From patchwork Sun Mar 13 15:16:54 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nix X-Patchwork-Id: 11332 Received: (qmail 61579 invoked by alias); 13 Mar 2016 15:20:15 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 61555 invoked by uid 89); 13 Mar 2016 15:20:14 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=1.4 required=5.0 tests=AWL, BAYES_50, KAM_LAZY_DOMAIN_SECURITY, RP_MATCHES_RCVD autolearn=no version=3.3.2 spammy=nm, badly, hacked, AC_SUBST X-HELO: mail.esperi.org.uk From: Nix To: libc-alpha@sourceware.org Subject: [PATCH 09/17 v6] Work even with compilers hacked to enable -fstack-protector by default. Date: Sun, 13 Mar 2016 15:16:54 +0000 Message-Id: <1457882222-22599-10-git-send-email-nix@esperi.org.uk> In-Reply-To: <1457882222-22599-1-git-send-email-nix@esperi.org.uk> References: <1457882222-22599-1-git-send-email-nix@esperi.org.uk> X-DCC-wuwien-Metrics: spindle 1290; Body=1 Fuz1=1 Fuz2=1 From: Nick Alcock With all the machinery we just added, we can easily arrange to work even when the compiler passes in -fstack-protector automatically: all the necessary bits of glibc are always compiled with -fno-stack-protector now. So tear out the check in configure, and add appropriate calls to -fno-stack-protector in tests that need them (largely those that use -nostdlib), since we don't yet have a __stack_chk_fail() that those tests can rely upon. (GCC often provides one, but we cannot rely on this, especially not when bootstrapping.) v2: No longer pass in -lssp to anything. v5: Remove accidentally duplicated $(no_ssp)s. v6: Small revisions following Mike Frysinger's review. * configure.ac: Add check for unsupported stack-protection level. (libc_cv_predef_stack_protector): Remove. (no_ssp): New variable. (libc_cv_ld_gnu_indirect_function): Use it. (libc_cv_asm_set_directive): Likewise. (libc_cv_protected_data): Likewise. (libc_cv_z_combreloc): Likewise. (libc_cv_hashstyle): Likewise. (libc_cv_has_glob_dat): Likewise. (libc_cv_output_format): Likewise. (libc_cv_ehdr_start): Likewise. * aclocal.m4 (LIBC_TRY_LINK_STATIC): Likewise. (LIBC_LINKER_FEATURE): Likewise. (LIBC_COMPILER_BUILTIN_INLINED): Likewise. --- aclocal.m4 | 6 +++--- configure.ac | 70 ++++++++++++++++++------------------------------------------ 2 files changed, 24 insertions(+), 52 deletions(-) diff --git a/aclocal.m4 b/aclocal.m4 index 3d64f77..6902155 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -141,7 +141,7 @@ int _start (void) { return 0; } int __start (void) { return 0; } $1 EOF -AS_IF([AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -o conftest +AS_IF([AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS $no_ssp -o conftest conftest.c -static -nostartfiles -nostdlib 1>&AS_MESSAGE_LOG_FD])], [$2], [$3]) @@ -226,7 +226,7 @@ if test x"$gnu_ld" = x"yes"; then cat > conftest.c <&AS_MESSAGE_LOG_FD]) @@ -268,7 +268,7 @@ libc_compiler_builtin_inlined=no cat > conftest.c <&AS_MESSAGE_LOG_FD]) diff --git a/configure.ac b/configure.ac index 6ad87f5..a11dd10 100644 --- a/configure.ac +++ b/configure.ac @@ -653,6 +653,18 @@ AC_SUBST(libc_cv_ssp) AC_SUBST(stack_protector) AC_SUBST(no_stack_protector) +if test -n "$stack_protector"; then + dnl Don't run configure tests with stack-protection on, to avoid problems with + dnl bootstrapping. + no_ssp=-fno-stack-protector +else + no_ssp= + + if test "$enable_stack_protector" != no; then + AC_MSG_ERROR([--enable-stack-protector=$enable_stack_protector specified, but specified level of stack protection is not supported by the compiler.]) + fi +fi + # For the multi-arch option we need support in the assembler & linker. AC_CACHE_CHECK([for assembler and linker STT_GNU_IFUNC support], libc_cv_ld_gnu_indirect_function, [dnl @@ -672,7 +684,7 @@ __start: EOF libc_cv_ld_gnu_indirect_function=no if ${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS \ - -nostartfiles -nostdlib \ + -nostartfiles -nostdlib $no_ssp \ -o conftest conftest.S 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then # Do a link to see if the backend supports IFUNC