Provide libssp based on libc

For libssp.so, rebuild stack_protector.c with FORTIFY_SOURCE stubs that just abort built into it. For libssp_nonshared.a, steal stack_protector_compat.c from ^/lib/libc/secure and massage it to maintain that __stack_chk_fail_local is a hidden symbol. libssp is now built unconditionally regardless of {WITH,WITHOUT}_SSP in the build environment, and the gcclibs version has been disconnected from the build in favor of this one. PR: 242950 (exp-run) Reviewed by: kib, emaste, pfg, Oliver Pinter (earlier version) Also discussed with: kan MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D22943
2020-01-04 20:19:25 +00:00 · 2020-01-04 20:19:25 +00:00 · cd0d51baaa
commit cd0d51baaa
parent a34e99eee6
14 changed files with 229 additions and 42 deletions
--- a/Makefile.inc1
+++ b/Makefile.inc1
@ -2788,7 +2788,7 @@ libraries: .MAKE .PHONY
 #
 _prereq_libs= lib/libcompiler_rt
 .if ${MK_SSP} != "no"
-_prereq_libs+= gnu/lib/libssp/libssp_nonshared
+_prereq_libs+= lib/libssp_nonshared
 .endif

 # These dependencies are not automatically generated:
--- a/ObsoleteFiles.inc
+++ b/ObsoleteFiles.inc
@ -36,6 +36,13 @@
 #   xargs -n1 | sort | uniq -d;
 # done

+# 20200104: gcc libssp removed
+OLD_FILES+=usr/include/ssp/ssp.h
+OLD_FILES+=usr/include/ssp/stdio.h
+OLD_FILES+=usr/include/ssp/string.h
+OLD_FILES+=usr/include/ssp/unistd.h
+OLD_DIRS+=usr/include/ssp
+
 # 20191222: new clang import which bumps version from 9.0.0 to 9.0.1.
 OLD_FILES+=usr/lib/clang/9.0.0/include/cuda_wrappers/algorithm
 OLD_FILES+=usr/lib/clang/9.0.0/include/cuda_wrappers/complex
--- a/gnu/lib/Makefile
+++ b/gnu/lib/Makefile
@ -8,7 +8,6 @@ SUBDIR.${MK_GCC}+=	libgcov
 .if ${MK_GCC} != "no" && ${MK_OPENMP} == "no"
 SUBDIR+=		libgomp
 .endif
-SUBDIR.${MK_SSP}+=	libssp
 SUBDIR.${MK_TESTS}+=	tests

 .if ${MK_BSD_CRTBEGIN} == "no"
--- a/lib/Makefile
+++ b/lib/Makefile
@ -18,6 +18,8 @@ SUBDIR_BOOTSTRAP= \
 	${_libcplusplus} \
 	${_libcxxrt} \
 	libelf \
+	libssp \
+	libssp_nonshared \
 	msun

 # The main list; please keep these sorted alphabetically.
@ -106,7 +108,9 @@ SUBDIR_DEPEND_libarchive= libz libbz2 libexpat liblzma libmd libzstd
 SUBDIR_DEPEND_libauditdm= libbsm
 SUBDIR_DEPEND_libbsnmp= ${_libnetgraph}
 SUBDIR_DEPEND_libc++:= libcxxrt
-SUBDIR_DEPEND_libc= libcompiler_rt
+# libssp_nonshared doesn't need to be linked into libc on every arch, but it is
+# small enough to build that this bit of serialization is likely insignificant.
+SUBDIR_DEPEND_libc= libcompiler_rt libssp_nonshared
 SUBDIR_DEPEND_libcam= libsbuf
 SUBDIR_DEPEND_libcasper= libnv
 SUBDIR_DEPEND_libdevstat= libkvm
--- a/lib/libssp/Makefile
+++ b/lib/libssp/Makefile
@ -0,0 +1,20 @@
+# $FreeBSD$
+
+PACKAGE=	clibs
+SHLIBDIR?=	/lib
+SHLIB=		ssp
+SHLIB_MAJOR=	0
+
+VERSION_DEF=	${.CURDIR}/Versions.def
+SYMBOL_MAPS=	${.CURDIR}/Symbol.map
+
+.PATH: ${SRCTOP}/lib/libc/secure
+CFLAGS+=	-I${SRCTOP}/lib/libc/include
+# _elf_aux_info is exported from libc as elf_aux_info(3), so just that for the
+# libssp build instead.
+CFLAGS+=	-D_elf_aux_info=elf_aux_info
+SRCS=		stack_protector.c fortify_stubs.c
+
+CFLAGS.fortify_stubs.c=	-Wno-unused-parameter
+
+.include <bsd.lib.mk>
--- a/lib/libssp/Symbol.map
+++ b/lib/libssp/Symbol.map
@ -0,0 +1,26 @@
+/*
+ * $FreeBSD$
+ */
+
+LIBSSP_1.0 {
+	__chk_fail;
+	__stack_chk_fail;
+	__stack_chk_guard;
+
+	/*
+	 * Currently unsupported: _FORTIFY_SOURCE symbols.  It is believed
+	 * that these have never been used on FreeBSD, as our headers lack the
+	 * support that would have generated references to them.
+	 */
+	__memcpy_chk;
+	__memset_chk;
+	__snprintf_chk;
+	__sprintf_chk;
+	__stpcpy_chk;
+	__strcat_chk;
+	__strcpy_chk;
+	__strncat_chk;
+	__strncpy_chk;
+	__vsnprintf_chk;
+	__vsprintf_chk;
+};
--- a/lib/libssp/Versions.def
+++ b/lib/libssp/Versions.def
@ -0,0 +1,4 @@
+# $FreeBSD$
+
+LIBSSP_1.0 {
+};
--- a/lib/libssp/fortify_stubs.c
+++ b/lib/libssp/fortify_stubs.c
@ -0,0 +1,134 @@
+/*-
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2019 Kyle Evans <kevans@FreeBSD.org>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/types.h>
+
+#include <stdarg.h>
+#include <stdlib.h>
+
+/* Signatures grabbed from LSB Core Specification 4.1 */
+void	*__memcpy_chk(void *dst, const void *src, size_t len,
+    size_t dstlen);
+void	*__memset_chk(void *dst, int c, size_t len, size_t dstlen);
+int	__snprintf_chk(char *str, size_t maxlen, int flag, size_t strlen,
+    const char *fmt);
+int	__sprintf_chk(char *str, int flag, size_t strlen, const char *fmt);
+char	*__stpcpy_chk(char *dst, const char *src, size_t dstlen);
+char	*__strcat_chk(char *dst, const char *src, size_t dstlen);
+char	*__strcpy_chk(char *dst, const char *src, size_t dstlen);
+char	*__strncat_chk(char *dst, const char *src, size_t len, size_t dstlen);
+char	*__strncpy_chk(char *dst, const char *src, size_t len, size_t dstlen);
+int	__vsnprintf_chk(char *str, size_t size, const char *format,
+    va_list ap);
+int	__vsprintf_chk(char *str, int flag, size_t slen, const char *format,
+    va_list ap);
+
+#define	ABORT()	abort2("_FORTIFY_SOURCE not supported", 0, NULL)
+
+void *
+__memcpy_chk(void *dst, const void *src, size_t len,
+    size_t dstlen)
+{
+
+	ABORT();
+}
+
+void *
+__memset_chk(void *dst, int c, size_t len, size_t dstlen)
+{
+
+	ABORT();
+}
+
+int
+__snprintf_chk(char *str, size_t maxlen, int flag, size_t strlen,
+    const char *fmt)
+{
+
+	ABORT();
+}
+
+int
+__sprintf_chk(char *str, int flag, size_t strlen, const char *fmt)
+{
+
+	ABORT();
+}
+
+char *
+__stpcpy_chk(char *dst, const char *src, size_t dstlen)
+{
+
+	ABORT();
+}
+
+char *
+__strcat_chk(char *dst, const char *src, size_t dstlen)
+{
+
+	ABORT();
+}
+
+char *
+__strcpy_chk(char *dst, const char *src, size_t dstlen)
+{
+
+	ABORT();
+}
+
+char *
+__strncat_chk(char *dst, const char *src, size_t len, size_t dstlen)
+{
+
+	ABORT();
+}
+
+char *
+__strncpy_chk(char *dst, const char *src, size_t len, size_t dstlen)
+{
+
+	ABORT();
+}
+
+int
+__vsnprintf_chk(char *str, size_t size, const char *format,
+    va_list ap)
+{
+
+	ABORT();
+}
+
+int
+__vsprintf_chk(char *str, int flag, size_t slen, const char *format,
+    va_list ap)
+{
+
+	ABORT();
+}
--- a/lib/libssp_nonshared/Makefile
+++ b/lib/libssp_nonshared/Makefile
@ -0,0 +1,11 @@
+# $FreeBSD$
+
+PACKAGE=	clibs
+LIB=		ssp_nonshared
+NO_PIC=
+MK_PROFILE=	no
+
+SRCS=		libssp_nonshared.c
+CFLAGS+=	-fPIC
+
+.include <bsd.lib.mk>
--- a/lib/libssp_nonshared/libssp_nonshared.c
+++ b/lib/libssp_nonshared/libssp_nonshared.c
@ -0,0 +1,17 @@
+/*
+ * Written by Alexander Kabaev <kan@FreeBSD.org>
+ * The file is in public domain.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+void __stack_chk_fail(void);
+void __stack_chk_fail_local(void);
+
+void __hidden
+__stack_chk_fail_local(void)
+{
+
+	__stack_chk_fail();
+}
--- a/share/mk/local.dirdeps.mk
+++ b/share/mk/local.dirdeps.mk
@ -75,7 +75,7 @@ DIRDEPS_FILTER.xtras+= Nusr.bin/clang/clang.host
 .if ${DEP_RELDIR} == "lib/libc"
 DIRDEPS += lib/libc_nonshared
 .if ${MK_SSP:Uno} != "no" 
-DIRDEPS += gnu/lib/libssp/libssp_nonshared
+DIRDEPS += lib/libssp_nonshared
 .endif
 .else
 DIRDEPS_FILTER.xtras+= Nlib/libc_nonshared
--- a/share/mk/local.gendirdeps.mk
+++ b/share/mk/local.gendirdeps.mk
@ -7,7 +7,7 @@ GENDIRDEPS_HEADER= echo '\# ${FreeBSD:L:@v@$$$v$$ @:M*F*}';
 # local.dirdeps.mk will put them in if necessary
 GENDIRDEPS_FILTER+= \
 	Nbin/cat.host \
-	Ngnu/lib/libssp/libssp_nonshared \
+	Nlib/libssp_nonshared \
 	Ncddl/usr.bin/ctf* \
 	Nlib/libc_nonshared \
 	Ngnu/lib/csu \
--- a/share/mk/src.libnames.mk
+++ b/share/mk/src.libnames.mk
@ -566,8 +566,8 @@ LIBDIALOGDIR=	${OBJTOP}/gnu/lib/libdialog
 LIBGCOVDIR=	${OBJTOP}/gnu/lib/libgcov
 LIBGOMPDIR=	${OBJTOP}/gnu/lib/libgomp
 LIBGNUREGEXDIR=	${OBJTOP}/gnu/lib/libregex
-LIBSSPDIR=	${OBJTOP}/gnu/lib/libssp
-LIBSSP_NONSHAREDDIR=	${OBJTOP}/gnu/lib/libssp/libssp_nonshared
+LIBSSPDIR=	${OBJTOP}/lib/libssp
+LIBSSP_NONSHAREDDIR=	${OBJTOP}/lib/libssp_nonshared
 LIBSUPCPLUSPLUSDIR=	${OBJTOP}/gnu/lib/libsupc++
 LIBASN1DIR=	${OBJTOP}/kerberos5/lib/libasn1
 LIBGSSAPI_KRB5DIR=	${OBJTOP}/kerberos5/lib/libgssapi_krb5
--- a/tools/build/mk/OptionalObsoleteFiles.inc
+++ b/tools/build/mk/OptionalObsoleteFiles.inc
@ -8646,41 +8646,6 @@ OLD_FILES+=usr/share/doc/pjdfstest/README
 OLD_DIRS+=usr/share/doc/pjdfstest
 .endif

-.if ${MK_SSP} == no
-OLD_LIBS+=lib/libssp.so.0
-OLD_FILES+=usr/include/ssp/ssp.h
-OLD_FILES+=usr/include/ssp/stdio.h
-OLD_FILES+=usr/include/ssp/string.h
-OLD_FILES+=usr/include/ssp/unistd.h
-OLD_FILES+=usr/lib/libssp.a
-OLD_FILES+=usr/lib/libssp.so
-OLD_FILES+=usr/lib/libssp_nonshared.a
-OLD_FILES+=usr/lib32/libssp.a
-OLD_FILES+=usr/lib32/libssp.so
-OLD_LIBS+=usr/lib32/libssp.so.0
-OLD_FILES+=usr/lib32/libssp_nonshared.a
-OLD_FILES+=usr/tests/lib/libc/ssp/Kyuafile
-OLD_FILES+=usr/tests/lib/libc/ssp/h_fgets
-OLD_FILES+=usr/tests/lib/libc/ssp/h_getcwd
-OLD_FILES+=usr/tests/lib/libc/ssp/h_gets
-OLD_FILES+=usr/tests/lib/libc/ssp/h_memcpy
-OLD_FILES+=usr/tests/lib/libc/ssp/h_memmove
-OLD_FILES+=usr/tests/lib/libc/ssp/h_memset
-OLD_FILES+=usr/tests/lib/libc/ssp/h_read
-OLD_FILES+=usr/tests/lib/libc/ssp/h_readlink
-OLD_FILES+=usr/tests/lib/libc/ssp/h_snprintf
-OLD_FILES+=usr/tests/lib/libc/ssp/h_sprintf
-OLD_FILES+=usr/tests/lib/libc/ssp/h_stpcpy
-OLD_FILES+=usr/tests/lib/libc/ssp/h_stpncpy
-OLD_FILES+=usr/tests/lib/libc/ssp/h_strcat
-OLD_FILES+=usr/tests/lib/libc/ssp/h_strcpy
-OLD_FILES+=usr/tests/lib/libc/ssp/h_strncat
-OLD_FILES+=usr/tests/lib/libc/ssp/h_strncpy
-OLD_FILES+=usr/tests/lib/libc/ssp/h_vsnprintf
-OLD_FILES+=usr/tests/lib/libc/ssp/h_vsprintf
-OLD_FILES+=usr/tests/lib/libc/ssp/ssp_test
-.endif
-
 .if ${MK_SYSCONS} == no
 OLD_FILES+=usr/share/syscons/fonts/INDEX.fonts
 OLD_FILES+=usr/share/syscons/fonts/armscii8-8x14.fnt