Meson: Revert "Full RELRO" since it breaks auth backends

author Fred Morcos <fred.morcos@open-xchange.com>

Thu, 28 Sep 2023 20:16:42 +0000 (22:16 +0200)

committer Fred Morcos <fred.morcos@open-xchange.com>

Wed, 20 Mar 2024 12:28:51 +0000 (13:28 +0100)
author Fred Morcos <fred.morcos@open-xchange.com>
Thu, 28 Sep 2023 20:16:42 +0000 (22:16 +0200)
committer Fred Morcos <fred.morcos@open-xchange.com>
Wed, 20 Mar 2024 12:28:51 +0000 (13:28 +0100)
diff --git a/meson/hardening/meson.build b/meson/hardening/meson.build

index 2a0bc15bad1f6b30c009eea9ec09637c73d3b4cf..dd4e8dd17a99bfe7433e6f49f81a134a754751c2 100644 (file)
--- a/meson/hardening/meson.build
+++ b/meson/hardening/meson.build
@@ -1,4 +1,5 @@
  opt_hardening = get_option('hardening')
+
  if opt_hardening.enabled() or opt_hardening.auto()
    hardening_features = []
  
@@ -24,26 +25,7 @@ if opt_hardening.enabled() or opt_hardening.auto()
        if opt_hardening.auto()
          warning(name + ' is disabled or not supported')
        else
-        error('Failing because ' + name + ' is not supported but hardening was requested')
-      endif
-    endif
-  endforeach
-endif
-
-opt_full_hardening = get_option('hardening-full')
-if opt_full_hardening.enabled() or opt_full_hardening.auto()
-  full_hardening_features = []
-  subdir('relro-full')          # Full RELRO
-
-  foreach feature: full_hardening_features
-    available = feature[0]
-    name = feature[1]
-
-    if not available
-      if opt_full_hardening.auto()
-        warning(name + ' is disabled or not supported')
-      else
-        error('Failing because ' + name + ' is not supported but full hardening was requested')
+        error('Failing because ' + name + ' is not supported but hardening was explicitly requested')
        endif
      endif
    endforeach
diff --git a/meson/hardening/relro-full/meson.build b/meson/hardening/relro-full/meson.build

deleted file mode 100644 (file)

index 7773877..0000000
--- a/meson/hardening/relro-full/meson.build
+++ /dev/null
@@ -1,16 +0,0 @@
-have_full_relro = true
-full_variants = [
-  '-Wl,-z,defs',
-  '-Wl,-z,ibt,-z,shstk',
-]
-
-foreach variant: full_variants
-  if cxx.has_link_argument(variant)
-    full_hardening_features += [[true, 'Full RELRO (' + variant + ')']]
-    add_project_link_arguments(variant, language: ['c', 'cpp'])
-  else
-    have_full_relro = false
-  endif
-endforeach
-
-summary('Full RELRO', have_full_relro, bool_yn: true, section: 'Hardening')
diff --git a/meson_options.txt b/meson_options.txt

index 02cc9778da22f7aa80e0dd10cfc7d593099a931a..aa766dd7b65eca871b321ed23708b9f7fa98d5df 100644 (file)
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -1,6 +1,5 @@
  option('lua', type: 'combo', choices: ['auto', 'luajit', 'lua'], value: 'auto', description: 'Lua implementation to use')
  option('hardening', type: 'feature', value: 'auto', description: 'Compiler security checks')
-option('hardening-full', type: 'feature', value: 'auto', description: 'Compiler security checks with a performance penalty')
  option('fortify-source', type: 'combo', choices: ['auto', 'disabled', '1', '2', '3'], value: '2', description: 'Source fortification level')
  option('rng-kiss', type: 'boolean', value: false, description: 'Use the unsafe KISS RNG')
  option('signers-libsodium', type: 'feature', value: 'auto', description: 'Enable libsodium-based signers')
author	Fred Morcos <fred.morcos@open-xchange.com>
	Thu, 28 Sep 2023 20:16:42 +0000 (22:16 +0200)
committer	Fred Morcos <fred.morcos@open-xchange.com>
	Wed, 20 Mar 2024 12:28:51 +0000 (13:28 +0100)
meson/hardening/meson.build		patch \| blob \| blame \| history
meson/hardening/relro-full/meson.build	[deleted file]	patch \| blob \| blame \| history
meson_options.txt		patch \| blob \| blame \| history