From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 68AE33858D28 for ; Mon, 3 Jul 2023 15:16:54 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 68AE33858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1688397413; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=gxZeZw01YSLfs1CM0DQ1T1hFnqAD85Fw2HZhFUCc0cc=; b=ClCjseO8k3vvY+Prv8TfViPV7Prt384ziHkCXmL7z93MMmRodptzBPYJ+gOi0h47XA6a8s CJ6eqXiRmKu2gyDm4KB0pwPAU6Bvbip317D123toEeAD3eMvM9D6gBxLqVNRe9rW4hDJtF pewLX3W7G3/eMpdKIA4dR3MZSoNDyIk= Received: from mail-lj1-f200.google.com (mail-lj1-f200.google.com [209.85.208.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-593-fVS17jsRPuSpz-BV69izEg-1; Mon, 03 Jul 2023 11:16:51 -0400 X-MC-Unique: fVS17jsRPuSpz-BV69izEg-1 Received: by mail-lj1-f200.google.com with SMTP id 38308e7fff4ca-2b6ae3cb20cso44281591fa.3 for ; Mon, 03 Jul 2023 08:16:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688397410; x=1690989410; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gxZeZw01YSLfs1CM0DQ1T1hFnqAD85Fw2HZhFUCc0cc=; b=ftLmzMcbjGb5moQX8geZLVhbOI2iu9+nMHlhqoPupAcR14/NkHaCzxsO70IiBTpdDL +xy6oKJncM+2HcixKYgP4NKziXpaQ3dYC6F5btisdS1ENLrALxqhQ8qqD8huWd/KtJfW 1NOgh9anMEiPILhT+jc2wOqo4ep6OKfNHmG0aWzyN801cNsjJettVQsjGWF/cOgB1cNK CoP40LxhXBaAOuPKu9weDg1v55G7GaqzV//EjrTFmTZZElQ2PNaFPHRCuKO2mW8grrlb sYOHWbmpZquNiYPm++/SfkwbORDynnnDB2HhOtouC06WNWxuyFHf6fu4vk3u4W2V8KKq r7wQ== X-Gm-Message-State: ABy/qLZ3KtHgl53tVQ2np/OhCu6b5izFXBZuVQhgNZqJtIB0JM1Bk8N8 UOwylr9VBZ8tRjyQv0XaOvAnqPJvi6JzFkCpf2fp919cVsTFnQOokU6iVlgABx6W5NHWlR9g6NA xJr6KlkhQeadcL0GQHVRxw+lWEcr3/vHrDXa0TFAi9WRjeVI= X-Received: by 2002:a2e:95d9:0:b0:2b5:8153:deb3 with SMTP id y25-20020a2e95d9000000b002b58153deb3mr7584037ljh.4.1688397409969; Mon, 03 Jul 2023 08:16:49 -0700 (PDT) X-Google-Smtp-Source: APBJJlFXIwUgyb1ewKiaKJuNHjM56TO5sTg0eV3qwnnVRaUPTG9F2qjnf+0cEnVMPI24cFGiaQdEWnN6wXkYKl/tXWs= X-Received: by 2002:a2e:95d9:0:b0:2b5:8153:deb3 with SMTP id y25-20020a2e95d9000000b002b58153deb3mr7584010ljh.4.1688397409569; Mon, 03 Jul 2023 08:16:49 -0700 (PDT) MIME-Version: 1.0 References: <20230628084246.778302-1-fberat@redhat.com> <20230628084246.778302-3-fberat@redhat.com> <1b46ffc4-5d65-faeb-96f0-c0828dc89cfb@gotplt.org> In-Reply-To: <1b46ffc4-5d65-faeb-96f0-c0828dc89cfb@gotplt.org> From: Frederic Berat Date: Mon, 3 Jul 2023 17:16:38 +0200 Message-ID: Subject: Re: [PATCH v3 02/16] Exclude routines from fortification To: Siddhesh Poyarekar Cc: libc-alpha@sourceware.org X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: multipart/alternative; boundary="000000000000d6633505ff96a700" X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: --000000000000d6633505ff96a700 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Jun 30, 2023 at 4:55=E2=80=AFPM Siddhesh Poyarekar wrote: > On 2023-06-28 04:42, Fr=C3=A9d=C3=A9ric B=C3=A9rat wrote: > > Since the _FORTIFY_SOURCE feature uses some routines of Glibc, they need > to > > be excluded from the fortification. > > > > On top of that: > > - some tests explicitly verify that some level of fortification works > > appropriately, we therefore shouldn't modify the level set for