Bug#747213: llvm-toolchain-3.4: Build with the hardening flags
Sylvestre Ledru
sylvestre at debian.org
Tue May 6 11:44:07 UTC 2014
Source: llvm-toolchain-3.4
Severity: wishlist
Hello,
LLVM and Clang are not using hardening flags during the build process.
Lintian shows many warnings:
W: libclang1-3.5: hardening-no-relro usr/lib/x86_64-linux-gnu/libclang-3.5.so.1
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/bugpoint
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llc
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-ar
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-as
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-bcanalyzer
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-config
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-cov
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-diff
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-dis
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-dwarfdump
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-extract
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-link
W: llvm-3.5: hardening-no-relro usr/lib/llvm-3.5/bin/llvm-mc
The idea would be enable them:
https://wiki.debian.org/Hardening
And evaluate the impact on the unit tests (should be minimal).
It should be pretty easy.
Cheers,
Sylvestre
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (900, 'testing'), (600, 'unstable'), (500, 'testing-updates'), (300, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.13-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
More information about the Pkg-llvm-team
mailing list