packages/grpc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!56 add some secure compilation options

Browse Source 
From: @sherlock2010 
Reviewed-by: @seuzw 
Signed-off-by: @seuzw
This commit is contained in:
openeuler-ci-bot 2022-10-20 09:21:53 +00:00 committed by Gitee
commit cf73d65679
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
add-secure-compile-option-in-Makefile.patch
View File

@ -8,9 +8,9 @@ diff -urN grpc/CMakeLists.txt grpc_new/CMakeLists.txt
endif() endif()
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_gRPC_C_CXX_FLAGS}") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_gRPC_C_CXX_FLAGS}")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${_gRPC_C_CXX_FLAGS}") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${_gRPC_C_CXX_FLAGS}")
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wl,-z,now -fPIE -fPIC") +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wl,-z,relro -Wl,-z,now -fPIE -fPIC -fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -O2")
+set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wl,-z,now -fstack-protector-strong") +set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wl,-z,relro -Wl,-z,now -fPIE -fPIC -fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -O2")
+set(_gRPC_ALLTARGETS_LIBRARYIES "${_gRPC_ALLTARGETS_LIBRARYIES} -Wl,-z,now -pie") +set(_gRPC_ALLTARGETS_LIBRARYIES "${_gRPC_ALLTARGETS_LIBRARYIES} -Wl,-z,relro -Wl,-z,now -pie")
if(gRPC_USE_PROTO_LITE) if(gRPC_USE_PROTO_LITE)
set(_gRPC_PROTOBUF_LIBRARY_NAME "libprotobuf-lite") set(_gRPC_PROTOBUF_LIBRARY_NAME "libprotobuf-lite")
@ -23,9 +23,9 @@ index 6ede6e34d2..d6190ecde4 100644
DEFINES += $(EXTRA_DEFINES) DEFINES += $(EXTRA_DEFINES)
LDLIBS += $(EXTRA_LDLIBS) LDLIBS += $(EXTRA_LDLIBS)
+CFLAGS += -Wl,-z,now -fPIE -fPIC +CFLAGS += -Wl,-z,relro -Wl,-z,now -fPIE -fPIC -fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -O2
+CPPFLAGS += -Wl,-z,now -fstack-protector-strong +CPPFLAGS += -Wl,-z,relro -Wl,-z,now -fPIE -fPIC -fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -O2
+LDFLAGS += -Wl,-z,now -pie +LDFLAGS += -Wl,-z,relro -Wl,-z,now -pie
+ +
HOST_CPPFLAGS += $(CPPFLAGS) HOST_CPPFLAGS += $(CPPFLAGS)
HOST_CFLAGS += $(CFLAGS) HOST_CFLAGS += $(CFLAGS)

11
grpc.spec
View File

@ -1,6 +1,6 @@
Name: grpc Name: grpc
Version: 1.31.0 Version: 1.31.0
Release: 6 Release: 7
Summary: A modern, open source high performance RPC framework that can run in any environment Summary: A modern, open source high performance RPC framework that can run in any environment
License: ASL 2.0 License: ASL 2.0
URL: https://www.grpc.io URL: https://www.grpc.io
@ -77,7 +77,8 @@ cmake ../../ -DgRPC_INSTALL=ON\
-DgRPC_INSTALL_SHAREDIR=%{buildroot}%{_datadir}/%{name} \ -DgRPC_INSTALL_SHAREDIR=%{buildroot}%{_datadir}/%{name} \
-DgRPC_INSTALL_PKGCONFIGDIR=%{buildroot}%{_libdir}/pkgconfig \ -DgRPC_INSTALL_PKGCONFIGDIR=%{buildroot}%{_libdir}/pkgconfig \
-DCMAKE_INSTALL_PREFIX=%{_prefix} \ -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DBUILD_SHARED_LIBS=ON -DBUILD_SHARED_LIBS=ON \
-DCMAKE_VERBOSE_MAKEFILE=ON
make -j24 V=1 make -j24 V=1
# build python module # build python module
@ -126,6 +127,12 @@ cd ../..
%{python3_sitearch}/grpcio-%{version}-py?.?.egg-info %{python3_sitearch}/grpcio-%{version}-py?.?.egg-info
%changelog %changelog
* Thu Oct 20 2022 zhouyihang <zhouyihang3@h-partners.com> - 1.31.0-7
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:add some secure compilation options
* Tue Oct 11 2022 gaihuiying <eaglegai@163.com> - 1.31.0-6 * Tue Oct 11 2022 gaihuiying <eaglegai@163.com> - 1.31.0-6
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA