more stack protector fun
robert at linuxfromscratch.org
Sun Jan 2 05:37:06 PST 2005
>From what I gather it looks like libraries can be built with
-fstack-protector-all. I think it's because libc.so will always get loaded in
conjunction with the other library, and so the __guard value always gets
filled. The newer uclibc's are building everything except libc.so and ld.so
with -fstack-protector-all. They don't have detailed comments, but I'm
guessing libc.so and ld.so can't be built with fstack because it's a circular
dependency, and/or because if either of these objects overflow/segfault then
the protection code won't get run anyway.
Attached is a patch for chapter 6's Glibc. It adds -fstack-protector-all to:
gencat, getconf, getent, iconv, iconvconfig, ldconfig, sprof, sln, lddlibc4,
locale, localedef, nscd, nscd_nischeck, pcprofiledump, pt_chown, utmpdump,
rpcgen, rpcinfo, zdump, and zic
Tests get -fno-stack-protector; it wasn't really needed at this point but I
added them while I was at it. I ran 'make check' with this patch and it
The only exception, so far, is sysctl.c. It gives me this:
stack overflow in function __sysctl()
make: *** [/sources/hlfs-packages/glibc-build/sunrpc/xbootparam_prot.stmp]
for whatever reason. So I added -fno-stack for sysctl.c.
I know the patch is sorta big; 857 lines so far (in the pre3 version). I can't
use global cflags in the makefiles because the tests will fail. The only way
I could do it was adding a cflags definition for each C file, one by one.
Now I started adding libraries to the patch (libcrypt, libintl, libresolv). If
Binutils and GCC get matching patches then the sspspecs patch can get a bunch
of the filters removed. Libraries like ncurses, etc, could start getting
fstack-prot-all (transparently), so we get max protection. Most of the
filters are there just for the 3 toolchain packages, nothing else complains
about using no filters.
Another thing. For fun I tried adding -fpie to the above utilities. Gencat,
and getconf, have non-pic assembly code. So I quit after trying those two.
Some of them may be able to link statically and pass the tests, but some
might not (I tried before). This would help the rebuildability problem with
glibc and grsec.
This shouldn't take me too much longer. Maybe a day or two. I got sidetracked.
I'll try to finish updating the book after.
Idealy this patch would only set -fno-stack-prot for libc.so, ld.so, and the
tests, and have gcc doing -fstack-prot-all on everything by default. That
patch would be the least intrusive and problematic possible. But there are
167 makefiles in Glibc, so I'll start with this patch and a gcc that does not
have default fstack-prot, ie: generic specsfile (as-per instructions in the
current svn glibc chapter6).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 32221 bytes
Desc: not available
More information about the hlfs-dev