[jira] [Commented] (MESOS-6229) Default to using hardened compilation flags
[
https://issues.apache.org/jira/browse/MESOS-6229?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16472650#comment-16472650
]
Benjamin Mahler commented on MESOS-6229:
Was hoping to introduce {{-fno-omit-frame-pointer}} and came across this
ticket. Looks like that particular flag wasn't introduced? Any reason?
> Default to using hardened compilation flags
> ---
>
> Key: MESOS-6229
> URL: https://issues.apache.org/jira/browse/MESOS-6229
> Project: Mesos
> Issue Type: Improvement
>Reporter: Aaron Wood
>Assignee: Aaron Wood
>Priority: Minor
> Labels: c++, clang, gcc, security
> Fix For: 1.2.0
>
>
> Provide a default set of hardened compilation flags to help protect against
> overflows and other attacks. Apply to libprocess and stout as well. Current
> set of flags that were discussed on slack to implement:
> -Wformat-security
> -Wstack-protector
> -fstack-protector-strong (-fstack-protector-all might be overkill, it could
> be more effective to use this. Requires gcc >= 4.9 which should be
> reasonable. Detect compiler support and use what we can but prefer
> -fstack-protector-strong)
> -pie
> -fPIE
> -fPIC
> -D_FORTIFY_SOURCE=2
> -Wl,-z,relro,-z,now (currently not a part of the patch, this should be
> another JIRA)
> -fno-omit-frame-pointer
> https://reviews.apache.org/r/52645/
> https://reviews.apache.org/r/52695/
> https://reviews.apache.org/r/52696/
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (MESOS-6229) Default to using hardened compilation flags
[
https://issues.apache.org/jira/browse/MESOS-6229?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15517039#comment-15517039
]
Aaron Wood commented on MESOS-6229:
---
Looks like there will need to be some fixes made ahead of time before this
patch goes in:
```
/bin/sh ../../libtool --tag=CXX --mode=compile g++ -DPACKAGE_NAME=\"mesos\"
-DPACKAGE_TARNAME=\"mesos\" -DPACKAGE_VERSION=\"1.1.0\"
-DPACKAGE_STRING=\"mesos\ 1.1.0\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\"
-DPACKAGE=\"mesos\" -DVERSION=\"1.1.0\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1
-DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1
-DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1
-DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_CXX11=1
-DHAVE_PTHREAD_PRIO_INHERIT=1 -DHAVE_PTHREAD=1 -DHAVE_LIBZ=1 -DHAVE_FTS_H=1
-DHAVE_APR_POOLS_H=1 -DHAVE_LIBAPR_1=1 -DHAVE_LIBCURL=1 -DMESOS_HAS_JAVA=1
-DHAVE_PYTHON=\"2.7\" -DMESOS_HAS_PYTHON=1 -DHAVE_LIBSASL2=1
-DHAVE_SVN_VERSION_H=1 -DHAVE_LIBSVN_SUBR_1=1 -DHAVE_SVN_DELTA_H=1
-DHAVE_LIBSVN_DELTA_1=1 -DHAVE_LIBZ=1 -I. -I../../../3rdparty/libprocess
-DBUILD_DIR=\"/Users//Code/src/mesos/build/3rdparty/libprocess\"
-I../../../3rdparty/libprocess/include -isystem ../boost-1.53.0 -I../elfio-3.2
-I../glog-0.3.3/src -I../http-parser-2.6.2 -I../libev-4.22
-DPICOJSON_USE_INT64 -D__STDC_FORMAT_MACROS -I../picojson-1.3.0
-I../../../3rdparty/libprocess/../stout/include
-I/usr/local/opt/subversion/include/subversion-1
-I/usr/local/opt/openssl/include -I/usr/local/opt/libevent/include
-I/usr/include/apr-1 -I/usr/include/apr-1.0 -Wall -Werror -Wsign-compare
-Wformat-security -Wstack-protector -fno-omit-frame-pointer
-fstack-protector-strong -pie -fPIE -D_FORTIFY_SOURCE=2 -O3 -g1 -O0
-Wno-unused-local-typedef -std=c++11 -stdlib=libc++ -DGTEST_USE_OWN_TR1_TUPLE=1
-DGTEST_LANG_CXX11 -MT libprocess_la-reap.lo -MD -MP -MF
.deps/libprocess_la-reap.Tpo -c -o libprocess_la-reap.lo `test -f
'src/reap.cpp' || echo '../../../3rdparty/libprocess/'`src/reap.cpp
../../../3rdparty/libprocess/src/profiler.cpp:35:12: error: unused variable
'PROFILE_FILE' [-Werror,-Wunused-const-variable]
const char PROFILE_FILE[] = "perftools.out";
^
In file included from ../../../3rdparty/libprocess/src/profiler.cpp:24:
../../../3rdparty/libprocess/include/process/profiler.hpp:80:8: error: private
field 'started' is not used [-Werror,-Wunused-private-field]
bool started;
^
2 errors generated.
