From 8dd68178e4aac4c3c129265a95f8479ef7f96d79 Mon Sep 17 00:00:00 2001 From: l00846161 Date: Thu, 16 Nov 2023 14:17:54 +0800 Subject: [PATCH] Add safe compilation options Add two options when building rust: strip and stack protector. If set `strip = true`, symbols will be stripped using `-Cstrip=symbols`. Also can set `stack-protector` and stack protectors will be used. --- config.example.toml | 10 ++++++++++ src/bootstrap/src/core/builder.rs | 6 ++++++ src/bootstrap/src/core/config/config.rs | 8 ++++++++ 3 files changed, 24 insertions(+) diff --git a/config.example.toml b/config.example.toml index c91222169d98..49c4ad4c958e 100644 --- a/config.example.toml +++ b/config.example.toml @@ -600,6 +600,16 @@ change-id = 117813 # desired in distributions, for example. #rpath = true +# Indicates whether symbols should be stripped using `-Cstrip=symbols`. +#strip = false + +# Indicates whether stack protectors should be used +# via the unstable option `-Zstack-protector`. +# +# Valid options are : `none`(default),`basic`,`strong`, or `all`. +# `strong` and `basic` options may be buggy and are not recommended, see rust-lang/rust#114903. +#stack-protector = "none" + # Prints each test name as it is executed, to help debug issues in the test harness itself. #verbose-tests = false diff --git a/src/bootstrap/src/core/builder.rs b/src/bootstrap/src/core/builder.rs index 65af2aed6de3..68ab79ccb906 100644 --- a/src/bootstrap/src/core/builder.rs +++ b/src/bootstrap/src/core/builder.rs @@ -1667,6 +1667,12 @@ impl<'a> Builder<'a> { } } + cargo.env(profile_var("STRIP"), self.config.rust_strip.to_string()); + + if let Some(stack_protector) = self.config.rust_stack_protector.to_str() { + rustflags.arg(format!("-Zstack-protector={stack_protector}")); + } + if let Some(host_linker) = self.linker(compiler.host) { hostflags.arg(format!("-Clinker={}", host_linker.display())); } diff --git a/src/bootstrap/src/core/config/config.rs b/src/bootstrap/src/core/config/config.rs index 22e8ce8365b1..84504f087cef 100644 --- a/src/bootstrap/src/core/config/config.rs +++ b/src/bootstrap/src/core/config/config.rs @@ -222,6 +222,8 @@ pub struct Config { pub rust_debuginfo_level_tests: DebuginfoLevel, pub rust_split_debuginfo: SplitDebuginfo, pub rust_rpath: bool, + pub rust_strip: bool, + pub rust_stack_protector: String, pub rustc_parallel: bool, pub rustc_default_linker: Option, pub rust_optimize_tests: bool, @@ -1001,6 +1003,8 @@ define_config! { description: Option = "description", musl_root: Option = "musl-root", rpath: Option = "rpath", + strip: Option = "strip", + stack_protector: Option = "stack-protector", verbose_tests: Option = "verbose-tests", optimize_tests: Option = "optimize-tests", codegen_tests: Option = "codegen-tests", @@ -1069,6 +1073,8 @@ impl Config { config.docs = true; config.docs_minification = true; config.rust_rpath = true; + config.rust_strip = false; + config.rust_stack_protector = "none".to_string(); config.channel = "dev".to_string(); config.codegen_tests = true; config.rust_dist_src = true; @@ -1422,6 +1428,8 @@ impl Config { set(&mut config.rust_optimize_tests, rust.optimize_tests); set(&mut config.codegen_tests, rust.codegen_tests); set(&mut config.rust_rpath, rust.rpath); + set(&mut config.rust_strip, rust.strip); + set(&mut config.rust_stack_protector, rust.stack_protector); set(&mut config.jemalloc, rust.jemalloc); set(&mut config.test_compare_mode, rust.test_compare_mode); set(&mut config.backtrace, rust.backtrace);