Page MenuHomeFreeBSD

[1/N] FORTIFY_SOURCE: basic requirements and framework
AbandonedPublic

Authored by op on Aug 21 2015, 8:01 PM.

Details

Reviewers
pfg
Group Reviewers
fortify source
Summary
  • add required defines and logic to sys/cdefs.h
  • add required defines and logic to include/secure/security.h
  • hook in to mtree
  • factor out the common parts from SSP, and make them common
  • added new build knob, and make them by default _disabled_
Test Plan

echo "WITH_FORTIFY=" >> /etc/src.conf
make buildworld

Diff Detail

Lint
Lint Skipped
Unit
Unit Tests Skipped

Event Timeline

op retitled this revision from to [1/N] FORTIFY_SOURCE: basic requirements and framework.
op updated this object.
op edited the test plan for this revision. (Show Details)
op added reviewers: fortify source, pfg.
op added a project: fortify source.

Missing the *_chk functions, without them nothing works.

lib/libc/secure/Symbol.map
11

Empty lists can be dropped (seen in the resolver).

share/mk/bsd.sys.mk
156

This is unnecessary at this time.
I only want the libc support built in by default.

sys/sys/cdefs.h
556

Perhaps a parenthesis for the middles expression would look better even if it isn't strictly necessary.

tools/build/options/WITH_FORTIFY
1

Not necessary at this time.