Project

General

Profile

Actions
Copy link

Bug #36316

closed

No linker time hardening in ceph rpm builds

Added by Boris Ranto over 5 years ago. Updated over 5 years ago.

Status:
Resolved
Priority:
High
Assignee:
Boris Ranto
Category:
rpm
Target version:
-
% Done:

0%

Source:
Tags:
Backport:
mimic luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

Currently, we do pass the hardened CFLAGS and CPPFLAGS when building the
code. However, we do not pass the hardened flags to the linker. This
means that the binaries are linked without the options like -Wl,-z,now.
As a result, we do not fully harden the binaries that we build.

Related issues 2 (0 open2 closed)

Copied to devops - Backport #36391: luminous: No linker time hardening in ceph rpm buildsResolvedPrashant DActions
Copied to devops - Backport #36392: mimic: No linker time hardening in ceph rpm buildsResolvedPrashant DActions
Actions
Copy link
 #2

Updated by Kefu Chai over 5 years ago

  • Status changed from Fix Under Review to Resolved
Actions
Copy link
 #3

Updated by Nathan Cutler over 5 years ago

  • Status changed from Resolved to Pending Backport
Actions
Copy link
 #4

Updated by Nathan Cutler over 5 years ago

  • Copied to Backport #36391: luminous: No linker time hardening in ceph rpm builds added
Actions
Copy link
 #5

Updated by Nathan Cutler over 5 years ago

  • Copied to Backport #36392: mimic: No linker time hardening in ceph rpm builds added
Actions
Copy link
 #6

Updated by Nathan Cutler over 5 years ago

  • Status changed from Pending Backport to Resolved
Actions
Copy link

Also available in: Atom PDF