Bug 1418052 Correctly process hardening flags for ASAN, --disable-hardening, and --disable-optimize r=decoder,glandium
authorTom Ritter <tom@mozilla.com>
Mon, 20 Nov 2017 22:20:56 -0600
changeset 454291 1578425fbe9f3c00489dddcc6a1ed447b4721fc1
parent 454290 9687e3d987bea9abf622c6e67ea10c77afa15391
child 454292 57c4ffac0ccfe3cd14cc2d4de9f8bdef80081883
push id1648
push usermtabara@mozilla.com
push dateThu, 01 Mar 2018 12:45:47 +0000
treeherdermozilla-release@cbb9688c2eeb [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersdecoder, glandium
bugs1418052, 1377553, 1419607
milestone59.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1418052 Correctly process hardening flags for ASAN, --disable-hardening, and --disable-optimize r=decoder,glandium Will also address Bug 1377553 and part of Bug 1419607 MozReview-Commit-ID: AUCqBxEGpAl
build/autoconf/sanitize.m4
build/moz.configure/old.configure
build/moz.configure/toolchain.configure
js/src/old-configure.in
old-configure.in
--- a/build/autoconf/sanitize.m4
+++ b/build/autoconf/sanitize.m4
@@ -2,20 +2,16 @@ dnl This Source Code Form is subject to 
 dnl License, v. 2.0. If a copy of the MPL was not distributed with this
 dnl file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 AC_DEFUN([MOZ_CONFIG_SANITIZE], [
 
 dnl ========================================================
 dnl = Use Address Sanitizer
 dnl ========================================================
-MOZ_ARG_ENABLE_BOOL(address-sanitizer,
-[  --enable-address-sanitizer       Enable Address Sanitizer (default=no)],
-    MOZ_ASAN=1,
-    MOZ_ASAN= )
 if test -n "$MOZ_ASAN"; then
     MOZ_LLVM_HACKS=1
     if test -n "$CLANG_CL"; then
         # Look for the ASan runtime binary
         if test "$CPU_ARCH" = "x86_64"; then
           MOZ_CLANG_RT_ASAN_LIB=clang_rt.asan_dynamic-x86_64.dll
         else
           MOZ_CLANG_RT_ASAN_LIB=clang_rt.asan_dynamic-i386.dll
--- a/build/moz.configure/old.configure
+++ b/build/moz.configure/old.configure
@@ -165,17 +165,16 @@ def old_configure_options(*options):
     return depends(prepare_configure, extra_old_configure_args, all_options,
                    *options)
 
 
 @old_configure_options(
     '--cache-file',
     '--datadir',
     '--enable-accessibility',
-    '--enable-address-sanitizer',
     '--enable-alsa',
     '--enable-bundled-fonts',
     '--enable-content-sandbox',
     '--enable-cookies',
     '--enable-cpp-rtti',
     '--enable-crashreporter',
     '--enable-dbus',
     '--enable-debug-js-modules',
--- a/build/moz.configure/toolchain.configure
+++ b/build/moz.configure/toolchain.configure
@@ -1292,29 +1292,75 @@ include('windows.configure', when=is_win
 fxc = check_prog('FXC', ('fxc.exe', 'fxc2.exe'), when=depends(target)
                  (lambda t: t.kernel == 'WINNT'))
 wine = check_prog('WINE', ['wine'], when=depends(target, host)
                   (lambda t, h: t.kernel == 'WINNT' and h.kernel == 'Linux'))
 
 # Security Hardening
 # ==============================================================
 
+js_option('--enable-address-sanitizer', help='Enable Address Sanitizer')
+
+
+@depends_if('--enable-address-sanitizer')
+def asan(value):
+    return True
+
+
+add_old_configure_assignment('MOZ_ASAN', asan)
+
+
 option('--enable-hardening', env='MOZ_SECURITY_HARDENING',
        help='Enables security hardening compiler options')
 
 
-@depends('--enable-hardening', c_compiler)
-def security_hardening_cflags(value, c_compiler):
-    if value and c_compiler.type in ['gcc', 'clang']:
-        return '-fstack-protector-strong'
+@depends('--enable-hardening', '--enable-address-sanitizer',
+         '--enable-optimize', c_compiler, target)
+def security_hardening_cflags(hardening_flag, asan, optimize, c_compiler, target):
+    compiler_is_gccish = c_compiler.type in ('gcc', 'clang')
+
+    flags = []
+    js_flags = []
+
+    # FORTIFY_SOURCE ------------------------------------
+    # If hardening is explicitly enabled, or not explicitly disabled
+    if hardening_flag.origin == "default" or hardening_flag:
+        # Require optimization for FORTIFY_SOURCE. See Bug 1417452
+        # Also, undefine it before defining it just in case a distro adds it, see Bug 1418398
+        if compiler_is_gccish and optimize and not asan:
+            # Don't enable FORTIFY_SOURCE on Android on the top-level, but do enable in js/
+            if target.os != 'Android':
+                flags.append("-U_FORTIFY_SOURCE")
+                flags.append("-D_FORTIFY_SOURCE=2")
+            js_flags.append("-U_FORTIFY_SOURCE")
+            js_flags.append("-D_FORTIFY_SOURCE=2")
+
+    # If ASAN _is_ on, undefine FOTIFY_SOURCE just to be safe
+    if asan:
+        flags.append("-U_FORTIFY_SOURCE")
+        js_flags.append("-U_FORTIFY_SOURCE")
+
+    # fstack-protector ------------------------------------
+    # Enable only if --enable-hardening is passed and ASAN is
+    # not on as ASAN will catch the crashes for us
+    if hardening_flag and compiler_is_gccish and not asan:
+        flags.append("-fstack-protector-strong")
+
+    return namespace(
+        flags=flags,
+        js_flags=js_flags,
+    )
 
