Disable stack protector in early static initialization [BZ #7065]

The startup code in csu/, and the brk and sbrk functions are
needed very early in initialization of a statically-linked program,
before the stack guard is initialized; TLS initialization also uses
memcpy, which cannot overrun its own stack.  Mark all of these as
-fno-stack-protector.

We also finally introduce @libc_cv_ssp@ and @no_stack_protector@, both
substituted by the configury changes made earlier, to detect the case
when -fno-stack-protector is supported by the compiler, and
unconditionally pass it in when this is the case, whether or not
--enable-stack-protector is passed to configure.  (This means that
it'll even work when the compiler's been hacked to pass
-fstack-protector by default, unless the hackage is so broken that
it does so in a way that is impossible to override.)

diff --git a/ChangeLog b/ChangeLog
index 395a14ba4d8be8894002b4987b4c02e76adcaa28..64ccdf7ca098449c20047b53d964f2afc61fafb7 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,15 @@
+2016-12-26  Nick Alcock  <nick.alcock@oracle.com>
+
+       [BZ #7065]
+       * config.make.in (have-ssp, no-stack-protector): New.
+       * csu/Makefile (CFLAGS-.o, CFLAGS-.op, CFLAGS-.os): Use it.
+       * misc/Makefile (CFLAGS-sbrk.o): Likewise.
+       (CFLAGS-sbrk.op): Likewise.
+       (CFLAGS-brk.o): Likewise.
+       (CFLAGS-brk.op): Likewise.
+       * string/Makefile (CFLAGS-memcpy.c): Likewise.
+       (CFLAGS-wordcopy.c): Likewise.
+
 2016-12-26  Nick Alcock  <nick.alcock@oracle.com>
 
        [BZ #7065]

diff --git a/config.make.in b/config.make.in
index 35e7e59663db7057f0c06f1996555e1dafcbe205..4422025e59e52c28dcdadc994d4f212380458b4c 100644 (file)
--- a/config.make.in
+++ b/config.make.in
@@ -58,7 +58,9 @@ with-fp = @with_fp@
 enable-timezone-tools = @enable_timezone_tools@
 unwind-find-fde = @libc_cv_gcc_unwind_find_fde@
 have-fpie = @libc_cv_fpie@
+have-ssp = @libc_cv_ssp@
 stack-protector = @stack_protector@
+no-stack-protector = @no_stack_protector@
 have-selinux = @have_selinux@
 have-libaudit = @have_libaudit@
 have-libcap = @have_libcap@

diff --git a/csu/Makefile b/csu/Makefile
index 3d23f138680c271747b72f2b10313a32c291abc3..75f36bbbf407c3544ca42b75557738c37c3ce5fc 100644 (file)
--- a/csu/Makefile
+++ b/csu/Makefile
@@ -46,6 +46,10 @@ before-compile += $(objpfx)version-info.h
 # code is compiled with special flags.
 tests =
 
+CFLAGS-.o += $(no-stack-protector)
+CFLAGS-.op += $(no-stack-protector)
+CFLAGS-.os += $(no-stack-protector)
+
 ifeq (yes,$(build-shared))
 extra-objs += S$(start-installed-name) gmon-start.os
 ifneq ($(start-installed-name),$(static-start-installed-name))

diff --git a/misc/Makefile b/misc/Makefile
index d241daea478b375060e5ca6bc1036d77d5410b59..35dba3492a4374258436cf79597ef0a36a7e52aa 100644 (file)
--- a/misc/Makefile
+++ b/misc/Makefile
@@ -108,6 +108,13 @@ CFLAGS-getusershell.c = -fexceptions
 CFLAGS-err.c = -fexceptions
 CFLAGS-tst-tsearch.c = $(stack-align-test-flags)
 
+# Called during static library initialization, so turn stack-protection
+# off for non-shared builds.
+CFLAGS-sbrk.o = $(no-stack-protector)
+CFLAGS-sbrk.op = $(no-stack-protector)
+CFLAGS-brk.o = $(no-stack-protector)
+CFLAGS-brk.op = $(no-stack-protector)
+
 include ../Rules
 
 $(objpfx)libg.a: $(dep-dummy-lib); $(make-dummy-lib)

diff --git a/string/Makefile b/string/Makefile
index 081627734d63aafeebe8fb6b6d435ed1d5a3cff0..64b4c80eaa57c08c5849e71e36ac428376c24f0a 100644 (file)
--- a/string/Makefile
+++ b/string/Makefile
@@ -73,6 +73,10 @@ CFLAGS-test-ffs.c = -fno-builtin
 CFLAGS-tst-inlcall.c = -fno-builtin
 CFLAGS-tst-xbzero-opt.c = -O3
 
+# Called during TLS initialization.
+CFLAGS-memcpy.c = $(no-stack-protector)
+CFLAGS-wordcopy.c = $(no-stack-protector)
+
 ifeq ($(run-built-tests),yes)
 $(objpfx)tst-svc-cmp.out: tst-svc.expect $(objpfx)tst-svc.out
        cmp $^ > $@; \