[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 12/24] meson: tweak hardening options for Windows
|
From: |
Paolo Bonzini |
|
Subject: |
[PULL 12/24] meson: tweak hardening options for Windows |
|
Date: |
Wed, 21 Dec 2022 19:01:29 +0100 |
meson.build has been enabling ASLR _only_ for debug builds since
commit d2147e04f95f ("configure: move Windows flags detection to meson",
2022-05-07); instead it was supposed to disable it for debug builds.
However, the flag has been enabled for DLLs upstream for roughly 2
years (https://sourceware.org/bugzilla/show_bug.cgi?id=19011), and
also by some distros including Debian for 6 years even
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836365).
Enable it unconditionally; we can fix the reversed logic of commit
d2147e04f95f later if there are any reports, but for now just
enable the hardening.
Also add -Wl,--high-entropy-va, which also controls ASLR.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
meson.build | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/meson.build b/meson.build
index 5c6b5a1c757f..d61c7a82f112 100644
--- a/meson.build
+++ b/meson.build
@@ -193,10 +193,7 @@ qemu_ldflags +=
cc.get_supported_link_arguments('-Wl,-z,relro', '-Wl,-z,now')
if targetos == 'windows'
qemu_ldflags += cc.get_supported_link_arguments('-Wl,--no-seh',
'-Wl,--nxcompat')
- # Disable ASLR for debug builds to allow debugging with gdb
- if get_option('optimization') == '0'
- qemu_ldflags += cc.get_supported_link_arguments('-Wl,--dynamicbase')
- endif
+ qemu_ldflags += cc.get_supported_link_arguments('-Wl,--dynamicbase',
'-Wl,--high-entropy-va')
endif
if get_option('gprof')
--
2.38.1
- [PULL 01/24] typedefs: Forward-declare AccelState, (continued)
- [PULL 01/24] typedefs: Forward-declare AccelState, Paolo Bonzini, 2022/12/21
- [PULL 04/24] util/log: Always send errors to logfile when daemonized, Paolo Bonzini, 2022/12/21
- [PULL 05/24] ide: Add 8-bit data mode, Paolo Bonzini, 2022/12/21
- [PULL 06/24] ide: Add "ide-cf" driver, a CompactFlash card, Paolo Bonzini, 2022/12/21
- [PULL 08/24] configure: remove dead function, Paolo Bonzini, 2022/12/21
- [PULL 10/24] configure: preserve qemu-ga variables, Paolo Bonzini, 2022/12/21
- [PULL 02/24] hw: Reduce "qemu/accel.h" inclusion, Paolo Bonzini, 2022/12/21
- [PULL 07/24] configure: remove useless write_c_skeleton, Paolo Bonzini, 2022/12/21
- [PULL 11/24] configure: remove backwards-compatibility and obsolete options, Paolo Bonzini, 2022/12/21
- [PULL 09/24] configure: cleanup $cpu tests, Paolo Bonzini, 2022/12/21
- [PULL 12/24] meson: tweak hardening options for Windows,
Paolo Bonzini <=
- [PULL 13/24] meson: cleanup dummy-cpus.c rules, Paolo Bonzini, 2022/12/21
- [PULL 14/24] tests/qapi-schema: remove Meson workaround, Paolo Bonzini, 2022/12/21
- [PULL 15/24] configure: test all warnings, Paolo Bonzini, 2022/12/21
- [PULL 16/24] meson: support meson 0.64 -Doptimization=plain, Paolo Bonzini, 2022/12/21
- [PULL 17/24] meson: cleanup compiler detection, Paolo Bonzini, 2022/12/21
- [PULL 19/24] docs: do not talk about past removal as happening in the future, Paolo Bonzini, 2022/12/21
- [PULL 21/24] util: remove support for hex numbers with a scaling suffix, Paolo Bonzini, 2022/12/21
- [PULL 23/24] target/i386: Add SGX aex-notify and EDECCSSA support, Paolo Bonzini, 2022/12/21
- [PULL 20/24] KVM: remove support for kernel-irqchip=off, Paolo Bonzini, 2022/12/21
- [PULL 18/24] meson: accept relative symlinks in "meson introspect --installed" data, Paolo Bonzini, 2022/12/21