[libc] enable stack protectors and frame pointers on default (#86288)

Author: SchrodingerZhu

libc/cmake/modules/LLVMLibCCompileOptionRules.cmake

@@ -60,6 +60,15 @@ function(_get_common_compile_options output_var flags)
     if (LIBC_CC_SUPPORTS_PATTERN_INIT)
       list(APPEND compile_options "-ftrivial-auto-var-init=pattern")
     endif()
+    if (LIBC_CONF_KEEP_FRAME_POINTER)
+      list(APPEND compile_options "-fno-omit-frame-pointer")
+      if (LIBC_TARGET_ARCHITECTURE_IS_X86)
+        list(APPEND compile_options "-mno-omit-leaf-frame-pointer")
+      endif()
+    endif()
+    if (LIBC_CONF_ENABLE_STACK_PROTECTOR)
+      list(APPEND compile_options "-fstack-protector-strong")
+    endif()
     list(APPEND compile_options "-Wall")
     list(APPEND compile_options "-Wextra")
     # -DLIBC_WNO_ERROR=ON if you can't build cleanly with -Werror.

libc/config/config.json

@@ -30,5 +30,15 @@
       "value": false,
       "doc": "Inserts prefetch for write instructions (PREFETCHW) for memset on x86 to recover performance when hardware prefetcher is disabled."
     }
+  },
+  "codegen": {
+    "LIBC_CONF_KEEP_FRAME_POINTER": {
+      "value": true,
+      "doc": "Keep frame pointer in functions for better debugging experience."
+    },
+    "LIBC_CONF_ENABLE_STRONG_STACK_PROTECTOR": {
+      "value": true,
+      "doc": "Enable -fstack-protector-strong to defend against stack smashing attack."
+    }
   }
 }

libc/docs/configure.rst

@@ -25,6 +25,9 @@ See the main ``config/config.json``, and the platform and architecture specific
 overrides in ``config/<platform>/config.json`` and ``config/<platform>/<arch>/config.json,``
 to learn about the defaults for your platform and target.
 
+* **"codegen" options**
+    - ``LIBC_CONF_ENABLE_STRONG_STACK_PROTECTOR``: Enable -fstack-protector-strong to defend against stack smashing attack.
+    - ``LIBC_CONF_KEEP_FRAME_POINTER``: Keep frame pointer in functions for better debugging experience.
 * **"printf" options**
     - ``LIBC_CONF_PRINTF_DISABLE_FIXED_POINT``: Disable printing fixed point values in printf and friends.
     - ``LIBC_CONF_PRINTF_DISABLE_FLOAT``: Disable printing floating point values in printf and friends.

utils/bazel/llvm-project-overlay/libc/libc_build_rules.bzl

@@ -78,7 +78,6 @@ def libc_function(
                      its deps.
       **kwargs: Other attributes relevant for a cc_library. For example, deps.
     """
-
     # We use the explicit equals pattern here because append and += mutate the
     # original list, where this creates a new list and stores it in deps.
     copts = copts or []
@@ -87,7 +86,15 @@ def libc_function(
         "-fno-builtin",
         "-fno-lax-vector-conversions",
         "-ftrivial-auto-var-init=pattern",
+        "-fno-omit-frame-pointer",
+        "-fstack-protector-strong",
     ]
+    # x86 targets have -mno-omit-leaf-frame-pointer.
+    platform_copts = selects.with_or({
+        PLATFORM_CPU_X86_64: ["-mno-omit-leaf-frame-pointer"],
+        "//conditions:default": []
+    })
+    copts = copts + platform_copts
 
     # We compile the code twice, the first target is suffixed with ".__internal__" and contains the
     # C++ functions in the "LIBC_NAMESPACE" namespace. This allows us to test the function in the