Open Bug 1610148 Opened 5 years ago Updated 1 month ago

Add /DEPENDENTLOADFLAG linker flag to configure

Tracking

(Not tracked)

Status:

ASSIGNED

People

(Reporter: emk, Assigned: emk)

References

(
URL
)

Details

Attachments

(1 file)

Bug 1610148 - Add -DEPENDENTLOADFLAG:0x800 to DLL link flags. r?#build! 1 month ago Masatoshi Kimura [:emk] 48 bytes, text/x-phabricator-request		Details \| Review

Masatoshi Kimura [:emk]

Assignee

Description

•

5 years ago

This will mitigate DLL preload attacks.

Does lld-link support /DEPENDENTLOADFLAG?

Masatoshi Kimura [:emk]

Assignee

Updated

•

5 years ago

Comment 1

•

5 years ago

(In reply to Masatoshi Kimura [:emk] from comment #0)

Does lld-link support /DEPENDENTLOADFLAG?

It doesn't :(

90:45.38 lld-link: warning: ignoring unknown argument '-DEPENDENTLOADFLAG:0xA00'

Masatoshi Kimura [:emk]

Assignee

Updated

•

5 years ago

See Also: → https://bugs.llvm.org/show_bug.cgi?id=44590

Masatoshi Kimura [:emk]

Assignee

Comment 2

•

5 years ago

Apparently this option corresponds to IMAGE_LOAD_CONFIG_DIRECTORY.DependentLoadFlags.

Masatoshi Kimura [:emk]

Assignee

Comment 3

•

3 years ago

We can define _load_config_used to customize the IMAGE_LOAD_CONFIG_DIRECTORY structure.

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

nurmukhametov.alex@gmail.com

Comment 4

•

3 months ago

(In reply to Masatoshi Kimura [:emk] from comment #0)

This will mitigate DLL preload attacks.

Does lld-link support /DEPENDENTLOADFLAG?

It supports since LLVM 18.

Masatoshi Kimura [:emk]

Assignee

Comment 5

•

3 months ago

(In reply to nurmukhametov.alex@gmail.com from comment #4)

(In reply to Masatoshi Kimura [:emk] from comment #0)

This will mitigate DLL preload attacks.

Does lld-link support /DEPENDENTLOADFLAG?

It supports since LLVM 18.

Great news!

Depends on: clang-18

Masatoshi Kimura [:emk]

Assignee

Updated

•

3 months ago

See Also: https://bugs.llvm.org/show_bug.cgi?id=44590 → https://github.com/llvm/llvm-project/issues/43935

Masatoshi Kimura [:emk]

Assignee

Comment 6

•

1 month ago

Attached file Bug 1610148 - Add -DEPENDENTLOADFLAG:0x800 to DLL link flags. r?#build! — Details

We can't add the flag to EXE files unless we fix bug 1733734 or fix bug
1691782 and 1710147.

Phabricator Automation

Updated

•

1 month ago

Assignee: nobody → VYV03354

Status: NEW → ASSIGNED

Pulsebot

Comment 7

•

1 month ago

Pushed by VYV03354@nifty.ne.jp:
https://hg.mozilla.org/integration/autoland/rev/95da9894a2b1
Add -DEPENDENTLOADFLAG:0x800 to DLL link flags. r=firefox-build-system-reviewers,glandium

Aron Cseh

Comment 8

•

1 month ago

•

Edited

Backed out for causing mass failures

Backout link
Push with failures
Failure Log for build bustages on js\src\jit-test\tests\bug1213574.js
Failure Log for mochitest failures on runtests.py
Failure Log for reftest failures on @ mozilla::ipc::UtilityProcessImpl::LoadLibraryOrCrash
Failure Log for wpt failures on testrunner.py
Failure Log for gtest failures on UtilityProcess.LaunchProcess
Failure Log for reftests on None
Failure Log for Xpcshell assertion failures

Flags: needinfo?(VYV03354)

Masatoshi Kimura [:emk]

Assignee

Comment 9

•

1 month ago

Candidates:
js.exe -> mozglue nspr4
pk12util -> nss3 -> mozglue
certutil -> nss3 -> mozglue
mozavcodec -> gkcodecs mozavutil (Fails at LoadLibraryOrCrash)
certutil.exe -> nss3 -> mozglue

Flags: needinfo?(VYV03354)

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Add /DEPENDENTLOADFLAG linker flag to configure

Categories

(Firefox Build System :: General, enhancement)

Tracking

(Not tracked)

People

(Reporter: emk, Assigned: emk)

References

(
URL
)

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Comment 1

Updated

Comment 2

Comment 3

Updated

Comment 4

Comment 5

Updated

Comment 6

Updated

Comment 7

Comment 8

Comment 9

Attachment

General

Description

File Name

Content Type