mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-19 10:53:58 +00:00
Code Issues Releases Activity
54f82841d5
freebsd/lib
History
Jeremie Le Hen 54f82841d5 Turn libc.so into an ld script rather than a symlink pointing to the 
real shared object and libssp_nonshared.a.

This was the last showstopper that prevented from enabling SSP for ports
by default.  portmgr@ performed a buildworld which showed no significant
breakage with this patch.

Details:

On i386 for PIC objects, gcc uses the __stack_chk_fail_local hidden
symbol instead of calling __stack_chk_fail directly [1].  This happen
not only with our gcc-4.2.1 but also with the latest gcc-4.8.  If you
want the very nasty details, see [2].

OTOH the problem doesn't exist on other architectures.  It also doesn't
exist with Clang as the latter will somehow manage to create the
function in the object file at compile time (contrary to only
referencing it through a symbol that will be brought in at link time).

In a perfect world, when an object file is compiled with
-fstack-protector, it will be linked into a binary or a DSO with this
same flag as well, so GCC will add libssp_nonshared.a to the linker
command-line.  Unfortunately, we don't control softwares in ports and we
may have such broken DSO.  This is the whole point of this patch.

You can reproduce the problem on i386 by compiling a source file into an
object file with "-fstack-protector-all -fPIE" and linking it
into a binary without "-fstack-protector".

This ld script automatically proposes libssp_nonshared.a along with the
real libc DSO to the linker.  It is important to understand that the
object file contained in this library will be pulled in the resulting
binary _only if_ the linker notices one of its symbols is needed (i.e.
one of the SSP symbol is missing).

A theorical performance impact could be when compiling, but my testing
showed less than 0.1% of difference.

[1] For 32-bit code gcc saves the PIC register setup by using
    __stack_chk_fail_local hidden function instead of calling
    __stack_chk_fail directly.  See comment line 19460 in:
    src/contrib/gcc/config/i386/i386.c

[2] When compiling a source file to an object file, if you use something
    which is external to the compilation unit, GCC doesn't know yet if
    this symbol will be inside or outside the DSO.  So it expects the
    worst case and routes the symbol through the GOT, which means
    additional space and extra relocation for rtld(1).

    Declaring a symbol has hidden tells GCC to use the optimal route (no
    GOT), but on the other hand this means the symbol has to be provided
    in the same DSO (namely libssp_nonshared.a).

    On i386, GCC actually uses an hidden symbol for SSP in PIC objects
    to save PIC register setup, as said in [1].