them. > > - some objects need to be build with optimization disabled, which > > prevents _FORTIFY_SOURCE to be used for them. > > > > Assembler files that implement architecture specific versions of the > > fortified routines were not excluded from _FORTIFY_SOURCE as there is no > > C header included that would impact their behavior. > > --- > > debug/Makefile | 12 +-- > > io/Makefile | 16 ++++ > > libio/Makefile | 21 +++++- > > login/Makefile | 6 ++ > > misc/Makefile | 7 ++ > > posix/Makefile | 11 +++ > > rt/Makefile | 5 ++ > > setjmp/Makefile | 9 +++ > > socket/Makefile | 6 ++ > > stdio-common/Makefile | 15 +++- > > stdlib/Makefile | 7 ++ > > string/Makefile | 17 +++++ > > sysdeps/ieee754/ldbl-128ibm-compat/Makefile | 81 +++++++++++++++++---- > > sysdeps/ieee754/ldbl-opt/Makefile | 29 ++++++++ > > sysdeps/pthread/Makefile | 4 + > > sysdeps/unix/sysv/linux/Makefile | 3 + > > wcsmbs/Makefile | 23 +++++- > > 17 files changed, 247 insertions(+), 25 deletions(-) > > > > diff --git a/debug/Makefile b/debug/Makefile > > index 9d658e3002..434e52f780 100644 > > --- a/debug/Makefile > > +++ b/debug/Makefile > > @@ -171,13 +171,13 @@ CFLAGS-recvfrom_chk.c +=3D -fexceptions > -fasynchronous-unwind-tables > > # set up for us, so keep the CFLAGS/CPPFLAGS split logical as the > order is: > > # > > CFLAGS-tst-longjmp_chk.c +=3D -fexceptions -fasynchronous-unwind-tabl= es > > -CPPFLAGS-tst-longjmp_chk.c +=3D -D_FORTIFY_SOURCE=3D1 > > +CPPFLAGS-tst-longjmp_chk.c +=3D $(no-fortify-source),-D_FORTIFY_SOURCE= =3D1 > > CFLAGS-tst-longjmp_chk2.c +=3D -fexceptions -fasynchronous-unwind-tab= les > > -CPPFLAGS-tst-longjmp_chk2.c +=3D -D_FORTIFY_SOURCE=3D1 > > +CPPFLAGS-tst-longjmp_chk2.c +=3D $(no-fortify-source),-D_FORTIFY_SOURC= E=3D1 > > CFLAGS-tst-longjmp_chk3.c +=3D -fexceptions -fasynchronous-unwind-tab= les > > -CPPFLAGS-tst-longjmp_chk3.c +=3D -D_FORTIFY_SOURCE=3D1 > > -CPPFLAGS-tst-realpath-chk.c +=3D -D_FORTIFY_SOURCE=3D2 > > -CPPFLAGS-tst-chk-cancel.c +=3D -D_FORTIFY_SOURCE=3D2 > > +CPPFLAGS-tst-longjmp_chk3.c +=3D $(no-fortify-source),-D_FORTIFY_SOURC= E=3D1 > > +CPPFLAGS-tst-realpath-chk.c +=3D $(no-fortify-source),-D_FORTIFY_SOURC= E=3D2 > > +CPPFLAGS-tst-chk-cancel.c +=3D $(no-fortify-source),-D_FORTIFY_SOURCE= =3D2 > > > > # _FORTIFY_SOURCE tests. > > # Auto-generate tests for _FORTIFY_SOURCE for different levels, > compilers and > > @@ -215,7 +215,7 @@ src-chk-nongnu =3D \#undef _GNU_SOURCE > > # cannot be disabled via pragmas, so require -Wno-error to be used. > > define gen-chk-test > > tests-$(1)-$(4)-chk +=3D tst-fortify-$(1)-$(2)-$(3)-$(4) > > -CFLAGS-tst-fortify-$(1)-$(2)-$(3)-$(4).$(1) +=3D -D_FORTIFY_SOURCE=3D$= (3) > -Wno-format \ > > +CFLAGS-tst-fortify-$(1)-$(2)-$(3)-$(4).