From owner-freebsd-ports@freebsd.org Wed Sep 2 16:17:57 2015 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3EF809C8F8B for ; Wed, 2 Sep 2015 16:17:57 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from udns.ultimatedns.net (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E789C3B6 for ; Wed, 2 Sep 2015 16:17:56 +0000 (UTC) (envelope-from bsd-lists@bsdforge.com) Received: from ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.14.9/8.14.9) with ESMTP id t82GGgNF031989 for ; Wed, 2 Sep 2015 09:16:48 -0700 (PDT) (envelope-from bsd-lists@bsdforge.com) To: In-Reply-To: <20150902151239.GE61752@ivaldir.etoilebsd.net> References: <55E49E1E.2080005@FreeBSD.org>, <20150902151239.GE61752@ivaldir.etoilebsd.net> From: "Chris H" Subject: Re: [CFdiscussion] ports and FORTIFY_SOURCE Date: Wed, 02 Sep 2015 09:16:48 -0700 Content-Type: text/plain; charset=UTF-8; format=fixed MIME-Version: 1.0 Message-id: <606f5ba4b953b7886a4e57526d318099@ultimatedns.net> Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Sep 2015 16:17:57 -0000 On Wed, 2 Sep 2015 17:12:39 +0200 Baptiste Daroussin wrote > On Mon, Aug 31, 2015 at 01:34:06PM -0500, Pedro Giffuni wrote: > > Dear ports developers; > > > > This year I mentored Oliver Pinter's GSoC project [1] to port > > FORTIFY_SOURCE to FreeBSD. The project was more complex than we > > thought initially but it was successful. > > > > For those of you that haven't heard of it, it's a trick supported by > > libc to enable bounds-checking on common string and memory functions. > > The code has gone through extensive testing with both clang and the > > base gcc. It should work fine with newer gcc but it is untested there. > > > > To activate it you will just need to add -D_FORTIFY_SOURCE=1 (or 2) in > > the CFLAGS and that will transparently add the extra checks. The code > > is non invasive but some ports (firefox, emacs) actually choose to run > > with this flag on by default and an exp-run found some errors in those > > cases. > > > > There are currently two remaining PRs with patches for mail/ifile > > (202572) and net-p2p/namecoin (2012603), getting those committed soon > > would avoid traumas in the ports tree once FORTIFY_SOURCE is committed. > > > > In the future it would be nice to support a flag within ports to enable > > or disable this extra flag for specific ports. I am unsure exactly how > > to do it, it could be something as simple as > > > > USE_FORTIFY= yes > > or as complex as > > USES= compiler:fortify=0 > > (0 disables it, 1 is standard for clang. 2 is standard for gcc) > > > IMHO it should be done the exact same way as SSP was added. meaning always > activated and ports that are not playing safely with it should explicitly > disable it via: > FORTIFY_UNSAFE=yes > > and a WITHOUt_FORTIFY (like we have a WITHOUT_SSP) should be added for people > willing to entirely remove it. +1 and thanks for suggesting it Baptiste. > > Bapt --Chris