Commit Graph

84 Commits

Author SHA1 Message Date
Bryan Drewery
5608fd23c2 Revert r267233 for now. PIE support needs to be reworked.
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
   build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
   where it never would work anyhow, such as csu or loader. This suggests
   there may be better ways of adding support to the tree. Many of these
   cases can be fixed such that -fPIE will work but there is really no
   reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
   really building libraries but have been using bsd.prog.mk because the code
   is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
   been needed.

We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.

Reported by:	kib
2014-08-19 15:04:32 +00:00
Baptiste Daroussin
01c2b8ac0d use .Mt to mark up email addresses consistently (part2)
PR:		191174
Submitted by:	Franco Fichtner  <franco@lastsummer.de>
2014-06-20 09:57:27 +00:00
Bryan Drewery
864c53ead8 In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.

Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]

Mark known build failures as NO_PIE for now.

The only known runtime failure was rtld.

[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by:		Shawn Webb <lattera@gmail.com>
Discussed between:	des@ and Shawn Webb [2]
2014-06-08 17:29:31 +00:00
Pedro F. Giffuni
2ebed5db20 crunchgen: Permit use of alternative linkers.
Submitted by:	Pete Chou
MFC after:	1 week
2013-02-05 02:57:59 +00:00
Pedro F. Giffuni
997d42d7a7 crunch: Sync some NetBSD changes
Revert a comment that was not supposed to go away.

Obtained from:	NetBSD
2013-02-02 22:39:21 +00:00
Pedro F. Giffuni
96acb2c4fa crunch: Sync some NetBSD changes.
crunchide:
Apr 11, 2009: fix some -Wsign-compare issues.
Sep 20, 1999: Free the right thing.

crunchgen:
Apr 14, 2009: Fix some WARNS=4 issues (-Wshadow -Wcast-qual)
Oct 30, 2004: Add (unsigned char) cast to ctype functions
Feb 5, 2001: fix nested extern.

examples:
Aug 30, 2007: NetBSD 36867 - trsp references are deprecated

Obtained from:	NetBSD
MFC after:	1 week
2013-02-02 21:51:14 +00:00
David E. O'Brien
02c751922e Some amount of style(9)
-- function definitions, header ordering, and $FreeBSD$.
2012-06-27 04:39:30 +00:00
David E. O'Brien
70840a510a Ensure crunchen uses the same make binary as the rest of the build.
Submitted by:	Simon Gerraty <sjg@juniper.net>
2012-06-25 21:56:36 +00:00
Ulrich Spörlein
0d9deed52c mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
2010-10-08 12:40:16 +00:00
Ulrich Spörlein
0afc94c17a mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the
bottom of the manpages and order them consistently.

GNU groff doesn't care about the ordering, and doesn't even mention
CAVEATS and SECURITY CONSIDERATIONS as common sections and where to put
them.

Found by:	mdocml lint run
Reviewed by:	ru
2010-05-13 12:07:55 +00:00
David E. O'Brien
b08897254c Run with -B and just .POSIX. 2009-01-31 07:03:36 +00:00
David E. O'Brien
7328f91370 Set .POSIX mode, along with disable parallel mode. Crunchgen parses the
output from make(1) and its picky what it should look like.
Also use make's conditional assignment operator rather than test and set.
2009-01-13 06:52:51 +00:00
Yaroslav Tykhiy
5e8bbdf131 Include <stdlib.h> for the right prototype for exit(3). 2007-10-27 16:16:02 +00:00
Yaroslav Tykhiy
a7aebe893d Set the program name if the crunched program is selected through
argv[1] to mimic crt0 behaviour.  Do the job by a direct assignment
to __progname in order to stay compatible with NetBSD, whose
setprogname() is a deliberate no-op.

The reason for this change is that some programs (usually those
imported from NetBSD) use getprogname() to distinguish between their
aliases.  (See pkill aka pgrep for example.)

This change can be useful, and applicable, to NetBSD, too.
2007-10-27 16:13:31 +00:00
John Birrell
51d9ddc635 Back out half of my previous change to support parallel makes.
The generated Makefile clashes with the src/bin/sh/Makefile, causing
it to try to use a rule to build something it doesn't need to.
2006-11-27 01:35:11 +00:00
John Birrell
80f498e559 Fix another parallel make problem with the generated make file.
Define the xxx_OBJPATHS earlier and then use it in the xxx_make
target because each obj is actually made through that.

This allows the crunch to work with -j32 on sun4v.