$(1) +=3D > $(no-fortify-source),-D_FORTIFY_SOURCE=3D$(3) -Wno-format \ > > -Wno-deprecated-declarations \ > > -Wno-error > > $(eval $(call cflags-$(2),$(1),$(3),$(4))) > > diff --git a/io/Makefile b/io/Makefile > > index d573064ecc..6ccc0e8691 100644 > > --- a/io/Makefile > > +++ b/io/Makefile > > @@ -149,6 +149,22 @@ routines :=3D \ > > write \ > > # routines > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + getcwd \ > > + getwd \ > > + open \ > > + open64 \ > > + openat \ > > + openat64 \ > > + poll \ > > + ppoll \ > > + read \ > > + readlink \ > > + readlinkat \ > > + ttyname_r \ > > + # routines_no_fortify > > + > > others :=3D \ > > pwd \ > > # others > > diff --git a/libio/Makefile b/libio/Makefile > > index 2877fec484..f5c487d9f5 100644 > > --- a/libio/Makefile > > +++ b/libio/Makefile > > @@ -53,6 +53,21 @@ routines :=3D > \ > > > > gen-as-const-headers +=3D libio-macros.sym > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + fwprintf \ > > + iofgets \ > > + iofgets_u \ > > + iofgetws \ > > + iofgetws_u \ > > + swprintf \ > > + vasprintf \ > > + vsnprintf \ > > + vswprintf \ > > + vwprintf \ > > + wprintf \ > > + # routines_no_fortify > > + > > tests =3D tst_swprintf tst_wprintf tst_swscanf tst_wscanf tst_getwc > tst_putwc \ > > tst_wprintf2 tst-widetext test-fmemopen tst-ext tst-ext2 \ > > tst-fgetws tst-ungetwc1 tst-ungetwc2 tst-swscanf tst-sscanf > \ > > @@ -165,11 +180,15 @@ CFLAGS-iofgets_u.c +=3D > $(config-cflags-wno-ignored-attributes) > > CFLAGS-iofputs_u.c +=3D $(config-cflags-wno-ignored-attributes) > > # XXX Do we need filedoalloc and wfiledoalloc? Others? > > > > +# Prevent fortification as these are built with -O0 > > +CFLAGS-tst-bz24051.c +=3D $(no-fortify-source) > > +CFLAGS-tst-bz24153.c +=3D $(no-fortify-source) > > + > > CFLAGS-tst_putwc.c +=3D -DOBJPFX=3D\"$(objpfx)\" > > > > # These test cases intentionally use overlapping arguments > > CFLAGS-tst-sprintf-ub.c +=3D -Wno-restrict > > This should also be built without fortification because the test > specifically tries to validate the sprintf entry point; the > __sprintf_chk entry point ought to get checked by the > tst-sprintf-chk-ub.c test. > > In fact, I wonder if *all* tests should be built without fortification > by default regardless of whether glibc is built with fortification. We > have specific tests in debug/ to test the _chk entry points and it seems > like the tests should stick to validating only the regular entry points > unless otherwise specified. > > I'm not so sure. The fact that fortification is enabled doesn't diminish the validity of the tests, at the very end fortified function shouldn't modify the behavior of these routines (modulo the additional tests on input parameters). Unless the test breaks because of fortification (like when tests voluntarily mess with input parameters in a way that the test aborts on chk routines), I don't see the need to undefine _FORTIFY_SOURCE. Thus, by having fortification enabled during the tests, I could catch errors in the tests (e.g. Incorrect maxlen parameter for swprintf 427dbaee86bcec31ba2fe9a42f32842cf17c4e77). On top of that in the current configuration, assuming "--enable-fortify-source" is **not** set, and the _FORTIFY_SOURCE macro is **not** set through the environment neither, these are still tested without fortification. In one sense, having the glibc CI testing the entry points directly, while the community will probably test with fortification, may help catch unwanted behavioral changes (if that ever happens) due to