commit 66eae4afffb35afe891ec14a3389a484ecb7b373
parent 70553a91343e242e05e569d59584674a21d09679
Author: Nick Mathewson <nickm@torproject.org>
Date: Wed, 29 May 2019 16:08:33 -0400
Check whether gcc-hardening is runnable, and log an error if not
Closes ticket 27530.
Diffstat:
2 files changed, 15 insertions(+), 0 deletions(-)
diff --git a/changes/ticket27530 b/changes/ticket27530
@@ -0,0 +1,4 @@
+ o Minor features (compilation):
+ - Log a more useful error message when we are compiling and one of the
+ compile-time hardening options we have selected can be linked but
+ not executed. Closes ticket 27530.
diff --git a/configure.ac b/configure.ac
@@ -1188,6 +1188,17 @@ m4_ifdef([AS_VAR_IF],[
TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
fi
TOR_TRY_COMPILE_WITH_CFLAGS(-fwrapv, also_link, CFLAGS_FWRAPV="-fwrapv", true)
+
+ AC_MSG_CHECKING([whether we can run hardened binaries])
+ AC_RUN_IFELSE([AC_LANG_PROGRAM([], [return 0;])],
+ [AC_MSG_RESULT([yes])],
+ [AC_MSG_RESULT([no])
+ AC_MSG_ERROR([dnl
+ We can link with compiler hardening options, but we can't run with them.
+ That's a bad sign! If you must, you can pass --disable-gcc-hardening to
+ configure, but it would be better to figure out what the underlying problem
+ is.])],
+ [AC_MSG_RESULT([cross])])
fi
if test "$fragile_hardening" = "yes"; then
