From patchwork Fri Jun 30 01:42:44 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Siddhesh Poyarekar <siddhesh@sourceware.org>
X-Patchwork-Id: 71866
Return-Path: <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id DECCF3856944
	for <patchwork@sourceware.org>; Fri, 30 Jun 2023 01:44:48 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org DECCF3856944
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1688089488;
	bh=y4YRQaZAWHaTdPKW3gnPtxgJYfMU5aA4wvcgbpvO8Ls=;
	h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
	 From;
	b=dr98/A0x0q/+n0QvJXISlJbks8QUJEQMHvTORgFeJkUItgL2bJwynxOMVw1mbc8Bm
	 IbGxI87ax83mTVjhOffGAwE/0fynBwSxFWb0F3HEvPIwD1nEJhkSff1orrA/gHhdEf
	 F2aQd6Sn7+zq4ERKbFb0GJsuTdhPWS8/iM26IH5o=
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from fennec.ash.relay.mailchannels.net
 (fennec.ash.relay.mailchannels.net [23.83.222.58])
 by sourceware.org (Postfix) with ESMTPS id 753523858C60
 for <libc-alpha@sourceware.org>; Fri, 30 Jun 2023 01:42:57 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 753523858C60
X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org
Received: from relay.mailchannels.net (localhost [127.0.0.1])
 by relay.mailchannels.net (Postfix) with ESMTP id B6D9C4115A;
 Fri, 30 Jun 2023 01:42:54 +0000 (UTC)
Received: from pdx1-sub0-mail-a286.dreamhost.com (unknown [127.0.0.6])
 (Authenticated sender: dreamhost)
 by relay.mailchannels.net (Postfix) with ESMTPA id B304541189
 for <libc-alpha@sourceware.org>; Fri, 30 Jun 2023 01:42:53 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1688089373; a=rsa-sha256;
 cv=none;
 b=WchX/yQpy6z3a2/6s1uWHdCunFEjDXBbs72dEULX2I9sbkoQR5ETxEr5IUizP7hleoZLqo
 fMrjjzWk/X1WtQ33fP1BMVzx7qgec3OFtYMZ8bJldE1rwBrZVOd7urOUBXYO3qMp5ZfOID
 I+F/LBL7IY9VxaKjQJmxGItGWynA6NBFXgrpwQHHG9uPh+UPjgSE+d/SadB8+DrOalB7Yy
 El6B9JzPh7HhWbLKkmUrCoxzsdppfgYPzjftIHl3naDiWWuDyY4nGHAMeX3yN1FD/XMra3
 4ngeNOIdWne05rngzif6qBUOeHCVHB5aZK660vgf2hT+Brx6K9miXEm6fhcBSw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=mailchannels.net; s=arc-2022; t=1688089373;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=y4YRQaZAWHaTdPKW3gnPtxgJYfMU5aA4wvcgbpvO8Ls=;
 b=yd5hYY7LItDfVNKM0RwjviSxHToJnfO3nrjn2if2qTVVEzue9cq1/ceu+x4MfoQ4K9TbKK
 EAkEv4i+ePbMx/Yu3RUdMavNAEHEIxg1PaBtatRQNqQFrElr+X/PJKEMtjYBTQMUIk8sFa
 6IHTb31jjwcik9aN0dHv5I+2f9eR601wUpgBOAmxqQ9xrE7X9w5Ro8g81PQEZaIljLlYR0
 duHybjybKe4TVl2BYLcN1oQSJGnhfQI/n6j4FOq8VarTHlMntVjEMSZfiz4dpCu49uqUAA
 5W0PeJQ4TrtCYbN6Fpdts4Eot9G9nmoZcigKw6r6UZKIh7xB3yQr8kEEPlA5og==
ARC-Authentication-Results: i=1; rspamd-85899d6fcc-d4zwr;
 auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@sourceware.org
X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org
X-MC-Relay: Neutral
X-MC-Copy: stored-urls
X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org
X-MailChannels-Auth-Id: dreamhost
X-Language-Power: 09a1c15e553c44d2_1688089374013_3402915805
X-MC-Loop-Signature: 1688089374012:2185327945
X-MC-Ingress-Time: 1688089374012
Received: from pdx1-sub0-mail-a286.dreamhost.com (pop.dreamhost.com
 [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384)
 by 100.115.252.250 (trex/6.9.1); Fri, 30 Jun 2023 01:42:54 +0000
Received: from fedora.redhat.com
 (bras-vprn-toroon4834w-lp130-09-174-91-45-44.dsl.bell.ca [174.91.45.44])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 (Authenticated sender: siddhesh@gotplt.org)
 by pdx1-sub0-mail-a286.dreamhost.com (Postfix) with ESMTPSA id 4QsdP92g1pz68
 for <libc-alpha@sourceware.org>; Thu, 29 Jun 2023 18:42:53 -0700 (PDT)
To: libc-alpha@sourceware.org
Subject: [PATCH v2 2/4] configure: Default --enable-stack-protector to strong
Date: Thu, 29 Jun 2023 21:42:44 -0400
Message-ID: <20230630014248.2819836-3-siddhesh@sourceware.org>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230630014248.2819836-1-siddhesh@sourceware.org>
References: <20230629184156.2789945-1-siddhesh@sourceware.org>
 <20230630014248.2819836-1-siddhesh@sourceware.org>
MIME-Version: 1.0
X-Spam-Status: No, score=-1172.0 required=5.0 tests=BAYES_00, GIT_PATCH_0,
 KAM_DMARC_NONE, KAM_DMARC_STATUS, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H5,
 RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_SOFTFAIL, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-Patchwork-Original-From: Siddhesh Poyarekar via Libc-alpha
 <libc-alpha@sourceware.org>
From: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reply-To: Siddhesh Poyarekar <siddhesh@sourceware.org>
Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org
Sender: "Libc-alpha"
 <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>

