HomePhabricator
Diffusion Bitcoin ABC 894376aa8c6e

build: add -fcf-protection=full to hardening options and test for control flow…
894376aa8c6e
Actions

Description

build: add -fcf-protection=full to hardening options and test for control flow instrumentation

Summary:

build: add -fcf-protection=full to hardening options

Enables code instrumentation of control-flow transfers. Available in
GCC 8 and Clang 7.

This option is now on by default in Ubuntu GCC as of 19.10.

This is a backport of core#18921, core#21889, core#23535 and core#23839
https://github.com/bitcoin/bitcoin/pull/18921/commits/076183b36b76a11438463883ff916f17aef9e001

Test Plan: guix build and gitian builds

Reviewers: #bitcoin_abc, Fabien

Reviewed By: #bitcoin_abc, Fabien

Subscribers: Fabien

Differential Revision: https://reviews.bitcoinabc.org/D14008

Details

Provenance
PiRKAuthored on Jun 8 2023, 06:02
PiRKPushed on Jun 8 2023, 15:58
Reviewer
Restricted Project
Differential Revision
D14008: build: add -fcf-protection=full to hardening options and test for control flow instrumentation
Parents
rABC428a0842939c: [ecash-script] Add unit tests to CI
Branches
Unknown
Tags
Unknown

Changes (3)

PathSize
contrib/
devtools/
src/

rABC894376aa8c6e

View Options

contrib/devtools/security-check.py

Loading...
View Options

contrib/devtools/test-security-check.py

Loading...
View Options

src/CMakeLists.txt

Loading...