Bug 1418052 Correctly process hardening flags for ASAN, --disable-hardening, and --disable-optimize r?glandium,decoder
Will also address
Bug 1377553 and part of
Bug 1419607
MozReview-Commit-ID: AUCqBxEGpAl
--- a/build/autoconf/sanitize.m4
+++ b/build/autoconf/sanitize.m4
@@ -2,20 +2,16 @@ dnl This Source Code Form is subject to
dnl License, v. 2.0. If a copy of the MPL was not distributed with this
dnl file, You can obtain one at http://mozilla.org/MPL/2.0/.
AC_DEFUN([MOZ_CONFIG_SANITIZE], [
dnl ========================================================
dnl = Use Address Sanitizer
dnl ========================================================
-MOZ_ARG_ENABLE_BOOL(address-sanitizer,
-[ --enable-address-sanitizer Enable Address Sanitizer (default=no)],
- MOZ_ASAN=1,
- MOZ_ASAN= )
if test -n "$MOZ_ASAN"; then
MOZ_LLVM_HACKS=1
if test -n "$CLANG_CL"; then
# Look for the ASan runtime binary
if test "$CPU_ARCH" = "x86_64"; then
MOZ_CLANG_RT_ASAN_LIB=clang_rt.asan_dynamic-x86_64.dll
else
MOZ_CLANG_RT_ASAN_LIB=clang_rt.asan_dynamic-i386.dll
--- a/build/moz.configure/old.configure
+++ b/build/moz.configure/old.configure
@@ -165,17 +165,16 @@ def old_configure_options(*options):
return depends(prepare_configure, extra_old_configure_args, all_options,
*options)
@old_configure_options(
'--cache-file',
'--datadir',
'--enable-accessibility',
- '--enable-address-sanitizer',
'--enable-alsa',
'--enable-bundled-fonts',
'--enable-content-sandbox',
'--enable-cookies',
'--enable-cpp-rtti',
'--enable-crashreporter',
'--enable-dbus',
'--enable-debug-js-modules',
--- a/build/moz.configure/toolchain.configure
+++ b/build/moz.configure/toolchain.configure
@@ -1292,29 +1292,75 @@ include('windows.configure', when=is_win
fxc = check_prog('FXC', ('fxc.exe', 'fxc2.exe'), when=depends(target)
(lambda t: t.kernel == 'WINNT'))
wine = check_prog('WINE', ['wine'], when=depends(target, host)
(lambda t, h: t.kernel == 'WINNT' and h.kernel == 'Linux'))
# Security Hardening
# ==============================================================
+js_option('--enable-address-sanitizer', help='Enable Address Sanitizer')
+
+
+@depends_if('--enable-address-sanitizer')
+def asan(value):
+ return True
+
+
+add_old_configure_assignment('MOZ_ASAN', asan)
+
+
option('--enable-hardening', env='MOZ_SECURITY_HARDENING',
help='Enables security hardening compiler options')
-@depends('--enable-hardening', c_compiler)
-def security_hardening_cflags(value, c_compiler):
- if value and c_compiler.type in ['gcc', 'clang']:
- return '-fstack-protector-strong'
+@depends('--enable-hardening', '--enable-address-sanitizer',
+ '--enable-optimize', c_compiler, target)
+def security_hardening_cflags(hardening_flag, asan, optimize, c_compiler, target):
+ compiler_is_gccish = c_compiler.type in ('gcc', 'clang')
+
+ flags = []
+ js_flags = []
+
+ # FORTIFY_SOURCE ------------------------------------
+ # If hardening is explicitly enabled, or not explicitly disabled
+ if hardening_flag.origin == "default" or hardening_flag:
+ # Require optimization for FORTIFY_SOURCE. See Bug 1417452
+ # Also, undefine it before defining it just in case a distro adds it, see Bug 1418398
+ if compiler_is_gccish and optimize and not asan:
+ # Don't enable FORTIFY_SOURCE on Android on the top-level, but do enable in js/
+ if target.os != 'Android':
+ flags.append("-U_FORTIFY_SOURCE")
+ flags.append("-D_FORTIFY_SOURCE=2")
+ js_flags.append("-U_FORTIFY_SOURCE")
+ js_flags.append("-D_FORTIFY_SOURCE=2")
+
+ # If ASAN _is_ on, undefine FOTIFY_SOURCE just to be safe
+ if asan:
+ flags.append("-U_FORTIFY_SOURCE")
+ js_flags.append("-U_FORTIFY_SOURCE")
+
+ # fstack-protector ------------------------------------
+ # Enable only if --enable-hardening is passed and ASAN is
