From 3f8487a0996de85b611b7c10fd5a3f60b10473a6 Mon Sep 17 00:00:00 2001 From: l00846161 Date: Thu, 16 Nov 2023 14:17:54 +0800 Subject: [PATCH] Add safe compilation options Add two options when building rust: strip and stack protector. If set `strip = true`, symbols will be stripped using `-Cstrip=symbols`. Also can set `stack-protector` and stack protectors will be used. --- config.example.toml | 10 ++++++++++ src/bootstrap/src/core/builder.rs | 6 ++++++ src/bootstrap/src/core/config/config.rs | 7 +++++++ 3 files changed, 23 insertions(+) diff --git a/config.example.toml b/config.example.toml index c91222169d9..49c4ad4c958 100644 --- a/config.example.toml +++ b/config.example.toml @@ -600,6 +600,16 @@ change-id = 117813 # desired in distributions, for example. #rpath = true +# Indicates whether symbols should be stripped using `-Cstrip=symbols`. +#strip = false + +# Indicates whether stack protectors should be used +# via the unstable option `-Zstack-protector`. +# +# Valid options are : `none`(default),`basic`,`strong`, or `all`. +# `strong` and `basic` options may be buggy and are not recommended, see rust-lang/rust#114903. +#stack-protector = "none" + # Prints each test name as it is executed, to help debug issues in the test harness itself. #verbose-tests = false diff --git a/src/bootstrap/src/core/builder.rs b/src/bootstrap/src/core/builder.rs index 65af2aed6de..8c73a2ad5c1 100644 --- a/src/bootstrap/src/core/builder.rs +++ b/src/bootstrap/src/core/builder.rs @@ -1667,6 +1667,12 @@ pub fn cargo( } } + cargo.env(profile_var("STRIP"), self.config.rust_strip.to_string()); + + if let Some(stack_protector) = &self.config.rust_stack_protector { + rustflags.arg(&format!("-Zstack-protector={stack_protector}")); + } + if let Some(host_linker) = self.linker(compiler.host) { hostflags.arg(format!("-Clinker={}", host_linker.display())); } diff --git a/src/bootstrap/src/core/config/config.rs b/src/bootstrap/src/core/config/config.rs index 22e8ce8365b..1527cc3e46a 100644 --- a/src/bootstrap/src/core/config/config.rs +++ b/src/bootstrap/src/core/config/config.rs @@ -222,6 +222,8 @@ pub struct Config { pub rust_debuginfo_level_tests: DebuginfoLevel, pub rust_split_debuginfo: SplitDebuginfo, pub rust_rpath: bool, + pub rust_strip: bool, + pub rust_stack_protector: Option, pub rustc_parallel: bool, pub rustc_default_linker: Option, pub rust_optimize_tests: bool, @@ -1001,6 +1003,8 @@ struct Rust { description: Option = "description", musl_root: Option = "musl-root", rpath: Option = "rpath", + strip: Option = "strip", + stack_protector: Option = "stack-protector", verbose_tests: Option = "verbose-tests", optimize_tests: Option = "optimize-tests", codegen_tests: Option = "codegen-tests", @@ -1069,6 +1073,7 @@ pub fn default_opts() -> Config { config.docs = true; config.docs_minification = true; config.rust_rpath = true; + config.rust_strip = false; config.channel = "dev".to_string(); config.codegen_tests = true; config.rust_dist_src = true; @@ -1422,6 +1427,8 @@ fn get_table(option: &str) -> Result { set(&mut config.rust_optimize_tests, rust.optimize_tests); set(&mut config.codegen_tests, rust.codegen_tests); set(&mut config.rust_rpath, rust.rpath); + set(&mut config.rust_strip, rust.strip); + config.rust_stack_protector = rust.stack_protector; set(&mut config.jemalloc, rust.jemalloc); set(&mut config.test_compare_mode, rust.test_compare_mode); set(&mut config.backtrace, rust.backtrace);