On Thu, Nov 16, 2023 at 03:51:22PM -0500, Marek Polacek wrote:
> Thanks, that's a good point. In this version I've added a target hook.
>
> On my system, -D_FORTIFY_SOURCE=3 will be used, and if I remove
> linux_fortify_source_default_level it's =2 as expected.
>
> The only problem was that it doesn't seem to be possible to use
> targetm. in opts.cc -- I get an undefined reference. But since
> the opts.cc use is for --help only, it's not a big deal either way.
>
> Bootstrapped/regtested on x86_64-pc-linux-gnu, ok for trunk?
>
> -- >8 --
> In <https://gcc.gnu.org/pipermail/gcc-patches/2023-August/628748.html>
> I proposed -fhardened, a new umbrella option that enables a reasonable set
> of hardening flags. The read of the room seems to be that the option
> would be useful. So here's a patch implementing that option.
>
> Currently, -fhardened enables:
>
> -D_FORTIFY_SOURCE=3 (or =2 for older glibcs)
> -D_GLIBCXX_ASSERTIONS
> -ftrivial-auto-var-init=zero
> -fPIE -pie -Wl,-z,relro,-z,now
> -fstack-protector-strong
> -fstack-clash-protection
> -fcf-protection=full (x86 GNU/Linux only)
>
> -fhardened will not override options that were specified on the command line
> (before or after -fhardened). For example,
>
> -D_FORTIFY_SOURCE=1 -fhardened
>
> means that _FORTIFY_SOURCE=1 will be used. Similarly,
>
> -fhardened -fstack-protector
>
> will not enable -fstack-protector-strong.
>
> Currently, -fhardened is only supported on GNU/Linux.
>
> In DW_AT_producer it is reflected only as -fhardened; it doesn't expand
> to anything. This patch provides -Whardened, enabled by default, which
> warns when -fhardened couldn't enable a particular option. I think most
> often it will say that _FORTIFY_SOURCE wasn't enabled because optimization
> were not enabled.
>
> gcc/c-family/ChangeLog:
>
> * c-opts.cc: Include "target.h".
> (c_finish_options): Maybe cpp_define _FORTIFY_SOURCE
> and _GLIBCXX_ASSERTIONS.
>
> gcc/ChangeLog:
>
> * common.opt (Whardened, fhardened): New options.
> * config.in: Regenerate.
> * config/bpf/bpf.cc: Include "opts.h".
> (bpf_option_override): If flag_stack_protector_set_by_fhardened_p, do
> not inform that -fstack-protector does not work.
> * config/i386/i386-options.cc (ix86_option_override_internal): When
> -fhardened, maybe enable -fcf-protection=full.
> * config/linux-protos.h (linux_fortify_source_default_level): Declare.
> * config/linux.cc (linux_fortify_source_default_level): New.
> * config/linux.h (TARGET_FORTIFY_SOURCE_DEFAULT_LEVEL): Redefine.
> * configure: Regenerate.
> * configure.ac: Check if the linker supports '-z now' and '-z relro'.
> Check if -fhardened is supported on $target_os.
> * doc/invoke.texi: Document -fhardened and -Whardened.
> * doc/tm.texi: Regenerate.
> * doc/tm.texi.in (TARGET_FORTIFY_SOURCE_DEFAULT_LEVEL): Add.
> * gcc.cc (driver_handle_option): Remember if any link options or -static
> were specified on the command line.
> (process_command): When -fhardened, maybe enable -pie and
> -Wl,-z,relro,-z,now.
> * opts.cc (flag_stack_protector_set_by_fhardened_p): New global.
> (finish_options): When -fhardened, enable
> -ftrivial-auto-var-init=zero and -fstack-protector-strong.
> (print_help_hardened): New.
> (print_help): Call it.
> * target.def (fortify_source_default_level): New target hook.
> * targhooks.cc (default_fortify_source_default_level): New.
> * targhooks.h (default_fortify_source_default_level): Declare.
> * toplev.cc (process_options): When -fhardened, enable
> -fstack-clash-protection. If flag_stack_protector_set_by_fhardened_p,
> do not warn that -fstack-protector not supported for this target.
> Don't enable -fhardened when !HAVE_FHARDENED_SUPPORT.
>
> gcc/testsuite/ChangeLog:
>
> * gcc.misc-tests/help.exp: Test -fhardened.
> * c-c++-common/fhardened-1.S: New test.
> * c-c++-common/fhardened-1.c: New test.
> * c-c++-common/fhardened-10.c: New test.
> * c-c++-common/fhardened-11.c: New test.
> * c-c++-common/fhardened-12.c: New test.
> * c-c++-common/fhardened-13.c: New test.
> * c-c++-common/fhardened-14.c: New test.
> * c-c++-common/fhardened-15.c: New test.
> * c-c++-common/fhardened-2.c: New test.
> * c-c++-common/fhardened-3.c: New test.
> * c-c++-common/fhardened-4.c: New test.
> * c-c++-common/fhardened-5.c: New test.
> * c-c++-common/fhardened-6.c: New test.
> * c-c++-common/fhardened-7.c: New test.
> * c-c++-common/fhardened-8.c: New test.
> * c-c++-common/fhardened-9.c: New test.
> * gcc.target/i386/cf_check-6.c: New test.
LGTM.
Jakub