All major distributions use this level of stack protector, so make it
the default.

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
---
 INSTALL             | 3 ++-
 NEWS                | 4 ++++
 configure           | 2 +-
 configure.ac        | 2 +-
 manual/install.texi | 3 ++-
 5 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/INSTALL b/INSTALL
index a1e189eb9f..f02358e933 100644
--- a/INSTALL
+++ b/INSTALL
@@ -196,13 +196,14 @@ if ‘CFLAGS’ is specified it must enable optimization.  For example:
 ‘--enable-stack-protector’
 ‘--enable-stack-protector=strong’
 ‘--enable-stack-protector=all’
+‘--enable-stack-protector=no’
      Compile the C library and all other parts of the glibc package
      (including the threading and math libraries, NSS modules, and
      transliteration modules) using the GCC ‘-fstack-protector’,
      ‘-fstack-protector-strong’ or ‘-fstack-protector-all’ options to
      detect stack overruns.  Only the dynamic linker and a small number
      of routines called directly from assembler are excluded from this
-     protection.
+     protection.  This option is enabled by default and set to ‘strong’.
 
 ‘--enable-bind-now’
      Disable lazy binding for installed shared objects and programs.
diff --git a/NEWS b/NEWS
index 709ee40e50..47ec0b741c 100644
--- a/NEWS
+++ b/NEWS
@@ -48,6 +48,10 @@ Major new features:
 * The strlcpy and strlcat functions have been added.  They are derived
   from OpenBSD, and are expected to be added to a future POSIX version.
 
+* The GNU C Library is now built with -fstack-protector-strong by
+  default.  This may be overridden by using the --enable-stack-protector
+  configure option.
+
 Deprecated and removed features, and other changes affecting compatibility:
 
 * In the Linux kernel for the hppa/parisc architecture some of the
diff --git a/configure b/configure
index 11538ee1b3..863621cabf 100755
--- a/configure
+++ b/configure
@@ -4462,7 +4462,7 @@ if test ${enable_stack_protector+y}
 then :
   enableval=$enable_stack_protector; enable_stack_protector=$enableval
 else $as_nop
-  enable_stack_protector=no
+  enable_stack_protector=strong
 fi
 
 case "$enable_stack_protector" in
diff --git a/configure.ac b/configure.ac
index 18bb989ade..d85452b3b3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -228,7 +228,7 @@ AC_ARG_ENABLE([stack-protector],
 	      AS_HELP_STRING([--enable-stack-protector=@<:@yes|no|all|strong@:>@],
 			     [Use -fstack-protector[-all|-strong] to detect glibc buffer overflows]),
 	      [enable_stack_protector=$enableval],
-	      [enable_stack_protector=no])
+	      [enable_stack_protector=strong])
 case "$enable_stack_protector" in
 all|yes|no|strong) ;;
 *) AC_MSG_ERROR([Not a valid argument for --enable-stack-protector: "$enable_stack_protector"]);;
diff --git a/manual/install.texi b/manual/install.texi
index 52eb2d8a23..b1aa5eb60c 100644
--- a/manual/install.texi
+++ b/manual/install.texi
@@ -222,13 +222,14 @@ time.  Consult the @file{timezone} subdirectory for more details.
 @item --enable-stack-protector
 @itemx --enable-stack-protector=strong
 @itemx --enable-stack-protector=all
+@itemx --enable-stack-protector=no
 Compile the C library and all other parts of the glibc package
 (including the threading and math libraries, NSS modules, and
 transliteration modules) using the GCC @option{-fstack-protector},
 @option{-fstack-protector-strong} or @option{-fstack-protector-all}
 options to detect stack overruns.  Only the dynamic linker and a small
 number of routines called directly from assembler are excluded from this
-protection.
+protection.  This option is enabled by default and set to @option{strong}.
 
 @item --enable-bind-now
 Disable lazy binding for installed shared objects and programs.  This