Build with binary hardening flags when available #108
Conversation
|
This all looks pretty nice (rebased and pushed to harden-workinprogress), except the linking step fails on Debian/Ubuntu (with system skalibs) with: /usr/bin/ld: /usr/lib/skalibs/lib/libstddjb.a(selfpipe.o): relocation R_X86_64_32S against `.text' can not be used when making a shared object; recompile with -fPIC |
|
Good catch! The bug is simple enough: It seems that Debian and Ubuntu really don't want us bundling libstddjb. I don't think we should push the So instead I added a thin layer which lets Mosh bypass selfpipe on platforms with I pushed this commit on my |
There is no way to make clang's "argument unused" warning fatal. Ideally the search string would also include 'clang: ' but this output might depend on clang's argv[0].
clang was spewing warnings about the unrecognized -fno-default-inline. (Oddly, it warns only with -c, not when compiling directly to an executable.) For completeness we also check -pipe, even though clang is OK with that one. It should be fine to omit either flag. gcc -fno-default-inline drops the implicit 'inline' annotation on functions defined inside a class scope, but 'inline' is only a hint anyway. -fno-default-inline does not change linkage. -pipe is merely a compile speed optimization.
clang on OS X wants the former. c.f. http://bugs.ruby-lang.org/issues/5697
configure's linker flag check also compiles a C++ program. g++ -pie informs both the compiler and linker, but clang++ -Wl,-pie is only a linker flag, and the linker will complain that the code hasn't been compiled as position-independent.
selfpipe already does a fine job of interfacing to signalfd. But Debian and
Ubuntu want us to depend on the skalibs-dev package rather than build libstddjb
ourselves. That would be fine except that skalibs-dev has static libraries
only, and they aren't built with -fPIC. This interferes with building
mosh-{client,server} as position-independent executables, which is a desirable
security measure.
So we have our own wrapper, which invokes either signalfd or selfpipe. And we
build it ourselves with our own flags, because it's part of the Mosh project
proper.
Detect and use available binary hardening flags for the compiler and linker. Closes #79.
Since we have the infrastructure for it, we also detect
-fno-default-inlineand-pipe. The former had been causingclangwarning spew.An open question is whether we're okay with a 30% performance hit on the slowest netbooks. (By contrast, a much more capable machine sees only a 2% slowdown.) See benchmark results on #79; we can gather more data if necessary.