depends: harden libevent #27118
Merged
depends: harden libevent #27118
+1
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
e8cb6e6 to
778e34e
Compare
|
Changed the approach here, from using libevents own hardening option (might send some fixes upstream), and a patch, to just using |
|
Do you have a before/after count for hardened functions? |
Using GCC 13 and glibc 2.37 (with only this branch): # master
nm -C src/bitcoind | grep _chk
U __fprintf_chk@GLIBC_2.17
U __memcpy_chk@GLIBC_2.17
U __snprintf_chk@GLIBC_2.17
U __stack_chk_fail@GLIBC_2.17
U __stack_chk_guard@GLIBC_2.17
U __vsnprintf_chk@GLIBC_2.17
objdump -d src/bitcoind | grep "_chk@plt" | wc -l
32
# this branch
nm -C src/bitcoind | grep _chk
U __fdelt_chk@GLIBC_2.17
U __fprintf_chk@GLIBC_2.17
U __memcpy_chk@GLIBC_2.17
U __memmove_chk@GLIBC_2.17
U __memset_chk@GLIBC_2.17
U __snprintf_chk@GLIBC_2.17
U __stack_chk_fail@GLIBC_2.17
U __stack_chk_guard@GLIBC_2.17
U __vsnprintf_chk@GLIBC_2.17
objdump -d src/bitcoind | grep "_chk@plt" | wc -l
54If I combine with our own use of FORTIFY_SOURCE=3: nm -C src/bitcoind | grep _chk
U __fdelt_chk@GLIBC_2.17
U __fprintf_chk@GLIBC_2.17
U __memcpy_chk@GLIBC_2.17
U __memmove_chk@GLIBC_2.17
U __memset_chk@GLIBC_2.17
U __snprintf_chk@GLIBC_2.17
U __stack_chk_fail@GLIBC_2.17
U __stack_chk_guard@GLIBC_2.17
U __vsnprintf_chk@GLIBC_2.17
objdump -d src/bitcoind | grep "_chk@plt" | wc -l
81 |
I changed the approach because I don't want us to use the gcc-hardening option. |
778e34e to
ff4a73a
Compare
|
Rebased on top of #27027. |
|
ACK ff4a73a |
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this pull request
Feb 28, 2023
ff4a73a depends: use FORTIFY_SOURCE=3 with libevent (fanquake) Pull request description: Use `FORTIFY_SOURCE=3` when building libevent in depends. I've upstreamed a change to switch libevent from using =2 to =3 as well: libevent/libevent#1418. Solves half of bitcoin#27038, by giving us some fortified funcs in `bitcoin-cli`. ACKs for top commit: TheCharlatan: ACK ff4a73a Tree-SHA512: eaf692ec92b288f0cb524c011fc81529f58efa4c43d418a7b3ae7108eba2bccba708a81a28ac6d063267be80ca615637c6e3fccc02497d7367af2eaae0e8d812
|
This PR introduced a regression when building with depends and disabled hardening: |
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Apr 3, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Annoyingly, because of the way we link libssp for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with --disable-hardening. See: bitcoin#27118 (comment).
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Apr 3, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Annoyingly, because of the way we link libssp for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with --disable-hardening. See: bitcoin#27118 (comment).
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Apr 3, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Annoyingly, because of the way we link libssp for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with --disable-hardening. See: bitcoin#27118 (comment).
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Apr 3, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Annoyingly, because of the way we link libssp for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with --disable-hardening. See: bitcoin#27118 (comment).
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Apr 3, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Annoyingly, because of the way we link libssp for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with --disable-hardening. See: bitcoin#27118 (comment).
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Apr 3, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Due to the way we link libssp for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with --disable-hardening. See: bitcoin#27118 (comment). This change would add a depends opiton such that, if someone wants to build with, for windows, without hardening, they can do so. This may also be useful when building for debugging.
