Re: [PATCH 06/30] meson: tweak hardening options for Windows

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 06/30] meson: tweak hardening options for Windows

From:	Paolo Bonzini
Subject:	Re: [PATCH 06/30] meson: tweak hardening options for Windows
Date:	Mon, 12 Dec 2022 09:52:10 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.5.0

On 12/12/22 09:18, Marc-André Lureau wrote:

-  # Disable ASLR for debug builds to allow debugging with gdb
-  if get_option('optimization') == '0'
-    qemu_ldflags += cc.get_supported_link_arguments('-Wl,--dynamicbase')
-  endif
+  qemu_ldflags += cc.get_supported_link_arguments('-Wl,--dynamicbase', 
'-Wl,--high-entropy-va')


What about the comment for disabling ASLR on debug builds?

The problem with that line is that it _enables_ ASLR for debug builds,and nobody has complained about gdb since last April... And nobody hascomplained to Debian or other distros that have enabled the flag foryears now.


I'll clarify the commit message.

I wonder if we really have to add those flags ourself. Imho, we can
leave them to the compiler default or distrib.. I bet most of the deps
don't use those flags explicitly either.

I think so, at least Firefox does. In general QEMU tries to do morebuild-time hardening than the average pacakge.


Paolo

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 11/30] meson: cleanup dummy-cpus.c rules, (continued)
- [PATCH 07/30] meson: support meson 0.64 -Doptimization=plain, Paolo Bonzini, 2022/12/09
  - Re: [PATCH 07/30] meson: support meson 0.64 -Doptimization=plain, Marc-André Lureau, 2022/12/12
  - Re: [PATCH 07/30] meson: support meson 0.64 -Doptimization=plain, Daniel P . Berrangé, 2022/12/16
- [PATCH 09/30] meson: use prefer_static option, Paolo Bonzini, 2022/12/09
  - Re: [PATCH 09/30] meson: use prefer_static option, Marc-André Lureau, 2022/12/12
  - Re: [PATCH 09/30] meson: use prefer_static option, Daniel P . Berrangé, 2022/12/16
- [PATCH 06/30] meson: tweak hardening options for Windows, Paolo Bonzini, 2022/12/09
  - Re: [PATCH 06/30] meson: tweak hardening options for Windows, Marc-André Lureau, 2022/12/12
    - Re: [PATCH 06/30] meson: tweak hardening options for Windows, Paolo Bonzini <=
  - Re: [PATCH 06/30] meson: tweak hardening options for Windows, Daniel P . Berrangé, 2022/12/16
- [PATCH 14/30] configure: test all warnings, Paolo Bonzini, 2022/12/09
  - Re: [PATCH 14/30] configure: test all warnings, Philippe Mathieu-Daudé, 2022/12/09
  - Re: [PATCH 14/30] configure: test all warnings, Daniel P . Berrangé, 2022/12/16
- [PATCH 12/30] modinfo: lookup compile_commands.json by object, Paolo Bonzini, 2022/12/09
  - Re: [PATCH 12/30] modinfo: lookup compile_commands.json by object, Marc-André Lureau, 2022/12/12
- [PATCH 28/30] docs: update build system docs, Paolo Bonzini, 2022/12/09
  - Re: [PATCH 28/30] docs: update build system docs, Marc-André Lureau, 2022/12/12
- [PATCH 21/30] build: move sanitizer tests to meson, Paolo Bonzini, 2022/12/09
  - Re: [PATCH 21/30] build: move sanitizer tests to meson, Marc-André Lureau, 2022/12/12

Prev by Date: Re: [PATCH v13 0/7] s390x: CPU Topology
Next by Date: Re: [PATCH v13 1/7] s390x/cpu topology: Creating CPU topology device
Previous by thread: Re: [PATCH 06/30] meson: tweak hardening options for Windows
Next by thread: Re: [PATCH 06/30] meson: tweak hardening options for Windows
Index(es):
- Date
- Thread