make[5]: *** [libprocess_la-profiler.lo] Error 1
make[5]: *** Waiting for unfinished jobs
mv -f .deps/libprocess_la-logging.Tpo .deps/libprocess_la-logging.Plo
mv -f .deps/libprocess_la-io.Tpo .deps/libprocess_la-io.Plo
libtool: compile: g++ -DPACKAGE_NAME=\"mesos\" -DPACKAGE_TARNAME=\"mesos\"
-DPACKAGE_VERSION=\"1.1.0\" "-DPACKAGE_STRING=\"mesos 1.1.0\""
-DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DPACKAGE=\"mesos\"
-DVERSION=\"1.1.0\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1
-DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1
-DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1
-DLT_OBJDIR=\".libs/\" -DHAVE_CXX11=1 -DHAVE_PTHREAD_PRIO_INHERIT=1
-DHAVE_PTHREAD=1 -DHAVE_LIBZ=1 -DHAVE_FTS_H=1 -DHAVE_APR_POOLS_H=1
-DHAVE_LIBAPR_1=1 -DHAVE_LIBCURL=1 -DMESOS_HAS_JAVA=1 -DHAVE_PYTHON=\"2.7\"
-DMESOS_HAS_PYTHON=1 -DHAVE_LIBSASL2=1 -DHAVE_SVN_VERSION_H=1
-DHAVE_LIBSVN_SUBR_1=1 -DHAVE_SVN_DELTA_H=1 -DHAVE_LIBSVN_DELTA_1=1
-DHAVE_LIBZ=1 -I. -I../../../3rdparty/libprocess
-DBUILD_DIR=\"/Users//Code/src/mesos/build/3rdparty/libprocess\"
-I../../../3rdparty/libprocess/include -isystem ../boost-1.53.0 -I../elfio-3.2
-I../glog-0.3.3/src -I../http-parser-2.6.2 -I../libev-4.22 -DPICOJSON_USE_INT64
-D__STDC_FORMAT_MACROS -I../picojson-1.3.0
-I../../../3rdparty/libprocess/../stout/include
-I/usr/local/opt/subversion/include/subversion-1
-I/usr/local/opt/openssl/include -I/usr/local/opt/libevent/include
-I/usr/include/apr-1 -I/usr/include/apr-1.0 -Wall -Werror -Wsign-compare
-Wformat-security -Wstack-protector -fno-omit-frame-pointer
-fstack-protector-strong -D_FORTIFY_SOURCE=2 -O3 -g1 -O0
-Wno-unused-local-typedef -std=c++11 -stdlib=libc++ -DGTEST_USE_OWN_TR1_TUPLE=1
-DGTEST_LANG_CXX11 -MT libprocess_la-reap.lo -MD -MP -MF
.deps/libprocess_la-reap.Tpo -c ../../../3rdparty/libprocess/src/reap.cpp
-fno-common -DPIC -o .libs/libprocess_la-reap.o
In file included from ../../../3rdparty/libprocess/src/process.cpp:108:
../../../3rdparty/libprocess/src/encoder.hpp:278:15: error: comparison of
integers of different signs: 'off_t' (aka 'long long') and 'size_t' (aka
'unsigned long') [-Werror,-Wsign-compare]
if (index >= length) {
~ ^ ~~
../../../3rdparty/libprocess/src/process.cpp:3501:23: error: comparison of
integers of different signs: 'int' and 'size_type' (aka 'unsigned long')
[-Werror,-Wsign-compare]
for (int i
[jira] [Commented] (MESOS-6229) Default to using hardened compilation flags
[ https://issues.apache.org/jira/browse/MESOS-6229?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15514731#comment-15514731 ] Aaron Wood commented on MESOS-6229: --- I think -fstack-protector-all might be way too much. I'm going to benchmark the difference between -fstack-protector and -fstack-protector-strong > Default to using hardened compilation flags > --- > > Key: MESOS-6229 > URL: https://issues.apache.org/jira/browse/MESOS-6229 > Project: Mesos > Issue Type: Improvement >Reporter: Aaron Wood >Assignee: Aaron Wood >Priority: Minor > Labels: c++, clang, gcc, security > > Provide a default set of hardened compilation flags to help protect against > overflows and other attacks. Apply to libprocess and stout as well. Current > set of flags that were discussed on slack to implement: > -Wformat-security > -Wstack-protector > -fstack-protector-all > -pie > -fPIE > -D_FORTIFY_SOURCE=2 > -O2 (possibly -O3 for greater optimizations, up for discussion) > -Wl,-z,relro,-z,now > -fno-omit-frame-pointer > -fstack-protector-strong (-fstack-protector-all might be overkill, it could > be more effective to use this. Requires gcc >= 4.9) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