+ # not on as ASAN will catch the crashes for us
+ if hardening_flag and compiler_is_gccish and not asan:
+ flags.append("-fstack-protector-strong")
+
+ return namespace(
+ flags=flags,
+ js_flags=js_flags,
+ )
-add_old_configure_assignment('HARDENING_CFLAGS', security_hardening_cflags)
+add_old_configure_assignment('MOZ_HARDENING_CFLAGS', security_hardening_cflags.flags)
+add_old_configure_assignment('MOZ_HARDENING_CFLAGS_JS', security_hardening_cflags.js_flags)
imply_option('--enable-pie', depends_if('--enable-hardening')(lambda v: v))
+# ==============================================================
+
option(env='RUSTFLAGS',
nargs=1,
help='Rust compiler flags')
set_config('RUSTFLAGS', depends('RUSTFLAGS')(lambda flags: flags))
imply_option('--enable-release', mozilla_official)
imply_option('--enable-release', depends_if('MOZ_AUTOMATION')(lambda x: True))
--- a/js/src/old-configure.in
+++ b/js/src/old-configure.in
@@ -542,33 +542,22 @@ case "$host" in
HOST_CFLAGS="$HOST_CFLAGS -DXP_UNIX"
HOST_OPTIMIZE_FLAGS="${HOST_OPTIMIZE_FLAGS=-O2}"
;;
esac
MOZ_DOING_LTO(lto_is_enabled)
dnl ========================================================
-dnl Add optional and non-optional hardening flags
+dnl Add optional and non-optional hardening flags from toolchain.configure
dnl ========================================================
-dnl In at least glibc-2.25, _FORTIFY_SOURCE requires compiling
-dnl with optimization (Bug 1417452)
-
-dnl Note that in the top-level old-configure.in, we don't enable
-dnl FORTIFY_SOURCE on Android. But in js/ we *can* enable it on
-dnl Android, so we do.
-
-if test -n "$MOZ_OPTIMIZE"; then
- if test "$GNU_CC" -o -n "${CLANG_CC}${CLANG_CL}"; then
- CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
- CPPFLAGS="$CPPFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
- CXXFLAGS="$CXXFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
- fi
-fi
+CFLAGS="$CFLAGS $MOZ_HARDENING_CFLAGS_JS"
+CPPFLAGS="$CPPFLAGS $MOZ_HARDENING_CFLAGS_JS"
+CXXFLAGS="$CXXFLAGS $MOZ_HARDENING_CFLAGS_JS"
dnl ========================================================
dnl System overrides of the defaults for target
dnl ========================================================
case "$target" in
*-darwin*)
MKSHLIB='$(CXX) $(COMPUTED_CXX_LDFLAGS) $(PGO_CFLAGS) $(DSO_PIC_CFLAGS) $(DSO_LDOPTS) -o $@'
--- a/old-configure.in
+++ b/old-configure.in
@@ -503,38 +503,20 @@ fi
if test -n "$COMPILE_ENVIRONMENT"; then
MOZ_CONFIG_SANITIZE
fi
dnl ========================================================
dnl Add optional and non-optional hardening flags
dnl ========================================================
-CFLAGS="$CFLAGS $HARDENING_CFLAGS"
-CPPFLAGS="$CPPFLAGS $HARDENING_CFLAGS"
-CXXFLAGS="$CXXFLAGS $HARDENING_CFLAGS"
-
-dnl In at least glibc-2.25, _FORTIFY_SOURCE requires compiling
-dnl with optimization (Bug 1417452)
-if test -n "$MOZ_OPTIMIZE"; then
- if test "$GNU_CC" -o -n "${CLANG_CC}${CLANG_CL}"; then
- case $OS_TARGET in
- Android)
- dnl FORTIFY_SOURCE is not supported on Android on the
- dnl top-level old-configure.in at this time.
- dnl See Bug 1415595
- ;;
- *)
- CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
- CPPFLAGS="$CPPFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
- CXXFLAGS="$CXXFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
- ;;
- esac
- fi
-fi
+
+CFLAGS="$CFLAGS $MOZ_HARDENING_CFLAGS"
+CPPFLAGS="$CPPFLAGS $MOZ_HARDENING_CFLAGS"
+CXXFLAGS="$CXXFLAGS $MOZ_HARDENING_CFLAGS"
dnl ========================================================
dnl GNU specific defaults
dnl ========================================================
if test "$GNU_CC"; then
MMX_FLAGS="-mmmx"
SSE_FLAGS="-msse"
SSE2_FLAGS="-msse2"