PR:		ports/138228
PR:		ports/168010
Reviewed by:	kib, kan
2013-06-12 21:12:05 +00:00
..
atf Remove -L<path> from LDADD, it doesn't belong there. 2012-11-07 00:23:51 +00:00
bind Update to 9.8.4-P2 2013-03-27 10:11:43 +00:00
clang Upgrade our copy of llvm/clang to 3.3 release. 2013-06-12 18:48:53 +00:00
csu Add a makefle that recurses into the right architecture-specific 2013-05-21 17:47:53 +00:00
libalias
libarchive MFV r248590,248594: 2013-03-22 13:36:03 +00:00
libauditd
libbegemot
libblocksruntime
libbluetooth
libbsm
libbsnmp Add missing DPADD 2013-01-01 18:29:25 +00:00
libbz2
libc Turn libc.so into an ld script rather than a symlink pointing to the 2013-06-12 21:12:05 +00:00
libc++ Fix broken macro checking in the libc++ Makefile, introduced in r241909. 2012-11-02 12:18:38 +00:00
libcalendar
libcam Fix a typo: XPORT_SPI should be tested against transport, nor protocol. 2013-06-03 21:52:19 +00:00
libcom_err
libcompat
libcompiler_rt Use improved __sync_*() intrinsics for MIPS in userspace as well. 2013-06-08 13:22:53 +00:00
libcrypt Simple unit-tests for libcrypt, to show how easy it is. 2012-11-07 22:03:59 +00:00
libcxxrt Add several missing symbols to libcxxrt's symbol version map, and remove 2013-02-03 20:40:41 +00:00
libdevinfo
libdevstat New devstat metrics for devstat_compute_statistics(): 2012-12-15 18:19:48 +00:00
libdwarf libdwarf: anonymous types are expected to have empty type names... 2013-03-23 08:50:56 +00:00
libedit libedit: Revert r247683 to fix buildworld. 2013-03-03 14:42:15 +00:00
libefi
libelf Merge part of r1712 from elftoolchain, making it possible to resize ELF 2013-02-24 15:15:50 +00:00
libexpat Update base system libexpat to 2.1.0. 2013-02-26 00:58:44 +00:00
libfetch Use the CONNECT method to proxy HTTPS connections through HTTP proxies. 2013-04-12 22:05:15 +00:00
libgeom Improve libgeom XML parsing error handling. 2012-10-26 12:46:33 +00:00
libgpib mdoc: minor Bl improvements. 2012-06-02 08:47:26 +00:00
libgssapi mdoc: add missing -width argument to Bl -tag. 2012-06-08 12:09:00 +00:00
libiconv
libiconv_modules
libipsec Improve compatibility with recent flex from flex.sourceforge.net. 2013-05-03 23:51:32 +00:00
libipx
libjail Fix some memory allocation errors: 2012-10-04 19:07:05 +00:00
libkiconv no one bothered to write the iconv.9 man page... If it appears we 2013-02-26 19:46:02 +00:00
libkse
libkvm Switch to 2-clause license and standard text 2013-06-06 21:09:27 +00:00
libldns Clean up. 2013-04-14 00:59:56 +00:00
liblzma
libmagic r235638 is not the clean way to add support for building on ancient FreeBSD 2012-09-11 22:38:33 +00:00
libmandoc Merge mandoc from vendor into contrib and provide the necessary Makefile glue. 2012-10-19 22:21:01 +00:00
libmd
libmemstat Const-ify the zone name argument to uma_zcreate(9). 2012-10-26 17:51:05 +00:00
libmilter
libmp
libnandfs
libnetbsd Add libnetbsd, a thin compatibility layer intended to allow a limited 2012-12-21 20:37:38 +00:00
libnetgraph Fix for quite a special case when userland emulates a netgraph node, and 2013-03-11 13:05:11 +00:00
libngatm
libopie
libpam Backport upstream r684 (OPENPAM_DEBUG enables debugging macros but does 2013-04-14 16:49:27 +00:00
libpcap MFV: libpcap 1.4.0. 2013-05-30 08:02:00 +00:00
libpmc Always install pmc.foo(3) manpages. 2013-05-03 08:20:10 +00:00
libproc - Compute the correct size to reallocate when doubling the size of the 2013-01-28 15:48:31 +00:00
libprocstat Borrow the algorithm from kvm_getprocs() to fix procstat_getprocs() to 2013-06-11 20:00:49 +00:00
libradius mdoc sweep. 2013-05-12 22:22:12 +00:00
librpcsec_gss Fix warnings found by -Wmising-variable-declarations. 2012-10-19 05:43:38 +00:00
librpcsvc
librt
librtld_db
libsbuf Add sbuf_start_section and sbuf_end_section to the libsbuf symbol map. 2013-04-11 19:50:10 +00:00
libsdp
libsm Since clang 3.2 now has an option to suppress warnings about implicitly 2013-02-16 20:17:31 +00:00
libsmb
libsmdb
libsmutil
libstand libstand: Reset the seek pointer in ext2fs as done in UFS. 2013-06-09 01:19:22 +00:00
libstdbuf Remove WARNS=6 lines. 2012-10-18 15:39:29 +00:00
libstdthreads
libtacplus mdoc sweep. 2013-05-12 22:22:12 +00:00
libtelnet
libthr Since the cause of the problems with the __fillcontextx() was 2013-06-03 04:22:42 +00:00
libthread_db Fix warnings found by -Wmising-variable-declarations. 2012-10-19 05:43:38 +00:00
libufs
libugidfw
libulog
libusb Add libusb_get_port_numbers 2013-06-07 13:45:58 +00:00
libusbhid Restore handling of the third argument (id) of hid_start_parse(), same as 2012-09-20 18:56:27 +00:00
libutil When pidptr was passed as NULL to pidfile_open(3), we were returning 2013-03-14 20:22:52 +00:00
libvgl
libvmmapi Remove deprecated APIs to get the total and free memory available to vmm.ko. 2013-04-25 20:42:21 +00:00
libwrap
liby
libyaml Add a stub manpage modeled over the libexpat one to explain to users not to use 2013-03-05 13:06:40 +00:00
libypclnt
libz MFV: Update zlib to 1.2.8. 2013-05-05 06:20:49 +00:00
msun Add implementations of acoshl(), asinhl(), and atanhl(). This is a 2013-06-10 06:04:58 +00:00
ncurses Convert old make variable modifiers :U and :L to bmake :tu and :tl. 2013-06-02 11:44:23 +00:00
Makefile Wrap the creation of the ../include link in /usr/lib in 2013-04-30 18:14:22 +00:00
Makefile.inc