From 1ef849c6ec6a4e30badc844371cdf1b9eedfba57 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Mon, 13 Apr 2015 20:13:10 -0400 Subject: [PATCH] allow libc itself to be built with stack protector enabled this was already essentially possible as a result of the previous commits changing the dynamic linker/thread pointer bootstrap process. this commit mainly adds build system infrastructure: configure no longer attempts to disable stack protector. instead it simply determines how so the makefile can disable stack protector for a few translation units used during early startup. stack protector is also disabled for memcpy and memset since compilers (incorrectly) generate calls to them on some archs to implement struct initialization and assignment, and such calls may creep into early initialization. no explicit attempt to enable stack protector is made by configure at this time; any stack protector option supported by the compiler can be passed to configure in CFLAGS, and if the compiler uses stack protector by default, this default is respected. --- Makefile | 7 +++++++ configure | 10 +++++++++- src/env/__stack_chk_fail.c | 10 ++++++++++ 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 02b44f8e..d943988d 100644 --- a/Makefile +++ b/Makefile @@ -97,6 +97,13 @@ $(OPTIMIZE_SRCS:%.c=%.o) $(OPTIMIZE_SRCS:%.c=%.lo): CFLAGS += -O3 MEMOPS_SRCS = src/string/memcpy.c src/string/memmove.c src/string/memcmp.c src/string/memset.c $(MEMOPS_SRCS:%.c=%.o) $(MEMOPS_SRCS:%.c=%.lo): CFLAGS += $(CFLAGS_MEMOPS) +NOSSP_SRCS = $(wildcard crt/*.c) \ + src/env/__libc_start_main.c src/env/__init_tls.c \ + src/thread/__set_thread_area.c src/env/__stack_chk_fail.c \ + src/string/memset.c src/string/memcpy.c \ + src/ldso/dlstart.c src/ldso/dynlink.c +$(NOSSP_SRCS:%.c=%.o) $(NOSSP_SRCS:%.c=%.lo): CFLAGS += $(CFLAGS_NOSSP) + # This incantation ensures that changes to any subarch asm files will # force the corresponding object file to be rebuilt, even if the implicit # rule below goes indirectly through a .sub file. diff --git a/configure b/configure index 7304b132..41a73b46 100755 --- a/configure +++ b/configure @@ -111,6 +111,7 @@ fi CFLAGS_C99FSE= CFLAGS_AUTO= CFLAGS_MEMOPS= +CFLAGS_NOSSP= LDFLAGS_AUTO= OPTIMIZE_GLOBS= prefix=/usr/local/musl @@ -290,6 +291,13 @@ printf "yes\n" CFLAGS_C99FSE="$CFLAGS_C99FSE -D__may_alias__=" fi +# +# Check for options to disable stack protector, which needs to be +# disabled for a few early-bootstrap translation units. If not found, +# this is not an error; we assume the toolchain does not do ssp. +# +tryflag CFLAGS_NOSSP -fno-stack-protector + # # Check for options that may be needed to prevent the compiler from # generating self-referential versions of memcpy,, memmove, memcmp, @@ -408,7 +416,6 @@ tryflag CFLAGS_AUTO -Wno-pointer-to-int-cast fi # Some patched GCC builds have these defaults messed up... -tryflag CFLAGS_AUTO -fno-stack-protector tryldflag LDFLAGS_AUTO -Wl,--hash-style=both test "$shared" = "no" || { @@ -526,6 +533,7 @@ CC = $CC CFLAGS = $CFLAGS_AUTO $CFLAGS CFLAGS_C99FSE = $CFLAGS_C99FSE CFLAGS_MEMOPS = $CFLAGS_MEMOPS +CFLAGS_NOSSP = $CFLAGS_NOSSP CPPFLAGS = $CPPFLAGS LDFLAGS = $LDFLAGS_AUTO $LDFLAGS CROSS_COMPILE = $CROSS_COMPILE diff --git a/src/env/__stack_chk_fail.c b/src/env/__stack_chk_fail.c index cc55460b..1b6a9f82 100644 --- a/src/env/__stack_chk_fail.c +++ b/src/env/__stack_chk_fail.c @@ -16,3 +16,13 @@ void __stack_chk_fail(void) { a_crash(); } + +#ifdef SHARED + +__attribute__((__visibility__("hidden"))) +void __stack_chk_fail_local(void) +{ + a_crash(); +} + +#endif