Followup for discussion in 27406. |
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Apr 4, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Due to the way we link libssp for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with --disable-hardening. See: bitcoin#27118 (comment). This change would add a depends opiton such that, if someone wants to build with, for windows, without hardening, they can do so. This may also be useful when building for debugging.
fanquake
added a commit
to bitcoin-core/gui
that referenced
this pull request
Apr 5, 2023
436df1e depends: add NO_HARDEN option (fanquake) Pull request description: Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Due to the way we link `libssp` for Windows builds, they now fail (after #27118), if building with depends, and configuring with `--disable-hardening` (Windows is the odd build out here). See: bitcoin/bitcoin#27118 (comment). This change would add a depends option such that, if someone wants to build with depends, for Windows, without hardening, they can do so. This may also be useful when building for debugging. ACKs for top commit: hebasto: re-ACK 436df1e Tree-SHA512: 5a3ef5ec87b10a5ad0a284201988ce94789451735c7c7e20d337f7232955b0b9a0addab1c3b5725755f00d8ce6741aa9c8cb5e3d48d926515b7dde46acdbcaa0
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this pull request
Apr 5, 2023
436df1e depends: add NO_HARDEN option (fanquake) Pull request description: Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Due to the way we link `libssp` for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with `--disable-hardening` (Windows is the odd build out here). See: bitcoin#27118 (comment). This change would add a depends option such that, if someone wants to build with depends, for Windows, without hardening, they can do so. This may also be useful when building for debugging. ACKs for top commit: hebasto: re-ACK 436df1e Tree-SHA512: 5a3ef5ec87b10a5ad0a284201988ce94789451735c7c7e20d337f7232955b0b9a0addab1c3b5725755f00d8ce6741aa9c8cb5e3d48d926515b7dde46acdbcaa0
marcosptf
pushed a commit
to marcosptf/bitcoin-labs
that referenced
this pull request
Apr 9, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Due to the way we link libssp for Windows builds, they now fail (after #27118), if building with depends, and configuring with --disable-hardening. See: bitcoin/bitcoin#27118 (comment). This change would add a depends opiton such that, if someone wants to build with, for windows, without hardening, they can do so. This may also be useful when building for debugging.
willcl-ark
pushed a commit
to willcl-ark/bitcoin
that referenced
this pull request
Apr 18, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Due to the way we link libssp for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with --disable-hardening. See: bitcoin#27118 (comment). This change would add a depends opiton such that, if someone wants to build with, for windows, without hardening, they can do so. This may also be useful when building for debugging.
RandyMcMillan
pushed a commit
to RandyMcMillan/bitcoin
that referenced
this pull request
May 27, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Due to the way we link libssp for Windows builds, they now fail (after bitcoin#27118), if building with depends, and configuring with --disable-hardening. See: bitcoin#27118 (comment). This change would add a depends opiton such that, if someone wants to build with, for windows, without hardening, they can do so. This may also be useful when building for debugging.
janus
pushed a commit
to BitgesellOfficial/bitgesell
that referenced
this pull request
Sep 3, 2023
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Due to the way we link libssp for Windows builds, they now fail (after #27118), if building with depends, and configuring with --disable-hardening. See: bitcoin/bitcoin#27118 (comment). This change would add a depends opiton such that, if someone wants to build with, for windows, without hardening, they can do so. This may also be useful when building for debugging.
backpacker69
pushed a commit
to peercoin/peercoin
that referenced
this pull request
Mar 5, 2024
Add an option that when passed, will disable hardening options, and pass `--disable-hardening` through to configure. Due to the way we link libssp for Windows builds, they now fail (after #27118), if building with depends, and configuring with --disable-hardening. See: bitcoin/bitcoin#27118 (comment). This change would add a depends opiton such that, if someone wants to build with, for windows, without hardening, they can do so. This may also be useful when building for debugging.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Use
FORTIFY_SOURCE=3when building libevent in depends. I've upstreamed a change to switch libevent from using =2 to =3 as well: libevent/libevent#1418.Solves half of #27038, by giving us some fortified funcs in
bitcoin-cli.