The makefile generated is still poor, though. It really shouldn't use
the general 'make all' to do the submakes in the app directories being
crunched because each of those objects is listed as a dependency in
the generated crunch makefile. Doing that really requires a unique rule
to generate them.
2006-11-24 03:56:25 +00:00
John Birrell
e8a1d46e97 Add the SUBMAKE_TARGETS (like ppp_make) to the dependency list
for linking the crunched app so that when a parallel make is run
(like -j32 on sun4v), the link waits for the sub-make processes
to complete.
2006-11-22 07:52:14 +00:00
Ruslan Ermilov
bc84aa4ba3 Markup fixes. 2006-09-29 17:57:04 +00:00
Ceri Davies
8211eded3e Bump .Dd before I get told off. 2005-12-23 15:33:31 +00:00
Ceri Davies
55f92f6465 Commands like gmirror, graid3, ... and others which use dlopen() to load
classes from say, /lib/geom, cannot be statically linked completely.
Moreover, those shared objects may require other shared objects (i.e.
 for geom, libraries like -lmd, -lcrypto).

The libs_so extension to crunchgen fixes this by allowing some libraries
to be linked in dynamically.  This requires that a copy of rtld and the
shared libraries be made available to the crunched binary, and so is not
suitable for all environments.  Crunchgen configurations which do not
use the 'libs_so' keyword are unaffected and produce identical binaries
with and without this commit.

Approved by:		murray (mentor, in spirit), jhb
In collaboration with:	Adrian Steinmann <ast at marabu dot ch>
MFC After:		6 weeks
2005-12-23 15:31:37 +00:00
Ruslan Ermilov
951e4d1c91 In crunchgen(1), when calling make(1), don't redirect stderr to stdout,
just rely on the exit status to detect an error.  This makes crunchgen(1)
safe to use with certain make(1) debugging flags.

MFC after:	1 week
2005-01-20 10:49:03 +00:00
Hartmut Brandt
a8595b6640 Fix a 4.X -> 5.X upgrade problem: crunchgen used to emit a line 'MAKE=make'
or 'env MAKEOBJDIRPREFIX=... make' depending on the setting of
MAKEOBJDIRPREFIX in the environment. In any case this line kills the
original value of ${MAKE}. When during buildworld a new make is built (as
is the case during the upgrade) this causes a wrong make to be picked up
(the first one in the path). Use the same technique as Makefile.inc1:
create a MAKEENV variable and a CRUNCHMAKE that calls ${MAKE} with that
MAKEENV prefixed. Use CRUNCHMAKE instead of MAKE throughout the generated
makefile. This leaves the original ${MAKE} undisturbed.
2004-08-09 19:18:19 +00:00
Ruslan Ermilov
2343a53401 The second chdir(1) that I trimmed is needed too
if the program has an object directory.

Explained by:	Tim Kientzle <kientzle@acm.org>
2003-04-23 04:28:35 +00:00
Ruslan Ermilov
7cc7315cfb chdir(1) into a source directory before attempting to determine the
OBJS list.  This is needed to crunch any program that relies on the
correct .CURDIR setting, e.g. src/bin/csh.

Submitted by:	Tim Kientzle <kientzle@acm.org>
2003-04-22 14:01:33 +00:00
Gregory Neil Shapiro
b0c70f811b Apply the envp fix to the other call to main() as well.
Submitted by:	Peter Edwards <pmedwards@eircom.net>
2002-08-09 02:39:38 +00:00
Gregory Neil Shapiro
8f3548b29f Pass envp to crunched program's main() routines as some depend on it.
Note that crunchgen's stub .c programs already have the code to use it:

	    "int _crunched_%s_stub(int argc, char **argv, char **envp)"
	    "{return main(argc,argv,envp);}\" >%s_stub.c\n",

Add $FreeBSD$ to allow the commit.

Reviewed by:	luigi
MFC after:	3 days
2002-08-04 22:14:44 +00:00
Ruslan Ermilov
3d8d000653 mdoc(7) police: markup nit. 2002-05-30 07:51:22 +00:00
Philippe Charnier
7f94b8deee Use `The .Nm utility' 2002-04-20 12:27:18 +00:00
Luigi Rizzo
252f13ab51 Add a "special progname lib xxx ..." command to crunchgen
so the .lo files can be partially linked against libraries
which redefine symbols in the standard libs, or which reference
symbols in the objects.

