From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 7427A3858D28 for ; Tue, 20 Jun 2023 18:19:32 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7427A3858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1687285172; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NhFPA+24vw9BkNS3vAGwSGFDNNUKnd1GR49eKB5qvWw=; b=cS5utWfAMzjhOp5U3nOKUUmNGOq1T2LJ5qFvh5/P35kImNQqxvMEeWA6z+9mkYY3lDmFic M281xEgnv39MN25Q8QfrikA5yArLBwE+9Qc8eZgNogXIlL756Op4Yth980cPhAEZfRtv8u O1GGioAypcSxNq8wYWObxesWcQgzZAg= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-379-dD3BYUnmMP-FVi_-M-yRhA-1; Tue, 20 Jun 2023 14:19:27 -0400 X-MC-Unique: dD3BYUnmMP-FVi_-M-yRhA-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 321BD90A90C; Tue, 20 Jun 2023 18:19:26 +0000 (UTC) Received: from Nymeria-redhat.redhat.com (unknown [10.39.193.72]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E25AC112132C; Tue, 20 Jun 2023 18:19:24 +0000 (UTC) From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20B=C3=A9rat?= To: libc-alpha@sourceware.org Cc: siddhesh@gotplt.org, fberat@redhat.com Subject: [PATCH 00/21] Allow glibc to be built with _FORTIFY_SOURCE Date: Tue, 20 Jun 2023 20:18:48 +0200 Message-ID: <20230620181910.1506893-1-fberat@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-6.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Hello, This patch series introduces a new "--enable-fortify-source" option to glibc build. This option may either be set to a value between 1 and 3, or left empty to let configure select the highest value available for the build system. The first patch adds the new configure option, the second excludes the routines that can't be built with the option enabled. The next patches are fixing test and compilation errors that arose with fortification enabled. I couldn't test the patch series in all configuration possible on all arches possible but I ran the following: - build-many-glibcs was executed on x86_64, for all arches/variants. This was mainly done to ensure that installed headers were not broken (as some patches are modifying system headers) - The new "enable-fortify-source" variant for BMG got executed on x86_64 - make check and benchtests were executed on x86_64, i686, ppc64le, aarch64, s390x, with and without fortification enabled. Fred. --- Frédéric Bérat (21): Add --enable-fortify-source option Configure: regenerate for autoconf 2.71 Exclude routines from fortification sysdeps/{i386,x86_64}/mempcpy_chk.S: fix linknamespace for __mempcpy_chk stdio-common: tests: Incorrect maxlen parameter for swprintf sysdeps: Ensure ieee128*_chk routines to be properly named string: Ensure *_chk routines have their hidden builtin definition available stdio: Ensure *_chk routines have their hidden builtin definition available asprintf_chk: Ensure compatibility for both s390x and ppc64le misc/sys/cdefs.h: Create FORTIFY redirects for internal calls wcsmbs/bits/wchar2{,-decl}.h: Clearly separate declaration from definitions wcsmbs/bits/wchar2{,-decl}.h: Avoid PLT entries with _FORTIFY_SOURCE posix/bits/unistd.h: Clearly separate declaration from definitions posix/bits/unistd{,-decl}.h: Avoid PLT entries with _FORTIFY_SOURCE debug/readlink{,at}_chk.c: Harmonize declaration and definition misc/bits/select2.h: Clearly separate declaration from definitions misc/bits/syslog.h: Clearly separate declaration from definition rt/tst-mqueue4.c: Fix wrong number of argument for mq_open sysdeps/ieee754/ldbl-128ibm-compat: Fix warn unused result sysdeps/powerpc/fpu/tst-setcontext-fpscr.c: Fix warn unused result benchtests: fix warn unused result Makeconfig | 33 +- aclocal.m4 | 2 +- benchtests/bench-strcoll.c | 6 +- config.make.in | 3 +- configure | 4208 +++++++++++------ configure.ac | 70 +- debug/Makefile | 12 +- debug/asprintf_chk.c | 16 +- debug/fdelt_chk.c | 2 + debug/fgets_u_chk.c | 1 + debug/fprintf_chk.c | 1 + debug/getdomainname_chk.c | 1 + debug/memcpy_chk.c | 1 + debug/memmove_chk.c | 1 + debug/mempcpy_chk.c | 1 + debug/memset_chk.c | 1 + debug/read_chk.c | 1 + debug/readlink_chk.c | 3 +- debug/readlinkat_chk.c | 3 +- debug/sprintf_chk.c | 1 + debug/stpcpy_chk.c | 1 + debug/wcrtomb_chk.c | 1 + debug/wmemset_chk.c | 1 + elf/rtld-Rules | 2 +- include/bits/select-decl.h | 1 + include/bits/syslog-decl.h | 1 + include/bits/unistd-decl.h | 1 + include/stdio.h | 13 +- include/string.h | 7 + include/sys/cdefs.h | 14 + include/sys/select.h | 4 + include/sys/syslog.h | 4 + include/unistd.h | 5 + include/wchar.h | 16 + io/Makefile | 16 + libio/Makefile | 21 +- login/Makefile | 6 + login/getlogin_r_chk.c | 1 + misc/Makefile | 9 + misc/bits/select-decl.h | 31 + misc/bits/select2.h | 6 +- misc/bits/syslog-decl.h | 35 + misc/bits/syslog.h | 10 +- misc/sys/cdefs.h | 8 + misc/syslog.c | 4 +- posix/Makefile | 12 + posix/bits/unistd-decl.h | 198 + posix/bits/unistd.h | 154 +- rt/Makefile | 5 + rt/tst-mqueue4.c | 4 +- setjmp/Makefile | 5 + socket/Makefile | 6 + stdio-common/Makefile | 15 +- stdio-common/tst-printf-bz25691.c | 8 +- stdio-common/tst-vfprintf-mbs-prec.c | 15 +- stdlib/Makefile | 7 + string/Makefile | 17 + sysdeps/generic/libc-symver.h | 2 +- sysdeps/i386/i586/memcpy.S | 1 + sysdeps/i386/i586/memset.S | 1 + sysdeps/i386/i686/memcpy.S | 1 + sysdeps/i386/i686/memmove.S | 1 + sysdeps/i386/i686/mempcpy.S | 1 + sysdeps/i386/i686/memset.S | 1 + sysdeps/i386/i686/multiarch/memcpy_chk.c | 4 + sysdeps/i386/i686/multiarch/memmove_chk.c | 4 + sysdeps/i386/i686/multiarch/mempcpy_chk.c | 4 + sysdeps/i386/i686/multiarch/memset_chk.c | 5 +- sysdeps/i386/memcpy_chk.S | 1 + sysdeps/i386/memmove_chk.S | 1 + sysdeps/i386/mempcpy_chk.S | 3 +- sysdeps/i386/memset_chk.S | 1 + sysdeps/ieee754/ldbl-128ibm-compat/Makefile | 81 +- .../ldbl-128ibm-compat/ieee128-asprintf_chk.c | 5 +- .../ldbl-128ibm-compat/ieee128-dprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-fprintf_chk.c | 5 +- .../ldbl-128ibm-compat/ieee128-fwprintf_chk.c | 5 +- .../ldbl-128ibm-compat/ieee128-printf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-snprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-sprintf_chk.c | 5 +- .../ldbl-128ibm-compat/ieee128-swprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-syslog.c | 9 +- .../ieee128-vasprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vdprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vfprintf_chk.c | 4 +- .../ieee128-vfwprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vprintf_chk.c | 4 +- .../ieee128-vsnprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vsprintf_chk.c | 5 +- .../ieee128-vswprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vwprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-wprintf_chk.c | 4 +- .../test-printf-ldbl-compat.c | 10 +- .../test-scanf-ldbl-compat-template.c | 21 +- sysdeps/ieee754/ldbl-opt/Makefile | 29 + sysdeps/powerpc/fpu/tst-setcontext-fpscr.c | 4 +- sysdeps/pthread/Makefile | 4 + sysdeps/unix/sysv/linux/Makefile | 3 + .../sysv/linux/s390/tst-ptrace-singleblock.c | 3 +- sysdeps/x86_64/memcpy_chk.S | 1 + sysdeps/x86_64/memmove_chk.S | 1 + sysdeps/x86_64/mempcpy_chk.S | 3 +- sysdeps/x86_64/memset_chk.S | 1 + sysdeps/x86_64/multiarch/memcpy_chk.c | 4 + sysdeps/x86_64/multiarch/memmove_chk.c | 4 + sysdeps/x86_64/multiarch/mempcpy_chk.c | 4 + sysdeps/x86_64/multiarch/memset_chk.c | 4 + sysdeps/x86_64/multiarch/wmemset_chk.c | 4 + wcsmbs/Makefile | 23 +- wcsmbs/bits/wchar2-decl.h | 172 + wcsmbs/bits/wchar2.h | 192 - 111 files changed, 3765 insertions(+), 1951 deletions(-) create mode 100644 include/bits/select-decl.h create mode 100644 include/bits/syslog-decl.h create mode 100644 include/bits/unistd-decl.h create mode 100644 misc/bits/select-decl.h create mode 100644 misc/bits/syslog-decl.h create mode 100644 posix/bits/unistd-decl.h -- 2.41.0