commit 4967cb7a97cb7303eacb21b5fa21faff07561da4 parent c6a4056df105673399568cf223ecb3d2b5667498 Author: David Goulet <dgoulet@torproject.org> Date: Mon, 6 Oct 2025 08:49:10 -0400 build: Add -fcf-protection=full Defense in depth and good compiler security option. Closes #41139 Signed-off-by: David Goulet <dgoulet@torproject.org> Diffstat:
| A | changes/gcc-fcf | | | 3 | +++ |
| M | configure.ac | | | 9 | +++++++++ |
2 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/changes/gcc-fcf b/changes/gcc-fcf @@ -0,0 +1,3 @@ + o Minor feature (compiler flag): + - Add -fcf-protection=full if supported by the compiler. Fixes 41139. + diff --git a/configure.ac b/configure.ac @@ -1490,6 +1490,15 @@ dnl we should try to add -fasynchronous-unwind-tables so that our backtrace dnl code will work. TOR_CHECK_CFLAGS(-fasynchronous-unwind-tables) +# From https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html: +# +# Enable code instrumentation to increase program security by checking that +# target addresses of control-flow transfer instructions are valid. This +# prevents diverting the flow of control to an unexpected target. This is +# intended to protect against such threats as Return-oriented Programming +# (ROP), and similarly call/jmp-oriented programming (COP/JOP). +TOR_CHECK_CFLAGS(-fcf-protection=full) + dnl ============================================================ dnl Check for libseccomp