Submitted by: Sam Leffler
MFC After: 3 days
2002-03-30 16:48:30 +00:00
Josef Karthauser
1554755e12 Make source crunches work as well as object crunches; broken in the
last commit that fixed object crunches.

Repeat after me, "no excuses for not testing".
2001-08-17 11:11:10 +00:00
Josef Karthauser
11384533ea Make crunchgen crunch pre-built object files again, i.e.:
progs prog1
    special prog1 objdir ../../prog1/obj
    special prog1 objs prog1.o

This fixes a bug that I introduced around the time of 4.2-release.

Reported by:	Larry Baird <lab@gta.com>
2001-08-15 14:37:26 +00:00
Ruslan Ermilov
753d686d34 mdoc(7) police: s/BSD/.Bx/ where appropriate. 2001-08-14 10:01:54 +00:00
David E. O'Brien
90e655ea4e Perform a major cleanup of the usr.sbin Makefiles.
These are not perfectly in agreement with each other style-wise, but they
are orders of orders of magnitude more consistent style-wise than before.
2001-07-20 06:20:32 +00:00
David E. O'Brien
ac24b049cc Remove GCC'isms in CFLAGS. 2001-07-20 04:23:13 +00:00
Ruslan Ermilov
a4c37c816b mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 15:12:08 +00:00
Josef Karthauser
d1a97625be Use 'LIBS+= ...' instead of 'LIBS= ...' in the generated makefile
so that the user can override libraries at build time.  This is
makes it easier to cross-compile crunch builds.

Suggested by:	luigi
MFC after:	3 days
2001-06-20 23:21:02 +00:00
Ruslan Ermilov
67373d62bc Document ``special <progname> ident <identifier>'' command. 2001-04-04 08:28:00 +00:00
Ruslan Ermilov
a0bac7e013 - Call subclean' after clean' for each program.
- Eliminate compiler warning.
2001-04-04 08:26:54 +00:00
Ruslan Ermilov
42037fc8b4 `buildopts' may affect the selection of object files.
Make sure we pass $(BUILDOPTS) to the `clean' target
so that `make clean' works on the same set of object
files.  Otherwise, we may end up with an incorrectly
built and up-to-date object file.
2001-03-30 08:04:25 +00:00
Josef Karthauser
87eb4a4220 Liberal application of style(9). 2001-01-10 14:08:48 +00:00
Josef Karthauser
617b818021 Flag an error and remove the program from the list if there is
no source directory or no objects can be determined.

Initialise a structure variable.
2001-01-10 13:27:38 +00:00
Josef Karthauser
e3b7d1782a Clean up the source directory finding code, and in the process fix a
problem that occurs when a program's source isn't found.
2000-12-24 12:21:15 +00:00
Josef Karthauser
61ffadb185 Use one of the TMPDIR env variable or _PATH_TMP instead of hardcoding
/tmp.

Submitted by:	jedgar
2000-12-17 19:49:07 +00:00
Josef Karthauser
15d6ae10ad Avoid potential problems with the existance of a shadow obj directory
confusing the 'make -f tmpfile' in the tmpfile, by creating it in /tmp.
2000-12-17 17:07:40 +00:00
Josef Karthauser
5e5f382630 Clarify an ambiguous 'else' introduced by a recent commit. 2000-12-17 17:03:05 +00:00
Josef Karthauser
f3c47f54c6 o check strdup() return values
o strcpy() -> strlcpy()
o sprintf() -> snprintf()
o mktemp() -> mkstemp()
o use err() instead of errx() in out_of_memory() function since
  errno will probably be set

Submitted by:	jedgar
2000-12-17 16:51:00 +00:00
Josef Karthauser
843d8d5178 Hopefully the last patch in a series to try and teach crunchgen to
handle MAKEOBJDIRPREFIX better, in conjunction with the -o and -p
flags.
2000-12-17 16:13:23 +00:00
Ruslan Ermilov
50ab935d46 mdoc(7) police: fixed errors from the previous revision, keep
the synopsis in a nice form, and a few more cosmetic changes.
2000-12-01 08:17:15 +00:00
Luigi Rizzo
019d04d147 Make crunchgen aware of obj directories. Formerly it had
/usr/obj hardwired in the code, now you can override it
with a command line option or MAKEOBJDIRPREFIX env. variable.
The above is useful to build picobsd-specific objects in some other
place than /usr/obj

While at it, fix documentation and change a few sprintf -> snprintf.
2000-11-30 21:14:54 +00:00
Ruslan Ermilov
e97407b4f2 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 20:10:44 +00:00