From patchwork Sat Feb 20 10:23:39 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Nix <nix@esperi.org.uk>
X-Patchwork-Id: 10957
Received: (qmail 12695 invoked by alias); 20 Feb 2016 10:24:01 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-##L=##H@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Delivered-To: mailing list libc-alpha@sourceware.org
Received: (qmail 12590 invoked by uid 89); 20 Feb 2016 10:24:00 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=AWL, BAYES_00,
	KAM_LAZY_DOMAIN_SECURITY,
	RP_MATCHES_RCVD autolearn=no version=3.3.2 spammy=Parts,
	sk:static, sk:static-, 716
X-HELO: mail.esperi.org.uk
From: Nix <nix@esperi.org.uk>
To: libc-alpha@sourceware.org
Cc: carlos@redhat.com
Subject: [PATCH 05/12] Mark all machinery needed in early static-link init
	as -fno-stack-protector.
Date: Sat, 20 Feb 2016 10:23:39 +0000
Message-Id: <1455963826-21885-6-git-send-email-nix@esperi.org.uk>
In-Reply-To: <1455963826-21885-1-git-send-email-nix@esperi.org.uk>
References: <1455963826-21885-1-git-send-email-nix@esperi.org.uk>

From: Nick Alcock <nick.alcock@oracle.com>

The startup code in csu/, brk() and sbrk(), memcpy() and the
__pthread_initialize_tcb_internal() function we just introduced are
needed very early in initialization of a statically-linked program,
before the stack guard is initialized. Mark all of these as
-fno-stack-protector.

We also finally introduce @libc_cv_ssp@, substituted by the configury
changes made much earlier, to detect the case when -fno-stack-protector
is supported by the compiler, and unconditionally pass it in when this
is the case, whether or not --enable-stack-protector is passed to
configure.  (This means that it'll even work when the compiler's been
hacked to pass -fstack-protector by default, unless the hackage is so
broken that it does so in a way that is impossible to override.)

(At one point we marked __libc_fatal() as non-stack-protected too,
but this was pointless: all it did was call other routines which *are*
stack-protected.  I am slightly worried that __libc_fatal() calls from
very early in static binary execution may crash as a result, but I'm
not sure how to test this: booting a very old kernel, perhaps?)
---
 config.make.in  | 1 +
 csu/Makefile    | 7 +++++++
 misc/Makefile   | 6 ++++++
 nptl/Makefile   | 5 +++++
 string/Makefile | 5 +++++
 5 files changed, 24 insertions(+)

diff --git a/config.make.in b/config.make.in
index 05ed6ec..847931f 100644
--- a/config.make.in
+++ b/config.make.in
@@ -55,6 +55,7 @@ with-fp = @with_fp@
 enable-timezone-tools = @enable_timezone_tools@
 unwind-find-fde = @libc_cv_gcc_unwind_find_fde@
 have-fpie = @libc_cv_fpie@
+have-ssp = @libc_cv_ssp@
 stack-protector = @stack_protector@
 have-selinux = @have_selinux@
 have-libaudit = @have_libaudit@
diff --git a/csu/Makefile b/csu/Makefile
index 31e8bb9..8d7cbb5 100644
--- a/csu/Makefile
+++ b/csu/Makefile
@@ -45,6 +45,13 @@ before-compile += $(objpfx)version-info.h
 tests := tst-empty tst-atomic tst-atomic-long
 tests-static := tst-empty
 
+ifeq ($(have-ssp),yes)
+CFLAGS-.o += -fno-stack-protector
+CFLAGS-.og += -fno-stack-protector
+CFLAGS-.op += -fno-stack-protector
+CFLAGS-.os += -fno-stack-protector
+endif
+
 ifeq (yes,$(build-shared))
 extra-objs += S$(start-installed-name) gmon-start.os
 ifneq ($(start-installed-name),$(static-start-installed-name))
diff --git a/misc/Makefile b/misc/Makefile
index d7bbc85..ba5c5d0 100644
--- a/misc/Makefile
+++ b/misc/Makefile
@@ -99,6 +99,12 @@ CFLAGS-getusershell.c = -fexceptions
 CFLAGS-err.c = -fexceptions
 CFLAGS-tst-tsearch.c = $(stack-align-test-flags)
 
+ifeq ($(have-ssp),yes)
+# Called during static library initialization.
+CFLAGS-sbrk.c = -fno-stack-protector
+CFLAGS-brk.c = -fno-stack-protector
+endif
+
 include ../Rules
 
 $(objpfx)libg.a: $(dep-dummy-lib); $(make-dummy-lib)
diff --git a/nptl/Makefile b/nptl/Makefile
index dc3ccab..a1d52a2 100644
--- a/nptl/Makefile
+++ b/nptl/Makefile
@@ -327,6 +327,11 @@ tests += tst-execstack
 endif
 endif
 
+ifeq ($(have-ssp),yes)
+# Parts of nptl-init.c are called before the stack guard is initialized.
+CFLAGS-nptl-init.c += -fno-stack-protector
+endif
+
 modules-names = tst-atfork2mod tst-tls3mod tst-tls4moda tst-tls4modb \
 		tst-tls5mod tst-tls5moda tst-tls5modb tst-tls5modc \
 		tst-tls5modd tst-tls5mode tst-tls5modf tst-stack4mod \
diff --git a/string/Makefile b/string/Makefile
index 9c87419..2f97070 100644
--- a/string/Makefile
+++ b/string/Makefile
@@ -71,6 +71,11 @@ CFLAGS-stratcliff.c = -fno-builtin
 CFLAGS-test-ffs.c = -fno-builtin
 CFLAGS-tst-inlcall.c = -fno-builtin
 
+ifeq ($(have-ssp),yes)
+# This is used in early initialization.
+CFLAGS-memcpy.c = -fno-stack-protector
+endif
+
 ifeq ($(run-built-tests),yes)
 $(objpfx)tst-svc-cmp.out: tst-svc.expect $(objpfx)tst-svc.out
 	cmp $^ > $@; \