packages/grpc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!57 add some secure compilation options

Browse Source 
From: @sherlock2010 
Reviewed-by: @seuzw 
Signed-off-by: @seuzw
This commit is contained in:
openeuler-ci-bot 2022-10-24 08:02:57 +00:00 committed by Gitee
commit 8420dddaf5
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
add-secure-compile-option-in-Makefile.patch
View File

@ -8,9 +8,9 @@ diff -urN grpc/CMakeLists.txt grpc_new/CMakeLists.txt
endif() endif()
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_gRPC_C_CXX_FLAGS}") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${_gRPC_C_CXX_FLAGS}")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${_gRPC_C_CXX_FLAGS}") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${_gRPC_C_CXX_FLAGS}")
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wl,-z,now -fPIE -fPIC") +set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wl,-z,relro -Wl,-z,now -fPIE -fPIC -fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -O2")
+set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wl,-z,now -fstack-protector-strong") +set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wl,-z,relro -Wl,-z,now -fPIE -fPIC -fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -O2")
+set(_gRPC_ALLTARGETS_LIBRARYIES "${_gRPC_ALLTARGETS_LIBRARYIES} -Wl,-z,now -pie") +set(_gRPC_ALLTARGETS_LIBRARYIES "${_gRPC_ALLTARGETS_LIBRARYIES} -Wl,-z,relro -Wl,-z,now -pie")
if(gRPC_USE_PROTO_LITE) if(gRPC_USE_PROTO_LITE)
set(_gRPC_PROTOBUF_LIBRARY_NAME "libprotobuf-lite") set(_gRPC_PROTOBUF_LIBRARY_NAME "libprotobuf-lite")
@ -23,9 +23,9 @@ index 6ede6e34d2..d6190ecde4 100644
DEFINES += $(EXTRA_DEFINES) DEFINES += $(EXTRA_DEFINES)
LDLIBS += $(EXTRA_LDLIBS) LDLIBS += $(EXTRA_LDLIBS)
+CFLAGS += -Wl,-z,now -fPIE -fPIC +CFLAGS += -Wl,-z,relro -Wl,-z,now -fPIE -fPIC -fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -O2
+CPPFLAGS += -Wl,-z,now -fstack-protector-strong +CPPFLAGS += -Wl,-z,relro -Wl,-z,now -fPIE -fPIC -fstack-protector-strong -Wp,-D_FORTIFY_SOURCE=2 -O2
+LDFLAGS += -Wl,-z,now -pie +LDFLAGS += -Wl,-z,relro -Wl,-z,now -pie
+ +
HOST_CPPFLAGS += $(CPPFLAGS) HOST_CPPFLAGS += $(CPPFLAGS)
HOST_CFLAGS += $(CFLAGS) HOST_CFLAGS += $(CFLAGS)

11
grpc.spec
View File

@ -3,7 +3,7 @@
Name: grpc Name: grpc
Version: 1.41.1 Version: 1.41.1
Release: 3 Release: 4
Summary: A modern, open source high performance RPC framework that can run in any environment Summary: A modern, open source high performance RPC framework that can run in any environment
License: ASL 2.0 License: ASL 2.0
URL: https://www.grpc.io URL: https://www.grpc.io
@ -76,7 +76,8 @@ cmake ../../ -DgRPC_INSTALL=ON\
-DgRPC_INSTALL_SHAREDIR=%{buildroot}%{_datadir}/%{name} \ -DgRPC_INSTALL_SHAREDIR=%{buildroot}%{_datadir}/%{name} \
-DgRPC_INSTALL_PKGCONFIGDIR=%{buildroot}%{_libdir}/pkgconfig \ -DgRPC_INSTALL_PKGCONFIGDIR=%{buildroot}%{_libdir}/pkgconfig \
-DCMAKE_INSTALL_PREFIX=%{_prefix} \ -DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DBUILD_SHARED_LIBS=ON -DBUILD_SHARED_LIBS=ON \
-DCMAKE_VERBOSE_MAKEFILE=ON
make -j24 V=1 make -j24 V=1
# build python module # build python module
@ -137,6 +138,12 @@ cd ../..
%{python3_sitearch}/grpcio-%{version}-py* %{python3_sitearch}/grpcio-%{version}-py*
%changelog %changelog
* Thu Oct 20 2022 zhouyihang <zhouyihang3@h-partners.com> - 1.41.1-4
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:add some secure compilation options
* Sat Apr 16 2022 xingwei <xingwei14@h-partners.com> - 1.41.1-3 * Sat Apr 16 2022 xingwei <xingwei14@h-partners.com> - 1.41.1-3
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA