From d848ef6daeecc9cba31a98ea6b225da35e3a221a Mon Sep 17 00:00:00 2001 From: Fred Morcos Date: Wed, 16 Aug 2023 12:01:28 +0200 Subject: [PATCH] Meson: Cleanup hardening modules --- meson/hardening/fortify-source/meson.build | 17 +++++++++-------- meson/hardening/global-offset-table/meson.build | 3 --- meson/hardening/meson.build | 3 +-- meson/hardening/stack-prot/meson.build | 3 --- meson/hardening/stack-smashing-prot/meson.build | 3 --- 5 files changed, 10 insertions(+), 19 deletions(-) diff --git a/meson/hardening/fortify-source/meson.build b/meson/hardening/fortify-source/meson.build index 2f260cc414..043ffcde4b 100644 --- a/meson/hardening/fortify-source/meson.build +++ b/meson/hardening/fortify-source/meson.build @@ -1,9 +1,8 @@ -# Fortify Source -# Inputs: hardening_features - fortify_source_opt = get_option('fortify-source') +fortify_source = fortify_source_opt != 'disabled' +fortify_source_level = 0 -if fortify_source_opt != 'disabled' +if fortify_source fortify_source_level = 2 if fortify_source_opt == 'auto' fortify_source_level = 3 @@ -24,10 +23,12 @@ if fortify_source_opt != 'disabled' endif endforeach - if fortify_source_level == 0 - fortify_source_level = 'no' - endif - hardening_features += [[fortify_source_level != 0, 'Source Fortification']] +endif + +fortify_source = fortify_source and fortify_source_level != 0 +summary('Source Fortification', fortify_source, bool_yn: true, section: 'Hardening') + +if fortify_source summary('Source Fortification Level', fortify_source_level, section: 'Hardening') endif diff --git a/meson/hardening/global-offset-table/meson.build b/meson/hardening/global-offset-table/meson.build index 25622d6b70..a9754e5c97 100644 --- a/meson/hardening/global-offset-table/meson.build +++ b/meson/hardening/global-offset-table/meson.build @@ -1,6 +1,3 @@ -# Read-only Global Offset Table -# Inputs: hardening_features - ld_help = run_command(cxx, '-Wl,-help', check: true).stdout().strip() variants = ['relro', 'now'] found_variant = false diff --git a/meson/hardening/meson.build b/meson/hardening/meson.build index eeb31c86a4..c7b1f49d5b 100644 --- a/meson/hardening/meson.build +++ b/meson/hardening/meson.build @@ -1,4 +1,3 @@ -# Hardening opt_hardening = get_option('hardening') if opt_hardening.enabled() or opt_hardening.auto() @@ -10,7 +9,7 @@ if opt_hardening.enabled() or opt_hardening.auto() error('Hardening was requested but building position independent executables is disabled') endif hardening_features += [[opt_pie, 'Building position independent executables (PIEs)']] - conf.set10('PIE', opt_pie, description: 'Whether we enable building a Position Independent Executable (PIE)') + conf.set('PIE', opt_pie, description: 'Build a Position Independent Executable (PIE)') summary('PIE', opt_pie, bool_yn: true, section: 'Hardening') subdir('stack-prot') # Stack Protector diff --git a/meson/hardening/stack-prot/meson.build b/meson/hardening/stack-prot/meson.build index bede72a305..33b8b56435 100644 --- a/meson/hardening/stack-prot/meson.build +++ b/meson/hardening/stack-prot/meson.build @@ -1,6 +1,3 @@ -# Stack Protector -# Inputs: hardening_features - support_stack_protector = cxx.has_argument('-fstack-protector') if support_stack_protector diff --git a/meson/hardening/stack-smashing-prot/meson.build b/meson/hardening/stack-smashing-prot/meson.build index 7a529a60ca..0baa5018c9 100644 --- a/meson/hardening/stack-smashing-prot/meson.build +++ b/meson/hardening/stack-smashing-prot/meson.build @@ -1,6 +1,3 @@ -# Stack-smashing Protection -# Inputs: hardening_features - support_stack_smashing_protector = cxx.has_argument('--param=ssp-buffer-size=4') if support_stack_smashing_protector add_global_arguments('--param=ssp-buffer-size=4', language: ['c', 'cpp']) -- 2.47.2