summaryrefslogtreecommitdiffstats
path: root/meta/conf/distro
diff options
context:
space:
mode:
authorJoshua Lock <joshua.g.lock@intel.com>2016-04-28 14:27:44 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-05-06 10:31:12 +0100
commit30f9a5072d94f6c383b1ef5d25448af39691dce0 (patch)
tree23ec4a94da2f639fa5ce077613e81a18c50c4958 /meta/conf/distro
parent8fa797d73b6266bb3fadcaf6d53ef7adca7f47ba (diff)
downloadpoky-30f9a5072d94f6c383b1ef5d25448af39691dce0.tar.gz
security_flags: turn potential string format security issues into an error
Add "-Wformat -Wformat-security -Werror=format-security" to the default SECURITY_CFLAGS to catch potential security vulnerabilities due to the misuse of various string formatting functions. These flags are widely used in distributions such as Fedora and Ubuntu, however we have 15 recipes in OE-Core which fail to build with these flags included and thus the flags are removed for: - busybox - console-tools - cmake - expect - gcc - gettext - kexec-tools - leafpad - libuser - ltp - makedevs - oh-puzzles - stat - unzip - zip [YOCTO #9488] (From OE-Core rev: f335f8e744fb312b3eb599c331d08a9a6e5a8ff8) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/conf/distro')
-rw-r--r--meta/conf/distro/include/security_flags.inc24
1 files changed, 22 insertions, 2 deletions
diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index ff5f34e3a3..5755d28104 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -9,8 +9,11 @@
9# -O0 which then results in a compiler warning. 9# -O0 which then results in a compiler warning.
10lcl_maybe_fortify = "${@base_conditional('DEBUG_BUILD','1','','-D_FORTIFY_SOURCE=2',d)}" 10lcl_maybe_fortify = "${@base_conditional('DEBUG_BUILD','1','','-D_FORTIFY_SOURCE=2',d)}"
11 11
12SECURITY_CFLAGS ?= "-fstack-protector-strong -pie -fpie ${lcl_maybe_fortify}" 12# Error on use of format strings that represent possible security problems
13SECURITY_NO_PIE_CFLAGS ?= "-fstack-protector-strong ${lcl_maybe_fortify}" 13SECURITY_STRINGFORMAT ?= "-Wformat -Wformat-security -Werror=format-security"
14
15SECURITY_CFLAGS ?= "-fstack-protector-strong -pie -fpie ${lcl_maybe_fortify} ${SECURITY_STRINGFORMAT}"
16SECURITY_NO_PIE_CFLAGS ?= "-fstack-protector-strong ${lcl_maybe_fortify} ${SECURITY_STRINGFORMAT}"
14 17
15SECURITY_LDFLAGS ?= "-fstack-protector-strong -Wl,-z,relro,-z,now" 18SECURITY_LDFLAGS ?= "-fstack-protector-strong -Wl,-z,relro,-z,now"
16SECURITY_X_LDFLAGS ?= "-fstack-protector-strong -Wl,-z,relro" 19SECURITY_X_LDFLAGS ?= "-fstack-protector-strong -Wl,-z,relro"
@@ -92,6 +95,23 @@ SECURITY_CFLAGS_pn-zlib = "${SECURITY_NO_PIE_CFLAGS}"
92SECURITY_CFLAGS_pn-ltp = "${SECURITY_NO_PIE_CFLAGS}" 95SECURITY_CFLAGS_pn-ltp = "${SECURITY_NO_PIE_CFLAGS}"
93SECURITY_CFLAGS_pn-pulseaudio = "${SECURITY_NO_PIE_CFLAGS}" 96SECURITY_CFLAGS_pn-pulseaudio = "${SECURITY_NO_PIE_CFLAGS}"
94 97
98# Recipes which fail to compile when elevating -Wformat-security to an error
99SECURITY_STRINGFORMAT_pn-busybox = ""
100SECURITY_STRINGFORMAT_pn-console-tools = ""
101SECURITY_STRINGFORMAT_pn-cmake = ""
102SECURITY_STRINGFORMAT_pn-expect = ""
103SECURITY_STRINGFORMAT_pn-gcc = ""
104SECURITY_STRINGFORMAT_pn-gettext = ""
105SECURITY_STRINGFORMAT_pn-kexec-tools = ""
106SECURITY_STRINGFORMAT_pn-leafpad = ""
107SECURITY_STRINGFORMAT_pn-libuser = ""
108SECURITY_STRINGFORMAT_pn-ltp = ""
109SECURITY_STRINGFORMAT_pn-makedevs = ""
110SECURITY_STRINGFORMAT_pn-oh-puzzles = ""
111SECURITY_STRINGFORMAT_pn-stat = ""
112SECURITY_STRINGFORMAT_pn-unzip = ""
113SECURITY_STRINGFORMAT_pn-zip = ""
114
95TARGET_CFLAGS_append_class-target = " ${SECURITY_CFLAGS}" 115TARGET_CFLAGS_append_class-target = " ${SECURITY_CFLAGS}"
96TARGET_LDFLAGS_append_class-target = " ${SECURITY_LDFLAGS}" 116TARGET_LDFLAGS_append_class-target = " ${SECURITY_LDFLAGS}"
97 117