > > On Mon, Nov 5, 2018, 14:07 Romain Naour <romain.naour@gmail.com wrote: > > > > >> As reported in the bug report [1], gcc < 6 doesn't build when > > >> FORTIFY_SOURCE is set to 1 or 2. The issue is related to the > > >> upstream bug report [2] but the patch fixing the issue for gcc 6 > > >> has not been backported to earlier gcc versions. > > >> > > >> Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1 > > >> and BR2_FORTIFY_SOURCE_2. > > >> > > > > > Sorry about the HTML email. > > > > > Could this dependency be conditional on if a internal toolchain is used? > > > > Ahh yes, if this is really about *building* gcc, then it should be > > > > depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6 > > > > Correct. I'll have to dig a bit and see what the minimum supported > external toolchain version is. I believe 5.4.x Found an old post.... https://access.redhat.com/blogs/766093/posts/1976213 Looks like the FORTIFY options should work from GCC 4.0+ and is more dependent on GLIBC being new enough (which we won't run into). Macros are supported since GLIBC2.3.4 - http://man7.org/linux/man-pages/man7/feature_test_macros.7.html Matt
Le 06/11/2018 à 13:27, Matthew Weber a écrit : > All, > > On Mon, Nov 5, 2018 at 4:21 PM Matthew Weber > <matthew.weber@rockwellcollins.com> wrote: >> >> Peter/Romain, >> >> >> On Mon, Nov 5, 2018 at 4:17 PM Peter Korsgaard <peter@korsgaard.com> wrote: >>> >>>>>>>> "Matthew" == Matthew Weber <matthew.weber@rockwellcollins.com> writes: >>> >>> > Romain , >>> > On Mon, Nov 5, 2018, 14:07 Romain Naour <romain.naour@gmail.com wrote: >>> >>> >> As reported in the bug report [1], gcc < 6 doesn't build when >>> >> FORTIFY_SOURCE is set to 1 or 2. The issue is related to the >>> >> upstream bug report [2] but the patch fixing the issue for gcc 6 >>> >> has not been backported to earlier gcc versions. >>> >> >>> >> Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1 >>> >> and BR2_FORTIFY_SOURCE_2. >>> >> >>> >>> > Sorry about the HTML email. >>> >>> > Could this dependency be conditional on if a internal toolchain is used? >>> >>> Ahh yes, if this is really about *building* gcc, then it should be >>> >>> depends on !BR2_TOOLCHAIN_BUILDROOT || BR2_TOOLCHAIN_GCC_AT_LEAST_6 >>> >> >> Correct. I'll have to dig a bit and see what the minimum supported >> external toolchain version is. I believe 5.4.x > > Found an old post.... https://access.redhat.com/blogs/766093/posts/1976213 > Looks like the FORTIFY options should work from GCC 4.0+ and is more > dependent on GLIBC being new enough (which we won't run into). > Macros are supported since GLIBC2.3.4 - > http://man7.org/linux/man-pages/man7/feature_test_macros.7.html Maybe it worth to backport this patch? https://github.com/gcc-mirror/gcc/commit/55f12fce4ccf77513644a247f9c401a5b1fa2402 Best regards, Romain > > Matt >
>>>>> "Romain" == Romain Naour <romain.naour@gmail.com> writes: > As reported in the bug report [1], gcc < 6 doesn't build when > FORTIFY_SOURCE is set to 1 or 2. The issue is related to the > upstream bug report [2] but the patch fixing the issue for gcc 6 > has not been backported to earlier gcc versions. > Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1 > and BR2_FORTIFY_SOURCE_2. > [1] https://bugs.busybox.net/show_bug.cgi?id=11476 > [2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164 > [3] https://github.com/gcc-mirror/gcc/commit/55f12fce4ccf77513644a247f9c401a5b1fa2402 > Signed-off-by: Romain Naour <romain.naour@gmail.com> > Cc: Matthew Weber <matthew.weber@rockwellcollins.com> > Cc: Peter Korsgaard <peter@korsgaard.com> > --- > To be backported up to Buildroot 2018.02.x. Committed to 2018.02.x and 2018.08.x, thanks.
diff --git a/Config.in b/Config.in index 584a1f087f..6176433fc0 100644 --- a/Config.in +++ b/Config.in @@ -798,6 +798,8 @@ config BR2_FORTIFY_SOURCE_NONE config BR2_FORTIFY_SOURCE_1 bool "Conservative" + # gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164 + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_6 help This option sets _FORTIFY_SOURCE to 1 and only introduces checks that shouldn't change the behavior of conforming @@ -805,6 +807,8 @@ config BR2_FORTIFY_SOURCE_1 config BR2_FORTIFY_SOURCE_2 bool "Aggressive" + # gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164 + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_6 help This option sets _FORTIFY_SOURCES to 2 and some more checking is added, but some conforming programs might fail.
As reported in the bug report [1], gcc < 6 doesn't build when FORTIFY_SOURCE is set to 1 or 2. The issue is related to the upstream bug report [2] but the patch fixing the issue for gcc 6 has not been backported to earlier gcc versions. Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1 and BR2_FORTIFY_SOURCE_2. [1] https://bugs.busybox.net/show_bug.cgi?id=11476 [2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164 [3] https://github.com/gcc-mirror/gcc/commit/55f12fce4ccf77513644a247f9c401a5b1fa2402 Signed-off-by: Romain Naour <romain.naour@gmail.com> Cc: Matthew Weber <matthew.weber@rockwellcollins.com> Cc: Peter Korsgaard <peter@korsgaard.com> --- To be backported up to Buildroot 2018.02.x. --- Config.in | 4 ++++ 1 file changed, 4 insertions(+)