| blob | 260a0b8281f5d9dcdd5f694335e16518cdeee7aa |
1 From 75c02a21f954574675020e1d76391b4896211fc7 Mon Sep 17 00:00:00 2001
2 From: Evangelos Foutras <evangelos@foutrelis.com>
3 Date: Sun, 24 Apr 2022 06:29:44 +0300
4 Subject: [PATCH] Enable -fstack-protector-strong by default
6 ---
7 clang/lib/Driver/ToolChains/Linux.h | 5 +++++
8 clang/test/Driver/fsanitize.c | 6 +++---
9 clang/test/Driver/stack-protector.c | 4 ++--
10 3 files changed, 10 insertions(+), 5 deletions(-)
12 diff --git a/clang/lib/Driver/ToolChains/Linux.h b/clang/lib/Driver/ToolChains/Linux.h
13 index a5648d79d655..3c4546cb9204 100644
14 --- a/clang/lib/Driver/ToolChains/Linux.h
15 +++ b/clang/lib/Driver/ToolChains/Linux.h
16 @@ -10,6 +10,7 @@
17 #define LLVM_CLANG_LIB_DRIVER_TOOLCHAINS_LINUX_H
19 #include "Gnu.h"
20 +#include "clang/Basic/LangOptions.h"
21 #include "clang/Driver/ToolChain.h"
23 namespace clang {
24 @@ -46,6 +47,10 @@ public:
25 IsAArch64OutlineAtomicsDefault(const llvm::opt::ArgList &Args) const override;
26 bool isPIEDefault(const llvm::opt::ArgList &Args) const override;
27 bool IsMathErrnoDefault() const override;
28 + LangOptions::StackProtectorMode
29 + GetDefaultStackProtectorLevel(bool KernelOrKext) const override {
30 + return LangOptions::SSPStrong;
31 + }
32 SanitizerMask getSupportedSanitizers() const override;
33 void addProfileRTLibs(const llvm::opt::ArgList &Args,
34 llvm::opt::ArgStringList &CmdArgs) const override;
35 diff --git a/clang/test/Driver/fsanitize.c b/clang/test/Driver/fsanitize.c
36 index 17fce1981eea..a732d29b7688 100644
37 --- a/clang/test/Driver/fsanitize.c
38 +++ b/clang/test/Driver/fsanitize.c
39 @@ -666,12 +666,12 @@
40 // RUN: %clang -fno-sanitize=safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=NOSP
41 // NOSP-NOT: "-fsanitize=safe-stack"
43 -// RUN: %clang -target x86_64-linux-gnu -fsanitize=safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=NO-SP
44 +// RUN: %clang -target x86_64-linux-gnu -fsanitize=safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=SP
45 // RUN: %clang -target x86_64-linux-gnu -fsanitize=address,safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=SP-ASAN
46 // RUN: %clang -target x86_64-linux-gnu -fstack-protector -fsanitize=safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=SP
47 // RUN: %clang -target x86_64-linux-gnu -fsanitize=safe-stack -fstack-protector-all -### %s 2>&1 | FileCheck %s -check-prefix=SP
48 -// RUN: %clang -target arm-linux-androideabi -fsanitize=safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=NO-SP
49 -// RUN: %clang -target aarch64-linux-android -fsanitize=safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=NO-SP
50 +// RUN: %clang -target arm-linux-androideabi -fsanitize=safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=SP
51 +// RUN: %clang -target aarch64-linux-android -fsanitize=safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=SP
52 // RUN: %clang -target i386-contiki-unknown -fsanitize=safe-stack -### %s 2>&1 | FileCheck %s -check-prefix=NO-SP
53 // NO-SP-NOT: stack-protector
54 // NO-SP: "-fsanitize=safe-stack"
55 diff --git a/clang/test/Driver/stack-protector.c b/clang/test/Driver/stack-protector.c
56 index a3e40b50eed8..dfffe0d6cf85 100644
57 --- a/clang/test/Driver/stack-protector.c
58 +++ b/clang/test/Driver/stack-protector.c
59 @@ -3,11 +3,11 @@
60 // NOSSP-NOT: "-stack-protector-buffer-size"
62 // RUN: %clang -target i386-unknown-linux -fstack-protector -### %s 2>&1 | FileCheck %s -check-prefix=SSP
63 -// SSP: "-stack-protector" "1"
64 +// SSP: "-stack-protector" "2"
65 // SSP-NOT: "-stack-protector-buffer-size"
67 // RUN: %clang -target i386-unknown-linux -fstack-protector --param ssp-buffer-size=16 -### %s 2>&1 | FileCheck %s -check-prefix=SSP-BUF
68 -// SSP-BUF: "-stack-protector" "1"
69 +// SSP-BUF: "-stack-protector" "2"
70 // SSP-BUF: "-stack-protector-buffer-size" "16"
72 // RUN: %clang -target i386-pc-openbsd -### %s 2>&1 | FileCheck %s -check-prefix=OPENBSD