Change Details

non backport change: fix identify_executable argument in security-check.py The argument name was wrong, and shown as unused by my IDE. It happenend to work by accident because in the loop where `identify_executable` is called there is a local variable `filename` which happened to be the expected thing. ---- > test: use subprocess.run() in test-security-check.py https://github.com/bitcoin/bitcoin/pull/18434/commits/9fe71a57a6780569e618cf9a8d4f1acf6321017f ---- > build: build Boost with -fcf-protection when targeting Darwin > > The LLVM Clang we use for cross-compilation supports this option, and it's expected > that any builders on macOS will also be using an Apple Clang that supports it. > scripts: test for MACHO control flow instrumentation [[https://github.com/bitcoin/bitcoin/pull/21889 | core#21889]] ---- > build: don't use cf-protection when targeting arm-apple-darwin > > After two reports on IRC of issues building depends on an Apple M1 > machine, it turns out that this option can't be used when targeting > arm-apple-darwin. For now, just use it for x86_64-apple-darwin. > > ```bash > Apple clang version 12.0.5 (clang-1205.0.22.9) > Target: x86_64-apple-darwin20.4.0 > > error: option 'cf-protection=return' cannot be specified on this target > error: option 'cf-protection=branch' cannot be specified on this target > 2 errors generated. > ``` [[https://github.com/bitcoin/bitcoin/pull/22070 | core#22070]] ---- > scripts: prevent GCC optimising test symbols in test-symbol-check > > I noticed in [[https://github.com/bitcoin/bitcoin/pull/22381 | core#22381]] that when the test-symbol-check target was being built with Clang and run in the CI it would fail due to using a too-new version of pow (used here). Our CIs use Focal (glibc 2.31) and the version of pow was the optimized version introduced in glibc 2.29: > > * Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf. > > This made sense, except for that if it was failing when built using Clang, why hadn't it also been failing when being built with GCC? > > Turns out GCC is optimizing away that call to pow at all optimization levels, [[https://github.com/bitcoin/bitcoin/pull/22645 | core#22645]] ---- > build: Use and test PE binutils with --reloc-section > > Also fix test-security-check.py to account for new PE PIE failure > indication. https://github.com/bitcoin/bitcoin/pull/22381/commits/a8127b34bce3597b8091e14057c926197966a234 ---- This fixes TestSecurityChecks.test_PE, I can now make it work on my machine. `contrib/devtools/test-security-check.py TestSecurityChecks.test_PE` This is a backport of core#21889, core#22070 and core#22645, and a partial backport of core#18434 (I didn't do the CI part, as these tests are still not ready) Depends on D13966

non backport changes: - fix identify_executable argument in security-check.py The argument name was wrong, and shown as unused by my IDE. It happenend to work by accident because in the loop where `identify_executable` is called there is a local variable `filename` which happened to be the expected thing. - enable control-flow enforcement in CMakeLists.txt for hardened builds ---- > test: use subprocess.run() in test-security-check.py https://github.com/bitcoin/bitcoin/pull/18434/commits/9fe71a57a6780569e618cf9a8d4f1acf6321017f ---- > build: build Boost with -fcf-protection when targeting Darwin > > The LLVM Clang we use for cross-compilation supports this option, and it's expected > that any builders on macOS will also be using an Apple Clang that supports it. > scripts: test for MACHO control flow instrumentation [[https://github.com/bitcoin/bitcoin/pull/21889 | core#21889]] ---- > build: don't use cf-protection when targeting arm-apple-darwin > > After two reports on IRC of issues building depends on an Apple M1 > machine, it turns out that this option can't be used when targeting > arm-apple-darwin. For now, just use it for x86_64-apple-darwin. > > ```bash > Apple clang version 12.0.5 (clang-1205.0.22.9) > Target: x86_64-apple-darwin20.4.0 > > error: option 'cf-protection=return' cannot be specified on this target > error: option 'cf-protection=branch' cannot be specified on this target > 2 errors generated. > ``` [[https://github.com/bitcoin/bitcoin/pull/22070 | core#22070]] ---- > scripts: prevent GCC optimising test symbols in test-symbol-check > > I noticed in [[https://github.com/bitcoin/bitcoin/pull/22381 | core#22381]] that when the test-symbol-check target was being built with Clang and run in the CI it would fail due to using a too-new version of pow (used here). Our CIs use Focal (glibc 2.31) and the version of pow was the optimized version introduced in glibc 2.29: > > * Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf. > > This made sense, except for that if it was failing when built using Clang, why hadn't it also been failing when being built with GCC? > > Turns out GCC is optimizing away that call to pow at all optimization levels, [[https://github.com/bitcoin/bitcoin/pull/22645 | core#22645]] ---- > build: Use and test PE binutils with --reloc-section > > Also fix test-security-check.py to account for new PE PIE failure > indication. https://github.com/bitcoin/bitcoin/pull/22381/commits/a8127b34bce3597b8091e14057c926197966a234 ---- This fixes TestSecurityChecks.test_PE, I can now make it work on my machine. `contrib/devtools/test-security-check.py TestSecurityChecks.test_PE` This is a backport of core#21889, core#22070 and core#22645, and a partial backport of core#18434 (I didn't do the CI part, as these tests are still not ready) Depends on D13966

