From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dormouse.elm.relay.mailchannels.net (dormouse.elm.relay.mailchannels.net [23.83.212.50]) by sourceware.org (Postfix) with ESMTPS id 0B78D3858D35 for ; Wed, 5 Jul 2023 00:13:45 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 0B78D3858D35 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=gotplt.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gotplt.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id A52492616A8; Wed, 5 Jul 2023 00:13:44 +0000 (UTC) Received: from pdx1-sub0-mail-a286.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id E9DB2261E9D; Wed, 5 Jul 2023 00:13:43 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1688516023; a=rsa-sha256; cv=none; b=E2Z2UtADn7/dKwxwn9WcIKjnsxhGj1C7srShBrvxAB0742ekvWK49krvLZH3dN4d2FkBGg 96V7cWJbYl34MLQLnK2e9P7kSaXyNpc9w38yf9QpxUR92ICNod1EIsVsN4ElUt3f1Wf2QY zNgi9p1n41vvNIO/RJgExTZ6Brcu4RBeTsRila+HJFu6R3tngMgwYXM/RqDxuqw/BH7POV PXAAHTuLZEc8N8isTDRt4JWYiTkGgqceDOJ09x9QK8GCS2tMBo6xCGBYu152rVIguFcomT K0pLDP6kySofIJFXqm4xPwMCMVF+kwTW96AMAIajg3rmXLDxYKe6FDW17h/i0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1688516023; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=spxSaniDDGelHGott3olSu+BR0VEDvSPGiHWTMabcFA=; b=yWDmN8SEtxyLhkAO6vJsXbyb3cv7lVom42ZEslJpjJ8MhbDuRfxW7GjiYwh9eul29dcUcf QRyQJlR/4iY/0pcWfT3VNws5Bc5kaw/zfVfS2g0CIQnQxVTq0im/7psane/QXRt/squEnO R+kBK7uWkGQHAlIZplq/d3+BGuMjcJXxQgKeRK27caN/0VfoUawqyUfcccc9yGaUwNVBWE aqAzOePGMzjSl7R4w8eiIWNmmi11/i3Vh9clNm4wkm+67PD61phDbyMHieQ1uzz/1J4t5o qnC+P0sRowRVXjr61TCvbJMyMKgxV+288ghz/rO1fp/gv0IvOmTPmF7DOwz/RQ== ARC-Authentication-Results: i=1; rspamd-9fcc56855-d9xf5; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@gotplt.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Little-Callous: 7396eb242eb9fe74_1688516024209_3867887256 X-MC-Loop-Signature: 1688516024207:1738988591 X-MC-Ingress-Time: 1688516024207 Received: from pdx1-sub0-mail-a286.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.126.30.17 (trex/6.9.1); Wed, 05 Jul 2023 00:13:44 +0000 Received: from [192.168.0.182] (bras-vprn-toroon4834w-lp130-09-174-91-45-44.dsl.bell.ca [174.91.45.44]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a286.dreamhost.com (Postfix) with ESMTPSA id 4Qwg9z3pXHzC9; Tue, 4 Jul 2023 17:13:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gotplt.org; s=dreamhost; t=1688516023; bh=spxSaniDDGelHGott3olSu+BR0VEDvSPGiHWTMabcFA=; h=Date:Subject:To:From:Content-Type:Content-Transfer-Encoding; b=CF/OrcrJtJrM5cpWvg+VhGeSzTH0qRxjriidgx9qBAzRIE5zOlT4/Qh0nC9BJsrmE q0dYH18FgqqKhNmlnAOapVSDD51VREg2HW5x0zqZEdLAUgHUHi+LCX9pkAoy3mYJNs 2LV0HlqeHrxRSy7DUhU9P85KvMG026bs475l/jHvdSGPwrOA91iVELoocyh0V4Yhn6 hEZlvJIiQIaR9Zf1ZDA6VRjmFrgXB7mlbY9JytYI7xE834Wokt5T5jZe5Hib00m76Z uNwY2zC2PwuvoTCa2IPFySeW7UOymbVWpgqFbPESRF2JlnHqduA4LXzXZ0CVScNwEQ gJUvfoJOltDtg== Message-ID: Date: Tue, 4 Jul 2023 20:13:41 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0 Subject: Re: [PATCH v4 00/15] Allow glibc to be built with _FORTIFY_SOURCE Content-Language: en-US To: =?UTF-8?B?RnLDqWTDqXJpYyBCw6lyYXQ=?= , libc-alpha@sourceware.org References: <20230704165554.239581-1-fberat@redhat.com> From: Siddhesh Poyarekar In-Reply-To: <20230704165554.239581-1-fberat@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3031.