 
-add_old_configure_assignment('HARDENING_CFLAGS', security_hardening_cflags)
+add_old_configure_assignment('MOZ_HARDENING_CFLAGS', security_hardening_cflags.flags)
+add_old_configure_assignment('MOZ_HARDENING_CFLAGS_JS', security_hardening_cflags.js_flags)
 imply_option('--enable-pie', depends_if('--enable-hardening')(lambda v: v))
 
+# ==============================================================
+
 option(env='RUSTFLAGS',
        nargs=1,
        help='Rust compiler flags')
 set_config('RUSTFLAGS', depends('RUSTFLAGS')(lambda flags: flags))
 
 
 imply_option('--enable-release', mozilla_official)
 imply_option('--enable-release', depends_if('MOZ_AUTOMATION')(lambda x: True))
--- a/js/src/old-configure.in
+++ b/js/src/old-configure.in
@@ -542,33 +542,22 @@ case "$host" in
     HOST_CFLAGS="$HOST_CFLAGS -DXP_UNIX"
     HOST_OPTIMIZE_FLAGS="${HOST_OPTIMIZE_FLAGS=-O2}"
     ;;
 esac
 
 MOZ_DOING_LTO(lto_is_enabled)
 
 dnl ========================================================
-dnl Add optional and non-optional hardening flags
+dnl Add optional and non-optional hardening flags from toolchain.configure
 dnl ========================================================
 
-dnl In at least glibc-2.25, _FORTIFY_SOURCE requires compiling
-dnl with optimization (Bug 1417452)
-
-dnl Note that in the top-level old-configure.in, we don't enable
-dnl FORTIFY_SOURCE on Android. But in js/ we *can* enable it on
-dnl Android, so we do.
-
-if test -n "$MOZ_OPTIMIZE"; then
-   if test "$GNU_CC" -o -n "${CLANG_CC}${CLANG_CL}"; then
-      CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
-      CPPFLAGS="$CPPFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
-      CXXFLAGS="$CXXFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
-   fi
-fi
+CFLAGS="$CFLAGS $MOZ_HARDENING_CFLAGS_JS"
+CPPFLAGS="$CPPFLAGS $MOZ_HARDENING_CFLAGS_JS"
+CXXFLAGS="$CXXFLAGS $MOZ_HARDENING_CFLAGS_JS"
 
 dnl ========================================================
 dnl System overrides of the defaults for target
 dnl ========================================================
 
 case "$target" in
 *-darwin*)
     MKSHLIB='$(CXX) $(COMPUTED_CXX_LDFLAGS) $(PGO_CFLAGS) $(DSO_PIC_CFLAGS) $(DSO_LDOPTS) -o $@'
--- a/old-configure.in
+++ b/old-configure.in
@@ -503,38 +503,20 @@ fi
 
 if test -n "$COMPILE_ENVIRONMENT"; then
    MOZ_CONFIG_SANITIZE
 fi
 
 dnl ========================================================
 dnl Add optional and non-optional hardening flags
 dnl ========================================================
-CFLAGS="$CFLAGS $HARDENING_CFLAGS"
-CPPFLAGS="$CPPFLAGS $HARDENING_CFLAGS"
-CXXFLAGS="$CXXFLAGS $HARDENING_CFLAGS"
-
-dnl In at least glibc-2.25, _FORTIFY_SOURCE requires compiling
-dnl with optimization (Bug 1417452)
-if test -n "$MOZ_OPTIMIZE"; then
-   if test "$GNU_CC" -o -n "${CLANG_CC}${CLANG_CL}"; then
-      case $OS_TARGET in
-         Android)
-            dnl FORTIFY_SOURCE is not supported on Android on the
-            dnl top-level old-configure.in at this time.
-            dnl See Bug 1415595
-            ;;
-         *)
-            CFLAGS="$CFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
-            CPPFLAGS="$CPPFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
-            CXXFLAGS="$CXXFLAGS -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
-            ;;
-      esac
-   fi
-fi
+
+CFLAGS="$CFLAGS $MOZ_HARDENING_CFLAGS"
+CPPFLAGS="$CPPFLAGS $MOZ_HARDENING_CFLAGS"
+CXXFLAGS="$CXXFLAGS $MOZ_HARDENING_CFLAGS"
 
 dnl ========================================================
 dnl GNU specific defaults
 dnl ========================================================
 if test "$GNU_CC"; then
     MMX_FLAGS="-mmmx"
     SSE_FLAGS="-msse"
     SSE2_FLAGS="-msse2"