depends: harden libevent #27118

pull fanquake wants to merge 1 commits into bitcoin:master from fanquake:harden_libevent changing 1 files +1 −0
  1. fanquake commented at 12:14 pm on February 17, 2023: member

    Use FORTIFY_SOURCE=3 when building libevent in depends. I’ve upstreamed a change to switch libevent from using =2 to =3 as well: https://github.com/libevent/libevent/pull/1418.

    Solves half of #27038, by giving us some fortified funcs in bitcoin-cli.

  2. DrahtBot commented at 12:14 pm on February 17, 2023: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Reviews

    See the guideline for information on the review process.

    Type Reviewers
    ACK TheCharlatan

    If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #24123 (build: Pointer Authentication and Branch Target Identification for aarch64 Linux (Guix) by fanquake)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  3. DrahtBot added the label Build system on Feb 17, 2023
  4. fanquake force-pushed on Feb 17, 2023
  5. fanquake commented at 2:33 pm on February 17, 2023: member
    Changed the approach here, from using libevents own hardening option (might send some fixes upstream), and a patch, to just using FORTIFY_SOURCE directly. That gets as what we want at the moment, without other potential side effects.
  6. theuni commented at 3:20 pm on February 17, 2023: member
    Do you have a before/after count for hardened functions?
  7. fanquake commented at 3:39 pm on February 17, 2023: member

    Do you have a before/after count for hardened functions?

    Using GCC 13 and glibc 2.37 (with only this branch):

     0# master
 1nm -C src/bitcoind | grep _chk
 2                 U __fprintf_chk@GLIBC_2.17
 3                 U __memcpy_chk@GLIBC_2.17
 4                 U __snprintf_chk@GLIBC_2.17
 5                 U __stack_chk_fail@GLIBC_2.17
 6                 U __stack_chk_guard@GLIBC_2.17
 7                 U __vsnprintf_chk@GLIBC_2.17
 8objdump -d src/bitcoind | grep "_chk@plt" | wc -l
 932
10
11# this branch
12nm -C src/bitcoind | grep _chk
13                 U __fdelt_chk@GLIBC_2.17
14                 U __fprintf_chk@GLIBC_2.17
15                 U __memcpy_chk@GLIBC_2.17
16                 U __memmove_chk@GLIBC_2.17
17                 U __memset_chk@GLIBC_2.17
18                 U __snprintf_chk@GLIBC_2.17
19                 U __stack_chk_fail@GLIBC_2.17
20                 U __stack_chk_guard@GLIBC_2.17
21                 U __vsnprintf_chk@GLIBC_2.17
22objdump -d src/bitcoind | grep "_chk@plt" | wc -l
2354

    If I combine with our own use of FORTIFY_SOURCE=3:

     0nm -C src/bitcoind | grep _chk
 1                 U __fdelt_chk@GLIBC_2.17
 2                 U __fprintf_chk@GLIBC_2.17
 3                 U __memcpy_chk@GLIBC_2.17
 4                 U __memmove_chk@GLIBC_2.17
 5                 U __memset_chk@GLIBC_2.17
 6                 U __snprintf_chk@GLIBC_2.17
 7                 U __stack_chk_fail@GLIBC_2.17
 8                 U __stack_chk_guard@GLIBC_2.17
 9                 U __vsnprintf_chk@GLIBC_2.17
10objdump -d src/bitcoind | grep "_chk@plt" | wc -l
1181
  8. hebasto commented at 5:04 pm on February 17, 2023: member

    Changed the approach here, from using libevents own hardening option

    The previous 974e44c0a0e692e1e11e7c067699db94f55ce464 commit, being combined with the current 778e34e8625cc83d0e5a93493c71f01712bef81d one, should work for older compilers as well, no?

  9. fanquake commented at 5:22 pm on February 17, 2023: member

    should work for older compilers as well, no?

    I changed the approach because I don’t want us to use the gcc-hardening option.

