-
Notifications
You must be signed in to change notification settings - Fork 730
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Build with binary hardening flags when available #108
Conversation
This all looks pretty nice (rebased and pushed to harden-workinprogress), except the linking step fails on Debian/Ubuntu (with system skalibs) with: /usr/bin/ld: /usr/lib/skalibs/lib/libstddjb.a(selfpipe.o): relocation R_X86_64_32S against `.text' can not be used when making a shared object; recompile with -fPIC |
Good catch! The bug is simple enough: It seems that Debian and Ubuntu really don't want us bundling libstddjb. I don't think we should push the So instead I added a thin layer which lets Mosh bypass selfpipe on platforms with I pushed this commit on my |
There is no way to make clang's "argument unused" warning fatal. Ideally the search string would also include 'clang: ' but this output might depend on clang's argv[0].
clang was spewing warnings about the unrecognized -fno-default-inline. (Oddly, it warns only with -c, not when compiling directly to an executable.) For completeness we also check -pipe, even though clang is OK with that one. It should be fine to omit either flag. gcc -fno-default-inline drops the implicit 'inline' annotation on functions defined inside a class scope, but 'inline' is only a hint anyway. -fno-default-inline does not change linkage. -pipe is merely a compile speed optimization.
clang on OS X wants the former. c.f. http://bugs.ruby-lang.org/issues/5697
configure's linker flag check also compiles a C++ program. g++ -pie informs both the compiler and linker, but clang++ -Wl,-pie is only a linker flag, and the linker will complain that the code hasn't been compiled as position-independent.
selfpipe already does a fine job of interfacing to signalfd. But Debian and Ubuntu want us to depend on the skalibs-dev package rather than build libstddjb ourselves. That would be fine except that skalibs-dev has static libraries only, and they aren't built with -fPIC. This interferes with building mosh-{client,server} as position-independent executables, which is a desirable security measure. So we have our own wrapper, which invokes either signalfd or selfpipe. And we build it ourselves with our own flags, because it's part of the Mosh project proper.
Detect and use available binary hardening flags for the compiler and linker. Closes #79.
Since we have the infrastructure for it, we also detect
-fno-default-inline
and-pipe
. The former had been causingclang
warning spew.An open question is whether we're okay with a 30% performance hit on the slowest netbooks. (By contrast, a much more capable machine sees only a 2% slowdown.) See benchmark results on #79; we can gather more data if necessary.