non backport change:s: - fix identify_executable argument in security-check.py The argument name was wrong, and shown as unused by my IDE. It happenend to work by accident because in the loop where `identify_executable` is called there is a local variable `filename` which happened to be the expected thing. - enable control-flow enforcement in CMakeLists.txt for hardened builds ---- > test: use subprocess.run() in test-security-check.py https://github.com/bitcoin/bitcoin/pull/18434/commits/9fe71a57a6780569e618cf9a8d4f1acf6321017f ---- > build: build Boost with -fcf-protection when targeting Darwin > > The LLVM Clang we use for cross-compilation supports this option, and it's expected > that any builders on macOS will also be using an Apple Clang that supports it. > scripts: test for MACHO control flow instrumentation [[https://github.com/bitcoin/bitcoin/pull/21889 | core#21889]] ---- > build: don't use cf-protection when targeting arm-apple-darwin > > After two reports on IRC of issues building depends on an Apple M1 > machine, it turns out that this option can't be used when targeting > arm-apple-darwin. For now, just use it for x86_64-apple-darwin. > > ```bash > Apple clang version 12.0.5 (clang-1205.0.22.9) > Target: x86_64-apple-darwin20.4.0 > > error: option 'cf-protection=return' cannot be specified on this target > error: option 'cf-protection=branch' cannot be specified on this target > 2 errors generated. > ``` [[https://github.com/bitcoin/bitcoin/pull/22070 | core#22070]] ---- > scripts: prevent GCC optimising test symbols in test-symbol-check > > I noticed in [[https://github.com/bitcoin/bitcoin/pull/22381 | core#22381]] that when the test-symbol-check target was being built with Clang and run in the CI it would fail due to using a too-new version of pow (used here). Our CIs use Focal (glibc 2.31) and the version of pow was the optimized version introduced in glibc 2.29: > > * Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf. > > This made sense, except for that if it was failing when built using Clang, why hadn't it also been failing when being built with GCC? > > Turns out GCC is optimizing away that call to pow at all optimization levels, [[https://github.com/bitcoin/bitcoin/pull/22645 | core#22645]] ---- > build: Use and test PE binutils with --reloc-section > > Also fix test-security-check.py to account for new PE PIE failure > indication. https://github.com/bitcoin/bitcoin/pull/22381/commits/a8127b34bce3597b8091e14057c926197966a234 ---- This fixes TestSecurityChecks.test_PE, I can now make it work on my machine. `contrib/devtools/test-security-check.py TestSecurityChecks.test_PE` This is a backport of core#21889, core#22070 and core#22645, and a partial backport of core#18434 (I didn't do the CI part, as these tests are still not ready) Depends on D13966