  10. TheCharlatan approved
  11. TheCharlatan commented at 11:23 am on February 20, 2023: contributor
    ACK 778e34e8625cc83d0e5a93493c71f01712bef81d
  12. depends: use FORTIFY_SOURCE=3 with libevent ff4a73aea2
  13. fanquake force-pushed on Feb 20, 2023
  14. fanquake commented at 4:37 pm on February 20, 2023: member
    Rebased on top of #27027.
  15. TheCharlatan commented at 7:49 am on February 21, 2023: contributor
    ACK ff4a73aea2b8346f48f75e1130a36749f70e9049
  16. fanquake requested review from theuni on Feb 22, 2023
  17. fanquake merged this on Feb 28, 2023
  18. fanquake closed this on Feb 28, 2023
  19. fanquake deleted the branch on Feb 28, 2023
  20. sidhujag referenced this in commit 5f087db8ed on Feb 28, 2023
  21. hebasto commented at 9:03 pm on March 31, 2023: member

    This PR introduced a regression when building with depends and disabled hardening:

    0$ make -C depends HOST=x86_64-w64-mingw32 NO_QT=1 NO_WALLET=1 NO_ZMQ=1 NO_UPNP=1 NO_NATPMP=1 NO_USDT=1
1$ ./configure --disable-hardening CONFIG_SITE=$PWD/depends/x86_64-w64-mingw32/share/config.site
2$ make
3...
4/usr/bin/x86_64-w64-mingw32-ld: /home/hebasto/git/gui/depends/x86_64-w64-mingw32/lib/libevent.a(evutil.o):evutil.c:(.text+0x2975): undefined reference to `__memcpy_chk'
5/usr/bin/x86_64-w64-mingw32-ld: /home/hebasto/git/gui/depends/x86_64-w64-mingw32/lib/libevent.a(evutil.o):evutil.c:(.text+0x29d6): undefined reference to `__memcpy_chk'
6/usr/bin/x86_64-w64-mingw32-ld: /home/hebasto/git/gui/depends/x86_64-w64-mingw32/lib/libevent.a(evutil.o):evutil.c:(.text+0x3041): undefined reference to `__strcat_chk'
7/usr/bin/x86_64-w64-mingw32-ld: /home/hebasto/git/gui/depends/x86_64-w64-mingw32/lib/libevent.a(evutil.o):evutil.c:(.text+0x3052): undefined reference to `__strcat_chk'
8/usr/bin/x86_64-w64-mingw32-ld: /home/hebasto/git/gui/depends/x86_64-w64-mingw32/lib/libevent.a(http.o):http.c:(.text+0x6e6): undefined reference to `__memcpy_chk'
9...
  22. fanquake referenced this in commit d59606445d on Apr 3, 2023
  23. fanquake referenced this in commit 51aebc0305 on Apr 3, 2023
  24. fanquake referenced this in commit 977aecfae7 on Apr 3, 2023
  25. fanquake referenced this in commit efe99a9c17 on Apr 3, 2023
  26. fanquake referenced this in commit 186d224dba on Apr 3, 2023
  27. fanquake referenced this in commit 24ef4bb6c2 on Apr 3, 2023
  28. fanquake commented at 1:19 pm on April 3, 2023: member

    This PR introduced a regression when building with depends and disabled hardening:

    Followup for discussion in 27406.

  29. fanquake referenced this in commit 436df1e826 on Apr 4, 2023
  30. fanquake referenced this in commit 75d807ac9a on Apr 5, 2023
  31. sidhujag referenced this in commit aa7de3df60 on Apr 5, 2023
  32. marcosptf referenced this in commit d5ac42b0a3 on Apr 9, 2023
  33. willcl-ark referenced this in commit 96caad6982 on Apr 18, 2023
  34. RandyMcMillan referenced this in commit 823c77e7fe on May 27, 2023
  35. janus referenced this in commit 6e019f0775 on Sep 3, 2023
  36. backpacker69 referenced this in commit 70f77fa78b on Mar 5, 2024
  37. bitcoin locked this on Apr 2, 2024


fanquake DrahtBot theuni hebasto TheCharlatan


theuni

Labels
Build system

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-11-24 06:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me