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 2023-07-04 12:55, Frédéric Bérat wrote: > Hello, > > This patch series introduces a new "--enable-fortify-source" option to glibc > build. This option may either be set to a value between 1 and 3, or left empty > to let configure select the highest value available for the build system. > > The first patch adds the new configure option, the second excludes the routines > that can't be built with the option enabled. > > The next patches are fixing test and compilation errors that arose with > fortification enabled. > > I couldn't test the patch series in all configuration possible on all arches > possible but I ran the following: > > - build-many-glibcs was executed on x86_64, for all arches/variants. This was > mainly done to ensure that installed headers were not broken (as some > patches are modifying system headers) > - The new "enable-fortify-source" variant for BMG got executed on x86_64 > - make check and benchtests were executed on x86_64, i686, ppc64le, aarch64, > s390x, with and without fortification enabled. > > Fred. > > Changes since v1: > - The patch that introduced the new config option has been split in 2. > There is now one patch that allows glibc to be built with fortification and > one that adds a new configure option to enable it. > The patch adding the configure option has been moved to the end of the > series. > - A new variant has been added to x86_64 bmg to test enable-fortify-source. > - NEWS and INSTALL have been updated. > - Patch series has been re-based > - Error message has been fixed in newly introduced headers > - Include directive has been fixed in newly introduced include/* headers > > Changes since v2: > - Test for bug269 modifies the stack in a way that may trigger an abort on > longjump when fortification is enabled. Thus, disable fortification for this > test. > - Added 2 patches to perform the same changes on stdio.h that was done for > unistd.h and wchar.h. Declarations that were in stdio2.h are moved into > existing stdio-decl.h, and __REDIRECT is rplaced by __REDIRECT_FORTIFY for > fgets_unlocked_alias. > - Title for some patches were modified without content change. > > Changes since v3: > - Patch 02 (Exclude routines from fortification): Add $(no-fortify-source) to > CFLAGS-tst-sprintf-ub.c > - Patch 06 (asprintf_chk: Ensure compatibility for both s390x and ppc64le) is > squashed in patch 05 (stdio: Ensure *_chk routines have their hidden builtin > definition available). Hence, reviewed-by on patch 05 is dropped. > - Patch 05 now details why s390x couldn't build if ldbl_* macros are used with > __asprintf_chk > - Patch 08 (wchar: Avoid PLT entries with _FORTIFY_SOURCE): unexpected left > over is removed. > - Patch 10 (unistd: Avoid PLT entries with _FORTIFY_SOURCE): > libc_hidden_builtin_{def,proto} replaced with libc_hidden_{def,proto} > - Patch 11 (misc/bits/select2.h: Clearly separate declaration from > definitions): libc_hidden_builtin_{def,proto} replaced with > libc_hidden_{def,proto} > - Patch 16 (Add --enable-fortify-source option): if "--enable-fortify-source" > is NOT set (i.e. assume "--disable-fortify-source"), forcibly undefine > _FORTIFY_SOURCE (instead of letting it pass-through). This is the default > and matches old behavior. Almost done. In summary: - Wait for Paul to review the ldbl-128 symbol hacks - Merge 1/15 and 15/15 together into a single, first patch of the series with the recommended changes. That should get us through. Given that you'll likely be doing more glibc work, I'll be happy to sponsor write access for you if you like so that you can push your own patches after review. Please review the consensus[1] wiki page to understand the responsibilities of someone with write access and then once you're ready, request an account on sourceware[2]. Cheers, Sid [1] https://sourceware.org/glibc/wiki/Consensus [2] https://sourceware.org/cgi-bin/pdw/ps_form.cgi