[07/14,v6] Prevent the rtld mapfile computation from dragging in __stack_chk_fail*.
Commit Message
From: Nick Alcock <nick.alcock@oracle.com>
The previous commit prevented rtld itself from being built with
-fstack-protector, but this is not quite enough. We identify which
objects belong in rtld via a test link and analysis of the resulting
mapfile. That link is necessarily done against objects that are
stack-protected, so drags in __stack_chk_fail_local, __stack_chk_fail,
and all the libc and libio code they use.
To stop this happening, use --defsym in the test librtld.map-production
link to force the linker to predefine these two symbols (to 0, but it
could be to anything). (In a real link, this would of course be
catastrophic, but these object files are never used for anything else.)
v2: New.
v6: Dummy out stack_chk_fail_local too.
* elf/Makefile (dummy-stack-chk-fail): New.
($(objpfx)librtld.map): Use it.
---
elf/Makefile | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
Comments
Nix <nix@esperi.org.uk> writes:
> $(objpfx)librtld.map: $(objpfx)dl-allobjs.os $(common-objpfx)libc_pic.a
> @-rm -f $@T
> - $(reloc-link) -o $@.o '-Wl,-(' $^ -lgcc '-Wl,-)' -Wl,-Map,$@T
> + $(reloc-link) -o $@.o $(dummy-stack-chk-fail) '-Wl,-(' $^ -lgcc '-Wl,-)' -Wl,-Map,$@T
> rm -f $@.o
> mv -f $@T $@
Please fold long lines.
Andreas.
On 7 Jun 2016, Andreas Schwab spake thusly:
> Nix <nix@esperi.org.uk> writes:
>
>> $(objpfx)librtld.map: $(objpfx)dl-allobjs.os $(common-objpfx)libc_pic.a
>> @-rm -f $@T
>> - $(reloc-link) -o $@.o '-Wl,-(' $^ -lgcc '-Wl,-)' -Wl,-Map,$@T
>> + $(reloc-link) -o $@.o $(dummy-stack-chk-fail) '-Wl,-(' $^ -lgcc '-Wl,-)' -Wl,-Map,$@T
>> rm -f $@.o
>> mv -f $@T $@
>
> Please fold long lines.
Oops! Will be fixed in next posting. This and one comment in the same
patch (also fixed) are the only places where I overflow lines that are
fixable (configure.ac is more or less not fixable, AIUI).
On 06/07/2016 05:03 AM, Nix wrote:
> This and one comment in the same
> patch (also fixed) are the only places where I overflow lines that are
> fixable (configure.ac is more or less not fixable, AIUI).
Why is configure.ac not fixable? E.g., in this patch:
+ AC_HELP_STRING([--enable-stack-protector=@<:@yes|no|all|strong@:>@],
+ [Use -fstack-protector[-all|-strong] to detect glibc buffer overflows]),
The commentary can contain folded lines without problem (the extra indenting is removed), and the first line can be moved down, e.g.,
AC_HELP_STRING(
[--enable-stack-protector=@<:@yes|no|all|strong@:>@],
[Use -fstack-protector[-all|-strong] to detect glibc
buffer overflows]),
On 06/07/2016 01:06 PM, Nix wrote:
> * elf/Makefile (dummy-stack-chk-fail): New.
> ($(objpfx)librtld.map): Use it.
This looks good to me (except for the long lines already pointed out).
Thanks,
Florian
@@ -349,9 +349,20 @@ $(objpfx)dl-allobjs.os: $(all-rtld-routines:%=$(objpfx)%.os)
# are compiled with special flags, and puts these modules into rtld-libc.a
# for us. Then we do the real link using rtld-libc.a instead of libc_pic.a.
+# If the compiler can do SSP, build the mapfile with dummy __stack_chk_fail
+# and __stack_chk_fail_local symbols defined, to prevent the real things
+# being dragged into rtld even though rtld is never built with stack-protection.
+
+ifeq ($(have-ssp),yes)
+dummy-stack-chk-fail := -Wl,--defsym='__stack_chk_fail=0' \
+ -Wl,--defsym='__stack_chk_fail_local=0'
+else
+dummy-stack-chk-fail :=
+endif
+
$(objpfx)librtld.map: $(objpfx)dl-allobjs.os $(common-objpfx)libc_pic.a
@-rm -f $@T
- $(reloc-link) -o $@.o '-Wl,-(' $^ -lgcc '-Wl,-)' -Wl,-Map,$@T
+ $(reloc-link) -o $@.o $(dummy-stack-chk-fail) '-Wl,-(' $^ -lgcc '-Wl,-)' -Wl,-Map,$@T
rm -f $@.o
mv -f $@T $@