incorrect check routines implementation. All of that said, we may need to reconsider the tests like tst-sprintf-chk-ub.c though, considering the capability to enable fortification from configure. What do you think ? Fred. > Sid > > > -CFLAGS-tst-sprintf-chk-ub.c +=3D -Wno-restrict > > +CFLAGS-tst-sprintf-chk-ub.c +=3D -Wno-restrict $(no-fortify-source) > > > > LDFLAGS-tst-bz24228 =3D -Wl,--version-script=3Dtst-bz24228.map > > > > diff --git a/login/Makefile b/login/Makefile > > index 13b155d344..74216cbcb2 100644 > > --- a/login/Makefile > > +++ b/login/Makefile > > @@ -66,6 +66,12 @@ include ../Rules > > CFLAGS-getpt.c +=3D -fexceptions > > CFLAGS-getlogin_r.c +=3D $(config-cflags-wno-ignored-attributes) > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + getlogin_r \ > > + ptsname_r \ > > + # routines_no_fortify > > + > > ifeq (yesyes,$(have-fpie)$(build-shared)) > > pt_chown-cflags +=3D $(pie-ccflag) > > endif > > diff --git a/misc/Makefile b/misc/Makefile > > index 84aa4cb0ad..36ba7a0bad 100644 > > --- a/misc/Makefile > > +++ b/misc/Makefile > > @@ -205,6 +205,13 @@ routines :=3D \ > > writev \ > > # routines > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + getdomain \ > > + gethostname \ > > + syslog \ > > + # routines_no_fortify > > + > > generated +=3D \ > > tst-allocate_once-mem.out \ > > tst-allocate_once.mtrace \ > > diff --git a/posix/Makefile b/posix/Makefile > > index ad43cbdec6..5113ee3b74 100644 > > --- a/posix/Makefile > > +++ b/posix/Makefile > > @@ -183,6 +183,14 @@ routines :=3D \ > > wordexp \ > > # routines > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + confstr \ > > + getgroups \ > > + pread \ > > + pread64 \ > > + # routines_no_fortify > > + > > aux :=3D \ > > environ \ > > init-posix \ > > @@ -604,6 +612,9 @@ bug-glob1-ARGS =3D "$(objpfx)" > > tst-execvp3-ARGS =3D --test-dir=3D$(objpfx) > > CFLAGS-tst-spawn3.c +=3D -DOBJPFX=3D\"$(objpfx)\" > > > > +# Test voluntarily overflows struct dirent > > +CFLAGS-bug-glob2.c +=3D $(no-fortify-source) > > + > > $(objpfx)testcases.h: TESTS TESTS2C.sed > > LC_ALL=3DC sed -f TESTS2C.sed < $< > $@T > > mv $@T $@ > > diff --git a/rt/Makefile b/rt/Makefile > > index a97333dc02..3d4a3f0eec 100644 > > --- a/rt/Makefile > > +++ b/rt/Makefile > > @@ -100,6 +100,11 @@ CFLAGS-aio_suspend.c +=3D -fexceptions > > CFLAGS-mq_timedreceive.c +=3D -fexceptions -fasynchronous-unwind-tabl= es > > CFLAGS-mq_timedsend.c +=3D -fexceptions -fasynchronous-unwind-tables > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + mq_open \ > > + # routines_no_fortify > > + > > LDFLAGS-rt.so =3D -Wl,--enable-new-dtags,-z,nodelete > > > > $(objpfx)librt.so: $(shared-thread-library) > > diff --git a/setjmp/Makefile b/setjmp/Makefile > > index e5733a8c52..363fb6673c 100644 > > --- a/setjmp/Makefile > > +++ b/setjmp/Makefile > > @@ -38,4 +38,13 @@ gen-as-const-headers +=3D jmp_buf-macros.sym > > > > include ../Rules > > > > +# This test messes the stack on purpose, which triggers longjump forti= fy > > +# failure > > +CFLAGS-bug269-setjmp.c +=3D $(no-fortify-source) > > + > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + