1 files changed, 62 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac
index 9174a64..3d93d12 100644
--- a/configure.ac
+++ b/configure.ac
@@ -74,6 +74,68 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
 )
 AC_MSG_RESULT([CLANG])
+# We want to check for compiler flag support, but there is no way to make
+# clang's "argument unused" warning fatal.  So we invoke the compiler through a
+# wrapper script that greps for this message.
+saved_CC="$CC"
+saved_LD="$LD"
+flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check"
+CC="$flag_wrap $CC"
+LD="$flag_wrap $LD"
+AC_DEFUN([check_cflag],
+        [AX_CHECK_COMPILE_FLAG([$1], [$2], [$3], [-Werror $4])])
+AC_DEFUN([check_ldflag],
+        [AX_CHECK_LINK_FLAG([$1], [$2], [$3], [-Werror $4])])
+AC_ARG_ENABLE([hardening],
+        [AS_HELP_STRING([--disable-hardening], [Disable options to frustrate memory corruption exploits])],
+        [],
+        [enable_hardening=yes])
+HARDEN_CFLAGS=""
+HARDEN_LDFLAGS=""
+AS_IF([test "x$enable_hardening" == "xyes"], [
+        # Tell GCC to NOT optimize based on signed arithmetic overflow
+        check_cflag([-fno-strict-overflow], [HARDEN_CFLAGS="$HARDEN_CFLAGS -fno-strict-overflow"])
+        # _FORTIFY_SOURCE replaces builtin functions with safer versions.
+        check_cflag([-D_FORTIFY_SOURCE=2], 
+                [HARDEN_CFLAGS="$HARDEN_CFLAGS -D_FORTIFY_SOURCE=2"])
+        # Use stack-protector-strong if available; if not, fallback to stack-protector-all which
+        # is considered to be overkill
+        check_cflag([-fstack-protector-strong], 
+                [STACK_PROTECT="-fstack-protector-strong"],
+                check_cflag([-fstack-protector-all],
+                        [STACK_PROTECT="-fstack-protector-all"],
+                        [AC_MSG_ERROR([compiler does not support stack protection - use --disable-hardening to override if you understand the risks])]
+                )
+        )
+        check_ldflag([$STACK_PROTECT],
+                [HARDEN_CFLAGS="$HARDEN_CFLAGS $STACK_PROTECT"
+                 check_cflag([-Wstack-protector], [HARDEN_CFLAGS="$HARDEN_CFLAGS -Wstack-protector"],
+                        [], [$STACK_PROTECT])
+                ],
+                [AC_MSG_ERROR([compiler supports stack protection but linker does not])]
+        )
+        # Enable read only relocations
+        check_ldflag([-Wl,-z,relro],
+                [HARDEN_LDFLAGS="$HARDEN_LDFLAGS -Wl,-z,relro"
+        check_ldflag([-Wl,-z,now], [HARDEN_LDFLAGS="$HARDEN_LDFLAGS -Wl,-z,now"])])
+])
+# Restore CC, LD
+CC="$saved_CC"
+LD="$saved_LD"
+CFLAGS="$CFLAGS $HARDEN_CFLAGS"
+LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS"
+# Removing the dependency on -Wno-pointer-sign should be a goal
 save_cflags="$CFLAGS"
 CFLAGS=-Wno-pointer-sign
 AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])

diff --git a/configure.ac b/configure.ac index 9174a64..3d93d12 100644 --- a/configure.ac +++ b/configure.ac
@@ -74,6 +74,68 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
74	)	74	)
75	AC_MSG_RESULT([CLANG])	75	AC_MSG_RESULT([CLANG])
76		76
		77	# We want to check for compiler flag support, but there is no way to make
		78	# clang's "argument unused" warning fatal. So we invoke the compiler through a
		79	# wrapper script that greps for this message.
		80	saved_CC="$CC"
		81	saved_LD="$LD"
		82	flag_wrap="$srcdir/scripts/wrap-compiler-for-flag-check"
		83	CC="$flag_wrap $CC"
		84	LD="$flag_wrap $LD"
		85
		86	AC_DEFUN([check_cflag],
		87	[AX_CHECK_COMPILE_FLAG([$1], [$2], [$3], [-Werror $4])])
		88	AC_DEFUN([check_ldflag],
		89	[AX_CHECK_LINK_FLAG([$1], [$2], [$3], [-Werror $4])])
		90
		91
		92	AC_ARG_ENABLE([hardening],
		93	[AS_HELP_STRING([--disable-hardening], [Disable options to frustrate memory corruption exploits])],
		94	[],
		95	[enable_hardening=yes])
		96
		97	HARDEN_CFLAGS=""
		98	HARDEN_LDFLAGS=""
		99	AS_IF([test "x$enable_hardening" == "xyes"], [
		100	# Tell GCC to NOT optimize based on signed arithmetic overflow
		101	check_cflag([-fno-strict-overflow], [HARDEN_CFLAGS="$HARDEN_CFLAGS -fno-strict-overflow"])
		102
		103	# _FORTIFY_SOURCE replaces builtin functions with safer versions.
		104	check_cflag([-D_FORTIFY_SOURCE=2],
		105	[HARDEN_CFLAGS="$HARDEN_CFLAGS -D_FORTIFY_SOURCE=2"])
		106
		107	# Use stack-protector-strong if available; if not, fallback to stack-protector-all which
		108	# is considered to be overkill
		109	check_cflag([-fstack-protector-strong],
		110	[STACK_PROTECT="-fstack-protector-strong"],
		111	check_cflag([-fstack-protector-all],
		112	[STACK_PROTECT="-fstack-protector-all"],
		113	[AC_MSG_ERROR([compiler does not support stack protection - use --disable-hardening to override if you understand the risks])]
		114	)
		115	)
		116
		117	check_ldflag([$STACK_PROTECT],
		118	[HARDEN_CFLAGS="$HARDEN_CFLAGS $STACK_PROTECT"
		119	check_cflag([-Wstack-protector], [HARDEN_CFLAGS="$HARDEN_CFLAGS -Wstack-protector"],
		120	[], [$STACK_PROTECT])
		121	],
		122	[AC_MSG_ERROR([compiler supports stack protection but linker does not])]
		123	)
		124
		125	# Enable read only relocations
		126	check_ldflag([-Wl,-z,relro],
		127	[HARDEN_LDFLAGS="$HARDEN_LDFLAGS -Wl,-z,relro"
		128	check_ldflag([-Wl,-z,now], [HARDEN_LDFLAGS="$HARDEN_LDFLAGS -Wl,-z,now"])])
		129	])
		130
		131	# Restore CC, LD
		132	CC="$saved_CC"
		133	LD="$saved_LD"
		134
		135	CFLAGS="$CFLAGS $HARDEN_CFLAGS"
		136	LDFLAGS="$LDFLAGS $HARDEN_LDFLAGS"
		137
		138	# Removing the dependency on -Wno-pointer-sign should be a goal
77	save_cflags="$CFLAGS"	139	save_cflags="$CFLAGS"
78	CFLAGS=-Wno-pointer-sign	140	CFLAGS=-Wno-pointer-sign
79	AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])	141	AC_MSG_CHECKING([whether CC supports -Wno-pointer-sign])