From patchwork Sun Aug 27 20:32:05 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Samuel Thibault X-Patchwork-Id: 22375 Received: (qmail 114249 invoked by alias); 27 Aug 2017 20:32:10 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 114230 invoked by uid 89); 27 Aug 2017 20:32:09 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-26.1 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, SPF_HELO_PASS, SPF_NEUTRAL autolearn=ham version=3.3.2 spammy=sk:server-, exc X-HELO: hera.aquilenet.fr Date: Sun, 27 Aug 2017 22:32:05 +0200 From: Samuel Thibault To: libc-alpha@sourceware.org Subject: [hurd,commited]: Fix static initialization with -fstack-protector-strong Message-ID: <20170827203205.7rymov2jglbcibbz@var.youpi.perso.aquilenet.fr> MIME-Version: 1.0 Content-Disposition: inline User-Agent: NeoMutt/20170113 (1.7.2) When linked statically, TLS initialization is not achieved before mach_init and alike, so ssp accesses to tcbhead's stack_guard would crash. We can just avoid using ssp in the few functions needed before TLS is set up. * mach/Makefile (CFLAGS-mach_init.o, CFLAGS-RPC_vm_statistics.o, CFLAGS-RPC_vm_map.o, CFLAGS-RPC_vm_protect.o, CFLAGS-RPC_i386_set_gdt.o, CFLAGS-RPC_i386_set_ldt.o, CFLAGS-RPC_task_get_special_port.o): Add $(no-stack-protector). * hurd/Makefile (CFLAGS-hurdstartup.o, CFLAGS-RPC_exec_startup_get_info.o): Add $(no-stack-protector). diff --git a/hurd/Makefile b/hurd/Makefile index 9205822b24..b44b9b80c6 100644 --- a/hurd/Makefile +++ b/hurd/Makefile @@ -81,6 +81,10 @@ $(inlines:%=$(objpfx)%.c): $(objpfx)%-inlines.c: %.h echo '#include "$<"') > $@-new mv -f $@-new $@ generated += $(inlines:=.c) + +# Avoid ssp before TLS is initialized. +CFLAGS-hurdstartup.o = $(no-stack-protector) +CFLAGS-RPC_exec_startup_get_info.o = $(no-stack-protector) include ../mach/Machrules include ../Rules diff --git a/mach/Makefile b/mach/Makefile index 127cad00ca..b4f18b1525 100644 --- a/mach/Makefile +++ b/mach/Makefile @@ -53,6 +53,15 @@ server-interfaces := mach/exc # Clear any environment value. generated = + +# Avoid ssp before TLS is initialized. +CFLAGS-mach_init.o = $(no-stack-protector) +CFLAGS-RPC_vm_statistics.o = $(no-stack-protector) +CFLAGS-RPC_vm_map.o = $(no-stack-protector) +CFLAGS-RPC_vm_protect.o = $(no-stack-protector) +CFLAGS-RPC_i386_set_gdt.o = $(no-stack-protector) +CFLAGS-RPC_i386_set_ldt.o = $(no-stack-protector) +CFLAGS-RPC_task_get_special_port.o = $(no-stack-protector) # Translate GNU names for CPUs into the names used in Mach header files. mach-machine = $(patsubst powerpc,ppc,$(base-machine))