[04/14,v7] Mark all machinery needed in early static-link init as -fno-stack-protector.
Commit Message
From: Nick Alcock <nick.alcock@oracle.com>
The startup code in csu/, brk() and sbrk(), and the
__pthread_initialize_tcb_internal() function we just introduced are
needed very early in initialization of a statically-linked program,
before the stack guard is initialized. Mark all of these as
-fno-stack-protector.
We also finally introduce @libc_cv_ssp@ and @no_stack_protector@, both
substituted by the configury changes made earlier, to detect the case
when -fno-stack-protector is supported by the compiler, and
unconditionally pass it in when this is the case, whether or not
--enable-stack-protector is passed to configure. (This means that
it'll even work when the compiler's been hacked to pass
-fstack-protector by default, unless the hackage is so broken that
it does so in a way that is impossible to override.)
(At one point we marked __libc_fatal() as non-stack-protected too,
but this was pointless: all it did was call other routines which *are*
stack-protected. The earliest __libc_fatal() call is in the
DL_SYSDEP_OSCHECK hook on some platforms, when statically linking:
this is fine, since it is after TLS and stack-canary initialization.
I have tested invocation of programs statically and dynamically
linked against this glibc on older kernels on x86 and ARM, and they
still "work", i.e. fail with the appropriate message.)
v2: No longer mark memcpy() as -fno-stack-protector.
v3: Use $(no-stack-protector).
v4: Use inhibit_stack_protector rather than de-protecting all of nptl-init.c.
v5: Don't stack-protect brk() and sbrk() in the shared library.
v7: Add comment in misc/Makefile. Commit message tweak.
* config.make.in (have-ssp): New.
(no-stack-protector): New.
* csu/Makefile (CFLAGS-.o): Use it.
(CFLAGS-.og): Likewise.
(CFLAGS-.op): Likewise.
(CFLAGS-.os): Likewise.
* misc/Makefile (CFLAGS-sbrk.o): Likewise.
(CFLAGS-sbrk.op): Likewise.
(CFLAGS-sbrk.og): Likewise.
(CFLAGS-brk.o): Likewise.
(CFLAGS-brk.op): Likewise.
(CFLAGS-brk.og): Likewise.
* nptl/nptl-init.c [!SHARED] (__pthread_initialize_tcb_internal):
Likewise.
---
config.make.in | 2 ++
csu/Makefile | 5 +++++
misc/Makefile | 9 +++++++++
nptl/nptl-init.c | 1 +
4 files changed, 17 insertions(+)
Comments
On 06/07/2016 01:06 PM, Nix wrote:
> The startup code in csu/, brk() and sbrk(), and the
> __pthread_initialize_tcb_internal() function we just introduced are
> needed very early in initialization of a statically-linked program,
> before the stack guard is initialized. Mark all of these as
> -fno-stack-protector.
I think the problem is that the TCB is not initialized, which contains
the stack guard on some architectures, as explained in other commits.
The change itself looks good to me.
Florian
@@ -55,7 +55,9 @@ with-fp = @with_fp@
enable-timezone-tools = @enable_timezone_tools@
unwind-find-fde = @libc_cv_gcc_unwind_find_fde@
have-fpie = @libc_cv_fpie@
+have-ssp = @libc_cv_ssp@
stack-protector = @stack_protector@
+no-stack-protector = @no_stack_protector@
have-selinux = @have_selinux@
have-libaudit = @have_libaudit@
have-libcap = @have_libcap@
@@ -45,6 +45,11 @@ before-compile += $(objpfx)version-info.h
tests := tst-empty tst-atomic tst-atomic-long
tests-static := tst-empty
+CFLAGS-.o += $(no-stack-protector)
+CFLAGS-.og += $(no-stack-protector)
+CFLAGS-.op += $(no-stack-protector)
+CFLAGS-.os += $(no-stack-protector)
+
ifeq (yes,$(build-shared))
extra-objs += S$(start-installed-name) gmon-start.os
ifneq ($(start-installed-name),$(static-start-installed-name))
@@ -99,6 +99,15 @@ CFLAGS-getusershell.c = -fexceptions
CFLAGS-err.c = -fexceptions
CFLAGS-tst-tsearch.c = $(stack-align-test-flags)
+# Called during static library initialization, so turn stack-protection
+# off for non-shared builds.
+CFLAGS-sbrk.o = $(no-stack-protector)
+CFLAGS-sbrk.op = $(no-stack-protector)
+CFLAGS-sbrk.og = $(no-stack-protector)
+CFLAGS-brk.o = $(no-stack-protector)
+CFLAGS-brk.op = $(no-stack-protector)
+CFLAGS-brk.og = $(no-stack-protector)
+
include ../Rules
$(objpfx)libg.a: $(dep-dummy-lib); $(make-dummy-lib)
@@ -298,6 +298,7 @@ static bool __nptl_initial_report_events __attribute_used__;
#ifndef SHARED
void
+inhibit_stack_protector
__pthread_initialize_tcb_internal (void)
{
/* Unlike in the dynamically linked case the dynamic linker has not