Page MenuHomeFreeBSD

[1/N] FORTIFY_SOURCE: basic requirements and framework
AbandonedPublic

Authored by op on Aug 21 2015, 8:01 PM.
Referenced Files
Unknown Object (File)
Sun, Mar 17, 2:09 PM
Unknown Object (File)
Jan 26 2024, 1:31 AM
Unknown Object (File)
Dec 23 2023, 8:49 AM
Unknown Object (File)
Dec 20 2023, 3:00 PM
Unknown Object (File)
Nov 25 2023, 9:49 AM
Unknown Object (File)
Nov 22 2023, 5:55 AM
Unknown Object (File)
Oct 28 2023, 11:17 PM
Unknown Object (File)
Oct 11 2023, 12:44 PM
Subscribers

Details

Reviewers
pfg
Group Reviewers
fortify source
Summary
  • add required defines and logic to sys/cdefs.h
  • add required defines and logic to include/secure/security.h
  • hook in to mtree
  • factor out the common parts from SSP, and make them common
  • added new build knob, and make them by default _disabled_
Test Plan

echo "WITH_FORTIFY=" >> /etc/src.conf
make buildworld

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

op retitled this revision from to [1/N] FORTIFY_SOURCE: basic requirements and framework.
op updated this object.
op edited the test plan for this revision. (Show Details)
op added reviewers: fortify source, pfg.
op added a project: fortify source.

Missing the *_chk functions, without them nothing works.

lib/libc/secure/Symbol.map
11

Empty lists can be dropped (seen in the resolver).

share/mk/bsd.sys.mk
156

This is unnecessary at this time.
I only want the libc support built in by default.

sys/sys/cdefs.h
556

Perhaps a parenthesis for the middles expression would look better even if it isn't strictly necessary.

tools/build/options/WITH_FORTIFY
1

Not necessary at this time.