SERVER-23910 Add support for building with -fstack-protector-strong

author: Andrew Morrow <acm@mongodb.com> 2015-10-30 11:17:10 -0400
committer: Andrew Morrow <acm@mongodb.com> 2016-06-02 11:24:53 -0400
commit: 18fe193474d30988f7bd0f85d3f2a86d662e46d9 (patch)
tree: 58a1b29c08d073a3dd71a760511e09775973396c
parent: fa477177acae2cd372c5703d36a7f80d26cd6a40 (diff)
download: mongo-18fe193474d30988f7bd0f85d3f2a86d662e46d9.tar.gz
1 files changed, 43 insertions, 6 deletions
diff --git a/SConstruct b/SConstruct
index f8593e47d00..be4a701dcf4 100644
--- a/SConstruct
+++ b/SConstruct
@@ -1494,12 +1494,6 @@ if env.TargetOSIs('posix'):
     else:
         env.Append( CCFLAGS=["-O0"] )
 
-    if debugBuild:
-        if not optBuild:
-            env.Append( CCFLAGS=["-fstack-protector"] )
-            env.Append( LINKFLAGS=["-fstack-protector"] )
-            env.Append( SHLINKFLAGS=["-fstack-protector"] )
-
 mmapv1 = False
 if get_option('mmapv1') == 'auto':
     # The mmapv1 storage engine is only supported on x86
@@ -1804,6 +1798,49 @@ def doConfigure(myenv):
         # see: http://stackoverflow.com/questions/21755206/how-to-get-around-gcc-void-b-4-may-be-used-uninitialized-in-this-funct
         AddToCXXFLAGSIfSupported(myenv, "-Wno-maybe-uninitialized")
 
+    if get_option('runtime-hardening') == "on":
+        # Clang honors these flags, but doesn't actually do anything with them for compatibility, so we
+        # need to only do this for GCC. On clang, we do things differently. Note that we need to add
+        # these to the LINKFLAGS as well, since otherwise we might not link libssp when we need to (see
+        # SERVER-12456).
+        if myenv.ToolchainIs('gcc'):
+            if AddToCCFLAGSIfSupported(myenv, '-fstack-protector-strong'):
+                myenv.Append(
+                    LINKFLAGS=[
+                        '-fstack-protector-strong',
+                    ]
+                )
+            elif AddToCCFLAGSIfSupported(myenv, '-fstack-protector-all'):
+                myenv.Append(
+                    LINKFLAGS=[
+                        '-fstack-protector-all',
+                    ]
+                )
+        elif myenv.ToolchainIs('clang'):
+            # TODO: Clang stack hardening. There are several interesting
+            # things to try here, but they each have consequences we need
+            # to investigate.
+            #
+            # - fsanitize=bounds: This does static bounds checking. We can
+            #   probably turn this on along with fsanitize-trap so that we
+            #   don't depend on the ASAN runtime.
+            #
+            # - fsanitize=safestack: This looks very interesting, and is
+            #   probably what we want. However there are a few problems:
+            #
+            #   - It relies on having the RT library available, and it is
+            #     unclear whether we can ship binaries that depend on
+            #     that.
+            #
+            #   - It is incompatible with a shared object build.
+            #
+            #   - It may not work with SpiderMonkey due to needing to
+            #     inform the GC about the stacks so that mark-sweep
+            #
+            # - fsanitize=cfi: Again, very interesting, however it
+            #   requires LTO builds.
+            pass
+
     # Check if we need to disable null-conversion warnings
     if myenv.ToolchainIs('clang'):
         def CheckNullConversion(context):
author	Andrew Morrow <acm@mongodb.com>	2015-10-30 11:17:10 -0400
committer	Andrew Morrow <acm@mongodb.com>	2016-06-02 11:24:53 -0400
commit	18fe193474d30988f7bd0f85d3f2a86d662e46d9 (patch)
tree	58a1b29c08d073a3dd71a760511e09775973396c
parent	fa477177acae2cd372c5703d36a7f80d26cd6a40 (diff)
download	mongo-18fe193474d30988f7bd0f85d3f2a86d662e46d9.tar.gz