longjmp \ > > + # routines_no_fortify > > + > > $(objpfx)tst-setjmp-fp: $(libm) > > diff --git a/socket/Makefile b/socket/Makefile > > index d9b0b4af64..08f20118cd 100644 > > --- a/socket/Makefile > > +++ b/socket/Makefile > > @@ -60,6 +60,12 @@ routines :=3D \ > > socketpair \ > > # routines > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + recv \ > > + recvfrom \ > > + # routines_no_fortify > > + > > tests :=3D \ > > tst-accept4 \ > > tst-cmsg_cloexec \ > > diff --git a/stdio-common/Makefile b/stdio-common/Makefile > > index 8871ec7668..fe304b8373 100644 > > --- a/stdio-common/Makefile > > +++ b/stdio-common/Makefile > > @@ -117,6 +117,19 @@ routines :=3D \ > > wprintf_function_invoke \ > > # routines > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + asprintf \ > > + dprintf \ > > + fprintf \ > > + printf \ > > + snprintf \ > > + sprintf \ > > + vfprintf \ > > + vfwprintf \ > > + vprintf \ > > + # routines_no_fortify > > + > > aux :=3D \ > > errlist \ > > errlist-data \ > > @@ -461,7 +474,7 @@ CFLAGS-tst-gets.c +=3D -Wno-deprecated-declarations > > > > # BZ #11319 was first fixed for regular vdprintf, then reopened becau= se > > # the fortified version had the same bug. > > -CFLAGS-tst-bz11319-fortify2.c +=3D -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE= =3D2 > > +CFLAGS-tst-bz11319-fortify2.c +=3D > $(no-fortify-source),-D_FORTIFY_SOURCE=3D2 > > > > CFLAGS-tst-memstream-string.c +=3D -fno-builtin-fprintf > > > > diff --git a/stdlib/Makefile b/stdlib/Makefile > > index 0975f55ee6..25e42a77e7 100644 > > --- a/stdlib/Makefile > > +++ b/stdlib/Makefile > > @@ -145,6 +145,13 @@ routines :=3D \ > > xpg_basename \ > > # routines > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + mbstowcs \ > > + wcstombs \ > > + wctomb \ > > + # routines_no_fortify > > + > > aux =3D \ > > grouping \ > > groupingwc \ > > diff --git a/string/Makefile b/string/Makefile > > index d3106d10a9..8cdfd5b000 100644 > > --- a/string/Makefile > > +++ b/string/Makefile > > @@ -118,6 +118,23 @@ routines :=3D \ > > xpg-strerror \ > > # routines > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + explicit_bzero \ > > + memcpy \ > > + memmove \ > > + mempcpy \ > > + memset \ > > + stpcpy \ > > + stpncpy \ > > + strcat \ > > + strcpy \ > > + strlcat \ > > + strlcpy \ > > + strncat \ > > + strncpy \ > > + # routines_no_fortify > > + > > tests :=3D \ > > bug-envz1 \ > > bug-strcoll1 \ > > diff --git a/sysdeps/ieee754/ldbl-128ibm-compat/Makefile > b/sysdeps/ieee754/ldbl-128ibm-compat/Makefile > > index 42cca25a09..34273a5f58 100644 > > --- a/sysdeps/ieee754/ldbl-128ibm-compat/Makefile > > +++ b/sysdeps/ieee754/ldbl-128ibm-compat/Makefile > > @@ -88,13 +88,19 @@ tests-internal +=3D test-wprintf-ieee128 > test-wprintf-ibm128 > > CFLAGS-test-wprintf-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi > > CFLAGS-test-wprintf-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi > > > > +# The following tests are setting _FORTIFY_SOURCE internally > > tests-internal +=3D test-obstack-ieee128 test-obstack-ibm128 > > -CFLAGS-test-obstack-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi > > -CFLAGS-test-obstack-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi > > +CFLAGS-test-obstack-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi \ > > + $(no-fortify-source) > > +CFLAGS-test-obstack-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi \ > > + $(no-fortify-source) > > > > +# The following tests are setting _FORTIFY_SOURCE internally > > tests-internal +=3D test-obstack-chk-ieee128 test-obstack-chk-ibm128 > > -CFLAGS-test-obstack-chk-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdoub= le > -Wno-psabi > > -CFLAGS-test-obstack-chk-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi > > +CFLAGS-test-obstack-chk-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdoub= le > -Wno-psabi \ > > + $(no-fortify-source) > > +CFLAGS-test-obstack-chk-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi= \ > > + $(no-fortify-source) > > > > tests-internal +=3D test-scanf-ieee128 test-scanf-ibm128 > > CFLAGS-test-scanf-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi -std=3Dc89 -D_GNU_SOURCE > > @@ -216,25 +222,37 @@ ldbl-extra-routines +=3D asprintf_chk \ > > obstack_chk \ > > vobstack_chk > > > > +# The following tests are setting _FORTIFY_SOURCE internally > > tests-internal +=3D test-printf-chk-ieee128 test-printf-chk-ibm128 > > -CFLAGS-test-printf-chk-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi > > -CFLAGS-test-printf-chk-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi > > +CFLAGS-test-printf-chk-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi \ > > + $(no-fortify-source) > > +CFLAGS-test-printf-chk-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi \ > > + $(no-fortify-source) > > > > +# The following tests are setting _FORTIFY_SOURCE internally > > tests-internal +=3D test-printf-chk-redir-ieee128 > test-printf-chk-redir-ibm128 > > CFLAGS-test-printf-chk-redir-ieee128.c +=3D -mfloat128 > -mabi=3Dieeelongdouble \ > > - -Wno-psabi -Wno-unused-result > > + -Wno-psabi -Wno-unused-result \ > > + $(no-fortify-source) > > CFLAGS-test-printf-chk-redir-ibm128.c +=3D -mabi=3Dibmlongdouble > -Wno-psabi \ > > - -Wno-unused-result > > + -Wno-unused-result \ > > + $(no-fortify-source) > > > > +# The following tests are setting _FORTIFY_SOURCE internally > > tests-internal +=3D test-wprintf-chk-ieee128 test-wprintf-chk-ibm128 > > -CFLAGS-test-wprintf-chk-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdoub= le > -Wno-psabi > > -CFLAGS-test-wprintf-chk-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi > > +CFLAGS-test-wprintf-chk-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdoub= le > -Wno-psabi \ > > + $(no-fortify-source) > > +CFLAGS-test-wprintf-chk-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi= \ > > + $(no-fortify-source) > > > > +# The following tests are setting _FORTIFY_SOURCE internally > > tests-internal +=3D test-wprintf-chk-redir-ieee128 > test-wprintf-chk-redir-ibm128 > > CFLAGS-test-wprintf-chk-redir-ieee128.c +=3D -mfloat128 > -mabi=3Dieeelongdouble \ > > - -Wno-psabi -Wno-unused-result > > + -Wno-psabi -Wno-unused-result \ > > + $(no-fortify-source) > > CFLAGS-test-wprintf-chk-redir-ibm128.c +=3D -mabi=3Dibmlongdouble > -Wno-psabi \ > > - -Wno-unused-result > > + -Wno-unused-result \ > > + $(no-fortify-source) > > endif > > > > ifeq ($(subdir),argp) > > @@ -281,13 +299,19 @@ CFLAGS-tst-ieee128-error.c +=3D -mfloat128 > -mabi=3Dieeelongdouble -Wno-psabi > > CFLAGS-tst-ieee128-efgcvt.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi > > CFLAGS-tst-ieee128-errorfptr.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi > > > > +# The following tests are setting _FORTIFY_SOURCE internally > > tests-container +=3D test-syslog-ieee128 test-syslog-ibm128 > > -CFLAGS-test-syslog-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi > > -CFLAGS-test-syslog-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi > > +CFLAGS-test-syslog-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi \ > > + $(no-fortify-source) > > +CFLAGS-test-syslog-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi \ > > + $(no-fortify-source) > > > > +# The following tests are setting _FORTIFY_SOURCE internally > > tests-container +=3D test-syslog-chk-ieee128 test-syslog-chk-ibm128 > > -CFLAGS-test-syslog-chk-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi > > -CFLAGS-test-syslog-chk-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi > > +CFLAGS-test-syslog-chk-ieee128.c +=3D -mfloat128 -mabi=3Dieeelongdouble > -Wno-psabi \ > > + $(no-fortify-source) > > +CFLAGS-test-syslog-chk-ibm128.c +=3D -mabi=3Dibmlongdouble -Wno-psabi \ > > + $(no-fortify-source) > > endif > > > > ifeq ($(subdir),stdlib) > > @@ -395,6 +419,31 @@ endif > > # Add IEEE binary128 files as make targets. > > routines +=3D $(foreach r,$(ldbl-extra-routines),ieee128-$(r)) > > > > +routines_no_fortify +=3D \ > > + ieee128-asprintf \ > > + ieee128-dprintf \ > > + ieee128-fprintf \ > > + ieee128-fwprintf \ > > + ieee128-obstack \ > > + ieee128-printf \ > > + ieee128-snprintf \ > > + ieee128-sprintf \ > > + ieee128-swprintf \ > > + ieee128-syslog \ > > + ieee128-vasprintf \ > > + ieee128-vdprintf \ > > + ieee128-vfprintf \ > > + ieee128-vfwprintf \ > > + ieee128-vobstack \ > > + ieee128-vprintf \ > > + ieee128-vsnprintf \ > > + ieee128-vsprintf \ > > + ieee128-vswprintf \ > > + ieee128-vsyslog \ > > + ieee128-vwprintf \ > > + ieee128-wprintf \ > > + # routines_no_fortify > > + > > # On powerpc64le, the routines responsible for converting between long > > # double and string (e.g.: printf, scanf, strtold, strfroml) default = to > > # IBM long double mode. When support for TS 18661-3 was added, sever= al > > diff --git a/sysdeps/ieee754/ldbl-opt/Makefile > b/sysdeps/ieee754/ldbl-opt/Makefile > > index 22e778ad0e..0ed1cd2cae 100644 > > --- a/sysdeps/ieee754/ldbl-opt/Makefile > > +++ b/sysdeps/ieee754/ldbl-opt/Makefile > > @@ -269,3 +269,32 @@ CFLAGS-tst-nldbl-wscanf-binary-gnu89.c +=3D > -mlong-double-64 -std=3Dgnu89 \ > > -DOBJPFX=3D\"$(objpfx)\" > > > > endif > > + > > +routines_no_fortify +=3D \ > > + nldbl-asprintf \ > > + nldbl-dprintf \ > > + nldbl-fprintf \ > > + nldbl-fwprintf \ > > + nldbl-obstack_printf \ > > + nldbl-obstack_vprintf \ > > + nldbl-printf \ > > + nldbl-snprintf \ > > + nldbl-sprintf \ > > + nldbl-swprintf \ > > + nldbl-syslog \ > > + nldbl-vasprintf \ > > + nldbl-vdprintf \ > > + nldbl-vfprintf \ > > + nldbl-vfwprintf \ > > + nldbl-vprintf \ > > + nldbl-vsnprintf \ > > + nldbl-vsprintf \ > > + nldbl-vswprintf \ > > + nldbl-vsyslog \ > > + nldbl-vwprintf \ > > + nldbl-wprintf \ > > + # routines_no_fortify > > + > > +# We can't rely on Makeconfig here for whatever reason > > +CFLAGS-.oS +=3D $(call elide-fortify-source,.oS,$(routines_no_fortify)) > > +CFLAGS-.oS +=3D $(call > elide-fortify-source,_chk.oS,$(routines_no_fortify)) > > diff --git a/sysdeps/pthread/Makefile b/sysdeps/pthread/Makefile > > index 32cf4eb119..31028406d5 100644 > > --- a/sysdeps/pthread/Makefile > > +++ b/sysdeps/pthread/Makefile > > @@ -304,6 +304,10 @@ tests-nolibpthread +=3D \ > > CFLAGS-tst-cleanup2.c +=3D -fno-builtin > > CFLAGS-tst-cleanupx2.c +=3D -fno-builtin > > > > +# Disable fortification due to sprintf(NULL,...) > > +CFLAGS-tst-cleanup2.c +=3D $(no-fortify-source) > > +CFLAGS-tst-cleanupx2.c +=3D $(no-fortify-source) > > + > > tests +=3D \ > > tst-cancelx2 \ > > tst-cancelx3 \ > > diff --git a/sysdeps/unix/sysv/linux/Makefile > b/sysdeps/unix/sysv/linux/Makefile > > index 594a5dc53e..9108b7d2ed 100644 > > --- a/sysdeps/unix/sysv/linux/Makefile > > +++ b/sysdeps/unix/sysv/linux/Makefile > > @@ -120,6 +120,9 @@ CFLAGS-sync_file_range.c =3D -fexceptions > -fasynchronous-unwind-tables > > CFLAGS-pselect32.c =3D -fexceptions -fasynchronous-unwind-tables > > CFLAGS-tst-writev.c +=3D > "-DARTIFICIAL_LIMIT=3D(0x80000000-sysconf(_SC_PAGESIZE))" > > > > +# The test triggers FORTIFY abortion due to purposely wrong parameters > > +CFLAGS-test-errno-linux.c +=3D $(no-fortify-source) > > + > > sysdep_headers +=3D \ > > bits/a.out.h \ > > bits/epoll.h \ > > diff --git a/wcsmbs/Makefile b/wcsmbs/Makefile > > index 22192985e1..d25a2214f8 100644 > > --- a/wcsmbs/Makefile > > +++ b/wcsmbs/Makefile > > @@ -121,6 +121,27 @@ routines :=3D \ > > wmemset \ > > # routines > > > > +# Exclude fortified routines from being built with _FORTIFY_SOURCE > > +routines_no_fortify +=3D \ > > + mbsnrtowcs \ > > + mbsrtowcs \ > > + wcpcpy \ > > + wcpncpy \ > > + wcrtomb \ > > + wcscat \ > > + wcscpy \ > > + wcslcat \ > > + wcslcpy \ > > + wcsncat \ > > + wcsncpy \ > > + wcsnrtombs \ > > + wcsrtombs \ > > + wmemcpy \ > > + wmemmove \ > > + wmempcpy \ > > + wmemset \ > > + # routines_no_fortify > > + > > tests :=3D \ > > test-c8rtomb \ > > test-char-types \ > > @@ -231,7 +252,7 @@ CFLAGS-wcstod_l.c +=3D $(strtox-CFLAGS) > $(config-cflags-wno-ignored-attributes) > > CFLAGS-wcstold_l.c +=3D $(strtox-CFLAGS) > $(config-cflags-wno-ignored-attributes) > > CFLAGS-wcstof128_l.c +=3D $(strtox-CFLAGS) > > CFLAGS-wcstof_l.c +=3D $(strtox-CFLAGS) > $(config-cflags-wno-ignored-attributes) > > -CPPFLAGS-tst-wchar-h.c +=3D -D_FORTIFY_SOURCE=3D2 > > +CPPFLAGS-tst-wchar-h.c +=3D $(no-fortify-source),-D_FORTIFY_SOURCE=3D2 > > > > CFLAGS-wcschr.c +=3D $(config-cflags-wno-ignored-attributes) > > CFLAGS-wmemchr.c +=3D $(config-cflags-wno-ignored-attributes) > > --000000000000d6633505ff96a700--