relocs. $READELF -r conftest 1>&AS_MESSAGE_LOG_FD @@ -1141,7 +1153,7 @@ extern int glibc_conftest_frobozz; void _start() { glibc_conftest_frobozz = 1; } EOF if ${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS \ - -nostartfiles -nostdlib \ + -nostartfiles -nostdlib $no_ssp \ -o conftest conftest.s conftest1.c 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then libc_cv_asm_set_directive=yes else @@ -1158,12 +1170,12 @@ AC_CACHE_CHECK(linker support for protected data symbol, int bar __attribute__ ((visibility ("protected"))) = 1; EOF libc_cv_protected_data=no - if AC_TRY_COMMAND(${CC-cc} -nostdlib -nostartfiles -fPIC -shared conftest.c -o conftest.so); then + if AC_TRY_COMMAND(${CC-cc} -nostdlib -nostartfiles $no_ssp -fPIC -shared conftest.c -o conftest.so); then cat > conftest.c <&AS_MESSAGE_LOG_FD]) then @@ -1323,7 +1335,7 @@ AC_CACHE_CHECK(for --hash-style option, cat > conftest.c <&AS_MESSAGE_LOG_FD]) then @@ -1395,7 +1407,7 @@ int foo (void) { return mumble; } EOF if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -fPIC -shared -o conftest.so conftest.c - -nostdlib -nostartfiles + -nostdlib -nostartfiles $no_ssp 1>&AS_MESSAGE_LOG_FD]) then dnl look for GLOB_DAT relocation. @@ -1412,7 +1424,7 @@ AC_SUBST(libc_cv_has_glob_dat) AC_CACHE_CHECK(linker output format, libc_cv_output_format, [dnl if libc_cv_output_format=` -${CC-cc} -nostartfiles -nostdlib -Wl,--print-output-format 2>&AS_MESSAGE_LOG_FD` +${CC-cc} -nostartfiles -nostdlib $no_ssp -Wl,--print-output-format 2>&AS_MESSAGE_LOG_FD` then : else @@ -1611,46 +1623,6 @@ if test $libc_cv_predef_fortify_source = yes; then fi AC_SUBST(CPPUNDEFS) -dnl Check for silly hacked compilers inserting -fstack-protector. -dnl This breaks badly for the early startup code we compile, since -dnl the compiled code can refer to a magic machine-dependent location -dnl for the canary value before we have sufficient setup for that to -dnl work. It's also questionable to build all of libc with this flag -dnl even when you're doing that for most applications you build, since -dnl libc's code is so heavily-used and performance-sensitive. If we -dnl ever really want to make that work, it should be enabled explicitly -dnl in the libc build, not inherited from implicit compiler settings. -AC_CACHE_CHECK([whether $CC implicitly enables -fstack-protector], - libc_cv_predef_stack_protector, [ -AC_TRY_COMPILE([extern void foobar (char *);], - [char large_array[2048]; foobar (large_array);], [ -libc_undefs=`$NM -u conftest.o | - LC_ALL=C $AWK '$1 == "U" { print $2 | "sort -u"; next } { exit(1) }' \ - 2>&AS_MESSAGE_LOG_FD` || { - AC_MSG_ERROR([confusing output from $NM -u]) -} -echo >&AS_MESSAGE_LOG_FD "libc_undefs='$libc_undefs'" -# On some architectures, there are architecture-specific undefined -# symbols (resolved by the linker), so filter out unknown symbols. -# This will fail to produce the correct result if the compiler -# defaults to -fstack-protector but this produces an undefined symbol -# other than __stack_chk_fail. However, compilers like that have not -# been encountered in practice. -libc_undefs=`echo "$libc_undefs" | egrep '^(foobar|__stack_chk_fail)$'` -case "$libc_undefs" in -foobar) libc_cv_predef_stack_protector=no ;; -'__stack_chk_fail -foobar') libc_cv_predef_stack_protector=yes ;; -*) AC_MSG_ERROR([unexpected symbols in test: $libc_undefs]) ;; -esac], - [AC_MSG_ERROR([test compilation failed])]) -]) -libc_extra_cflags= -if test $libc_cv_predef_stack_protector = yes; then - libc_extra_cflags="$libc_extra_cflags -fno-stack-protector" -fi -libc_extra_cppflags= - # Some linkers on some architectures support __ehdr_start but with # bugs. Make sure usage of it does not create relocations in the # output (as the linker should resolve them all for us). @@ -1660,7 +1632,7 @@ old_CFLAGS="$CFLAGS" old_LDFLAGS="$LDFLAGS" old_LIBS="$LIBS" CFLAGS="$CFLAGS -fPIC" -LDFLAGS="$LDFLAGS -nostdlib -nostartfiles -shared" +LDFLAGS="$LDFLAGS -nostdlib -nostartfiles -shared $no_ssp" LIBS= AC_LINK_IFELSE([AC_LANG_SOURCE([ typedef struct {