Project

General

Profile

Bug #36316

No linker time hardening in ceph rpm builds

Added by Boris Ranto 12 months ago. Updated 8 months ago.

Status:
Resolved
Priority:
High
Assignee:
Category:
rpm
Target version:
-
Start date:
10/04/2018
Due date:
% Done:

0%

Source:
Tags:
Backport:
mimic luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:

Description

Currently, we do pass the hardened CFLAGS and CPPFLAGS when building the
code. However, we do not pass the hardened flags to the linker. This
means that the binaries are linked without the options like -Wl,-z,now.
As a result, we do not fully harden the binaries that we build.


Related issues

Copied to devops - Backport #36391: luminous: No linker time hardening in ceph rpm builds Resolved
Copied to devops - Backport #36392: mimic: No linker time hardening in ceph rpm builds Resolved

History

#2 Updated by Kefu Chai 12 months ago

  • Status changed from Need Review to Resolved

#3 Updated by Nathan Cutler 12 months ago

  • Status changed from Resolved to Pending Backport

#4 Updated by Nathan Cutler 12 months ago

  • Copied to Backport #36391: luminous: No linker time hardening in ceph rpm builds added

#5 Updated by Nathan Cutler 12 months ago

  • Copied to Backport #36392: mimic: No linker time hardening in ceph rpm builds added

#6 Updated by Nathan Cutler 8 months ago

  • Status changed from Pending Backport to Resolved

Also available in: Atom PDF