GCC Preparing To Introduce "-fhardened" Security Hardening Option
Following discussions among compiler developers and other stakeholders, the GNU Compiler Collection (GCC) is preparing to add a "-fhardened" compiler option that will enable various hardening features aimed at increasing the security/robustness of the generated binaries.
Since last month has been a discussion over adding a generic "hardening" option to improve the security of generated binaries via various hardening options that are already available but may not be in use by all projects -- either for not knowing about them, the software not being actively well maintained, or similar factors. So this "-fhardening" option would be an easy way to enable various security hardening options without users/developers having to keep track of the actively growing list of "reasonable" options.
The options considered reasonable for this hardening option cannot impact the application binary interface (ABI), cannot cause "severe" performance issues, and can't cause new build errors.
In a patch now seeking to be merged to GCC 14 Git in the coming days by Red Hat's Marek Polacek, the initial -fhardened options include:
Thus the sole "-fhardened" option enables position independent executables, fortify sources, stack protections, control flow protections, and other common recommended options that are suitable for enabling relatively broadly.
Barring any last minute objections, this -fhardened patch will be merged soon for introduction in the GCC 14.1 stable release due out early next year.
Since last month has been a discussion over adding a generic "hardening" option to improve the security of generated binaries via various hardening options that are already available but may not be in use by all projects -- either for not knowing about them, the software not being actively well maintained, or similar factors. So this "-fhardening" option would be an easy way to enable various security hardening options without users/developers having to keep track of the actively growing list of "reasonable" options.
The options considered reasonable for this hardening option cannot impact the application binary interface (ABI), cannot cause "severe" performance issues, and can't cause new build errors.
In a patch now seeking to be merged to GCC 14 Git in the coming days by Red Hat's Marek Polacek, the initial -fhardened options include:
-D_FORTIFY_SOURCE=3 (or =2 for older glibcs)
-D_GLIBCXX_ASSERTIONS
-ftrivial-auto-var-init=pattern
-fPIE -pie -Wl,-z,relro,-z,now
-fstack-protector-strong
-fstack-clash-protection
-fcf-protection=full (x86 GNU/Linux only)
Thus the sole "-fhardened" option enables position independent executables, fortify sources, stack protections, control flow protections, and other common recommended options that are suitable for enabling relatively broadly.
Barring any last minute objections, this -fhardened patch will be merged soon for introduction in the GCC 14.1 stable release due out early next year.
22 Comments