From patchwork Wed Dec 30 06:43:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Siddhesh Poyarekar X-Patchwork-Id: 1421315 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org; envelope-from=libc-alpha-bounces@sourceware.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=sourceware.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=MFFBB/WB; dkim-atps=neutral Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4D5MG15gFNz9sVl for ; Wed, 30 Dec 2020 17:44:25 +1100 (AEDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id B01DE385481C; Wed, 30 Dec 2020 06:44:19 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org B01DE385481C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1609310659; bh=c/Pq1p/E29Zn3ei6E6Gj0kE1jpOOhjwbe1/vgRJbi/E=; h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=MFFBB/WBq67ksm/uehTT9uktPpP4xHx71POkXYU3gs+SBMgoHwNetqKUmjUpI4RS7 +JwMcLtryT+27ExM/b+9JZbIIEbTuM12iqyEfV/P9wWvN+blxt+tSboMYUSebeXOxf Yyz1wHZUDKZVCCH92rCNv7DYW6CuG49YxeKAH7nY= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from butterfly.birch.relay.mailchannels.net (butterfly.birch.relay.mailchannels.net [23.83.209.27]) by sourceware.org (Postfix) with ESMTPS id 3EB633857805 for ; Wed, 30 Dec 2020 06:44:17 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 3EB633857805 X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 3B1146412B3; Wed, 30 Dec 2020 06:44:16 +0000 (UTC) Received: from pdx1-sub0-mail-a94.g.dreamhost.com (100-105-161-17.trex.outbound.svc.cluster.local [100.105.161.17]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 8C9D1640C79; Wed, 30 Dec 2020 06:44:15 +0000 (UTC) X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from pdx1-sub0-mail-a94.g.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:2500 (trex/5.18.11); Wed, 30 Dec 2020 06:44:16 +0000 X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Imminent-Grain: 44aba8971e97d35a_1609310655850_1298716767 X-MC-Loop-Signature: 1609310655850:3187140790 X-MC-Ingress-Time: 1609310655849 Received: from pdx1-sub0-mail-a94.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a94.g.dreamhost.com (Postfix) with ESMTP id 3641180026; Tue, 29 Dec 2020 22:44:15 -0800 (PST) Received: from rhbox.intra.reserved-bit.com (unknown [1.186.101.110]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a94.g.dreamhost.com (Postfix) with ESMTPSA id D0F1A7F8F4; Tue, 29 Dec 2020 22:44:12 -0800 (PST) X-DH-BACKEND: pdx1-sub0-mail-a94 To: libc-alpha@sourceware.org Subject: [PATCH v7 1/4] Warn on unsupported fortification levels Date: Wed, 30 Dec 2020 12:13:45 +0530 Message-Id: <20201230064348.376092-2-siddhesh@sourceware.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20201230064348.376092-1-siddhesh@sourceware.org> References: <20201230064348.376092-1-siddhesh@sourceware.org> MIME-Version: 1.0 X-Spam-Status: No, score=-9.0 required=5.0 tests=BAYES_00, GIT_PATCH_0, JMQ_SPF_NEUTRAL, KAM_DMARC_NONE, KAM_DMARC_STATUS, RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NEUTRAL, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Siddhesh Poyarekar via Libc-alpha From: Siddhesh Poyarekar Reply-To: Siddhesh Poyarekar Cc: fweimer@redhat.com, jakub@redhat.com Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" Make the _FORTIFY_SOURCE macro soup in features.h warn about unsupported fortification levels. For example, it will warn about _FORTIFY_SOURCE=3 and over with an indication of which level has been selected. Co-authored-by: Paul Eggert Reviewed-by: Adhemerval Zanella --- NEWS | 6 ++++++ include/features.h | 3 +++ manual/creature.texi | 3 ++- 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 86e05fb023..8e02dbd0f7 100644 --- a/NEWS +++ b/NEWS @@ -28,6 +28,12 @@ Major new features: The 32-bit RISC-V port requires at least Linux 5.4, GCC 7.1 and binutils 2.28. +* A new fortification level _FORTIFY_SOURCE=3 is available. At this level, + glibc may use additional checks that may have an additional performance + overhead. At present these checks are available only on LLVM 9 and later. + The latest GCC available at this time (10.2) does not support this level of + fortification. + Deprecated and removed features, and other changes affecting compatibility: * The mallinfo function is marked deprecated. Callers should call diff --git a/include/features.h b/include/features.h index f3e62d3362..540230b90b 100644 --- a/include/features.h +++ b/include/features.h @@ -398,6 +398,9 @@ # elif !__GNUC_PREREQ (4, 1) # warning _FORTIFY_SOURCE requires GCC 4.1 or later # elif _FORTIFY_SOURCE > 1 +# if _FORTIFY_SOURCE > 2 +# warning _FORTIFY_SOURCE > 2 is treated like 2 on this platform +# endif # define __USE_FORTIFY_LEVEL 2 # else # define __USE_FORTIFY_LEVEL 1 diff --git a/manual/creature.texi b/manual/creature.texi index be5050468b..31208ccb2b 100644 --- a/manual/creature.texi +++ b/manual/creature.texi @@ -254,7 +254,8 @@ included. @standards{GNU, (none)} If this macro is defined to @math{1}, security hardening is added to various library functions. If defined to @math{2}, even stricter -checks are applied. +checks are applied. If defined to @math{3}, @theglibc{} may also use +checks that may have an additional performance overhead. @end defvr @defvr Macro _REENTRANT