Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consider applying -Wl,-z,relro or -Wl,-z,relro,-z,now by default #29877

Closed
brson opened this issue Nov 16, 2015 · 9 comments
Closed

Consider applying -Wl,-z,relro or -Wl,-z,relro,-z,now by default #29877

brson opened this issue Nov 16, 2015 · 9 comments
Labels
A-linkage Area: linking into static, shared libraries and binaries C-enhancement Category: An issue proposing an enhancement or a PR with one. P-low Low priority

Comments

@brson
Copy link
Contributor

brson commented Nov 16, 2015

These are some options that Debian applies, and that @gus wants to apply to all Rust code. Generally, Rust likes to harden things by default when there are no obvious disadvantages. Is it feasible that we might just use these by default?

@brson brson added the A-linkage Area: linking into static, shared libraries and binaries label Nov 16, 2015
@gus
Copy link

gus commented Nov 16, 2015

Sounds cool, but I didn't ask for that, @brson :)

Cheers,
Gus

@brson
Copy link
Contributor Author

brson commented Nov 17, 2015

Oops, wrong @gus. Sorry! Strong beard though.

@gus
Copy link

gus commented Nov 17, 2015

;)

On Mon, Nov 16, 2015, 20:55 Brian Anderson notifications@github.com wrote:

Oops, wrong @gus https://github.com/gus. Sorry! Strong beard though.


Reply to this email directly or view it on GitHub
#29877 (comment).

@genodeftest
Copy link
Contributor

genodeftest commented Dec 8, 2015

There is something similiar on Fedora: Change: Harden all packages

@brson brson added the P-low Low priority label May 4, 2017
@nagisa
Copy link
Member

nagisa commented May 4, 2017

Downside is that not every alternative linker out there might support the flags.

@brson brson added the C-enhancement Category: An issue proposing an enhancement or a PR with one. label May 4, 2017
@brson
Copy link
Contributor Author

brson commented May 4, 2017

@alexcrichton do recall if we've done anything here? I don't see 'relro' in the source.

@alexcrichton
Copy link
Member

alexcrichton commented May 4, 2017

No I don't believe we ever implemented this, but would be good to do so!

@alexcrichton
Copy link
Member

alexcrichton commented May 4, 2017

er didn't mean to close

@cuviper
Copy link
Member

cuviper commented May 4, 2017

FWIW, I also apply -Clink-arg=-Wl,-z,relro,-z,now in Fedora.

kyrias added a commit to kyrias/rust that referenced this issue Jul 11, 2017
This commit adds support for full RELRO, and enables it for the
platforms I know have support for it.

Full RELRO makes the PLT+GOT data read-only on startup, preventing it
from being overwritten.

http://tk-blog.blogspot.com/2009/02/relro-not-so-well-known-memory.html

Fixes rust-lang#29877.

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
kyrias added a commit to kyrias/rust that referenced this issue Jul 11, 2017
This commit adds support for full RELRO, and enables it for the
platforms I know have support for it.

Full RELRO makes the PLT+GOT data read-only on startup, preventing it
from being overwritten.

http://tk-blog.blogspot.com/2009/02/relro-not-so-well-known-memory.html

Fixes rust-lang#29877.

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
bors added a commit that referenced this issue Jul 19, 2017
Add support for full RELRO

This commit adds support for full RELRO, and enables it for the
platforms I know have support for it.

Full RELRO makes the PLT+GOT data read-only on startup, preventing it
from being overwritten.

http://tk-blog.blogspot.com/2009/02/relro-not-so-well-known-memory.html

Fixes #29877.

---

I'm not entirely certain if this is the best way to do it, but I figured mimicking the way it's done for PIE seemed like a good start at least.  I'm not sure whether we want to have it enabled by default globally and then disabling it explicitly for targets that don't support it though.  I'm also not sure whether the `full_relro` function should call `bug!()` or something like it for linkers that don't support it rather than no-opping.
mattico pushed a commit to mattico/rust that referenced this issue Jul 29, 2017
This commit adds support for full RELRO, and enables it for the
platforms I know have support for it.

Full RELRO makes the PLT+GOT data read-only on startup, preventing it
from being overwritten.

http://tk-blog.blogspot.com/2009/02/relro-not-so-well-known-memory.html

Fixes rust-lang#29877.

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
A-linkage Area: linking into static, shared libraries and binaries C-enhancement Category: An issue proposing an enhancement or a PR with one. P-low Low priority
Projects
None yet
Development

No branches or pull requests

6 participants