From: Nix <nix@esperi.org.uk>
To: libc-alpha@sourceware.org
Cc: fweimer@redhat.com
Subject: [PATCH 05/15] Compile the entire dynamic linker with -fno-stack-protector.
Date: Mon, 19 Dec 2016 11:26:00 -0000 [thread overview]
Message-ID: <20161219111528.14969-6-nix@esperi.org.uk> (raw)
In-Reply-To: <20161219111528.14969-1-nix@esperi.org.uk>
From: Nick Alcock <nick.alcock@oracle.com>
Also compile corresponding routines in the static libc.a with the same
flag.
v3: Use $(no-stack-protector).
Introduce $(elide-stack-protector) and use it to reduce redundancy.
Bring all the elisions together textually.
v9: Adapt to no-sse adjustments in sysdeps/i386/Makefile.
* elf/Makefile (elide-stack-protector): New.
(CFLAGS-.os): Use it, eliding $(all-rtld-routines).
(CFLAGS-.oX): Likewise, eliding $(elide-routines.os).
(rtld-CFLAGS): Likewise.
sysdeps/i386/Makefile (rtld-CFLAGS): Use +=, not =.
---
elf/Makefile | 13 +++++++++++++
elf/rtld-Rules | 2 ++
sysdeps/i386/Makefile | 2 +-
3 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/elf/Makefile b/elf/Makefile
index 82c7e05..d14d48d 100644
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -50,6 +50,19 @@ CFLAGS-dl-runtime.c = -fexceptions -fasynchronous-unwind-tables
CFLAGS-dl-lookup.c = -fexceptions -fasynchronous-unwind-tables
CFLAGS-dl-iterate-phdr.c = $(uses-callbacks)
+# Compile rtld itself without stack protection.
+# Also compile all routines in the static library that are elided from
+# the shared libc because they are in ld.so the same way.
+
+define elide-stack-protector
+$(if $(filter $(@F),$(patsubst %,%$(1),$(2))), $(no-stack-protector))
+endef
+
+CFLAGS-.o += $(call elide-stack-protector,.o,$(elide-routines.os))
+CFLAGS-.op += $(call elide-stack-protector,.op,$(elide-routines.os))
+CFLAGS-.og += $(call elide-stack-protector,.og,$(elide-routines.os))
+CFLAGS-.os += $(call elide-stack-protector,.os,$(all-rtld-routines))
+
ifeq ($(unwind-find-fde),yes)
routines += unwind-dw2-fde-glibc
shared-only-routines += unwind-dw2-fde-glibc
diff --git a/elf/rtld-Rules b/elf/rtld-Rules
index c1bb506..84d9387 100644
--- a/elf/rtld-Rules
+++ b/elf/rtld-Rules
@@ -144,4 +144,6 @@ cpp-srcs-left := $(rtld-modules:%.os=%)
lib := rtld
include $(patsubst %,$(..)cppflags-iterator.mk,$(cpp-srcs-left))
+rtld-CFLAGS += $(no-stack-protector)
+
endif
diff --git a/sysdeps/i386/Makefile b/sysdeps/i386/Makefile
index e94f2cb..e30e133 100644
--- a/sysdeps/i386/Makefile
+++ b/sysdeps/i386/Makefile
@@ -88,7 +88,7 @@ endif
# the first 3 mm/xmm/ymm/zmm registers are used to pass vector parameters
# which must be preserved.
# With SSE disabled, ensure -fpmath is not set to use sse either.
-rtld-CFLAGS = -mno-sse -mno-mmx -mfpmath=387
+rtld-CFLAGS += -mno-sse -mno-mmx -mfpmath=387
ifeq ($(subdir),elf)
CFLAGS-.os += $(if $(filter $(@F),$(patsubst %,%.os,$(all-rtld-routines))),\
$(rtld-CFLAGS))
--
2.10.1.208.gbec66bc
next prev parent reply other threads:[~2016-12-19 11:26 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-19 11:15 --enable-stack-protector for glibc, v10 Nix
2016-12-19 11:15 ` [PATCH 06/15] Prevent the rtld mapfile computation from dragging in __stack_chk_fail* Nix
2016-12-19 11:15 ` [PATCH 04/15] Mark all machinery needed in early static-link init as -fno-stack-protector Nix
2016-12-21 14:18 ` Florian Weimer
2016-12-19 11:15 ` [PATCH 08/15] Add a hidden __stack_chk_fail_local alias to libc.so Nix
2016-12-19 11:25 ` [PATCH 14/15] tst-quad1pie, tst-quad2pie: compile with -fPIE Nix
2016-12-21 13:36 ` Florian Weimer
2016-12-19 11:25 ` [PATCH 09/15] De-PLTize __stack_chk_fail internal calls within libc.so Nix
2016-12-21 15:05 ` Florian Weimer
2016-12-22 22:41 ` Nix
2016-12-19 11:25 ` [PATCH 10/15] Link a non-libc-using test with -fno-stack-protector Nix
2016-12-19 11:25 ` [PATCH 11/15] Drop explicit stack-protection of pieces of the system Nix
2016-12-19 11:25 ` [PATCH 15/15] Enable -fstack-protector=* when requested by configure Nix
2016-12-19 11:26 ` [PATCH 13/15] Move all tests out of csu Nix
2016-12-21 13:36 ` Florian Weimer
2016-12-19 11:26 ` [PATCH 01/15] Configury support for --enable-stack-protector Nix
2016-12-19 11:26 ` [PATCH 12/15] Do not stack-protect sigreturn stubs Nix
2016-12-19 11:26 ` Nix [this message]
2016-12-21 14:18 ` [PATCH 05/15] Compile the entire dynamic linker with -fno-stack-protector Florian Weimer
2016-12-21 14:25 ` Szabolcs Nagy
2016-12-21 14:57 ` Florian Weimer
2016-12-19 11:26 ` [PATCH 02/15] Initialize the stack guard earlier when linking statically Nix
2016-12-21 14:16 ` Florian Weimer
2016-12-21 20:15 ` Florian Weimer
2016-12-22 22:38 ` Nix
2016-12-19 11:27 ` [PATCH 07/15] Work even with compilers hacked to enable -fstack-protector by default Nix
2016-12-19 11:27 ` [PATCH 03/15] Do not stack-protect ifunc resolvers Nix
2016-12-21 14:17 ` Florian Weimer
2016-12-22 22:40 ` Nix
2016-12-19 15:15 ` --enable-stack-protector for glibc, v10 Florian Weimer
2016-12-19 15:18 ` Chris Metcalf
2016-12-19 15:54 ` Nix
2016-12-20 8:30 ` Florian Weimer
2016-12-20 19:04 ` Nix
2016-12-21 17:26 ` Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161219111528.14969-6-nix@esperi.org.uk \
--to=nix@esperi.org.uk \
--cc=fweimer@redhat.com \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).