84 Commits

Author SHA1 Message Date
bdrewery
b619f0c747 Revert r267233 for now. PIE support needs to be reworked.
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
   build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
   where it never would work anyhow, such as csu or loader. This suggests
   there may be better ways of adding support to the tree. Many of these
   cases can be fixed such that -fPIE will work but there is really no
   reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
   really building libraries but have been using bsd.prog.mk because the code
   is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
   been needed.

We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.

Reported by:	kib
2014-08-19 15:04:32 +00:00
bapt
c0cd28f928 use .Mt to mark up email addresses consistently (part2)
PR:		191174
Submitted by:	Franco Fichtner  <franco@lastsummer.de>
2014-06-20 09:57:27 +00:00
bdrewery
989e2c6000 In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.

Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]

Mark known build failures as NO_PIE for now.

The only known runtime failure was rtld.

[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by:		Shawn Webb <lattera@gmail.com>
Discussed between:	des@ and Shawn Webb [2]
2014-06-08 17:29:31 +00:00
pfg
f48b0cf979 crunchgen: Permit use of alternative linkers.
Submitted by:	Pete Chou
MFC after:	1 week
2013-02-05 02:57:59 +00:00
pfg
554ea81cce crunch: Sync some NetBSD changes
Revert a comment that was not supposed to go away.

Obtained from:	NetBSD
2013-02-02 22:39:21 +00:00
pfg
4b413731c8 crunch: Sync some NetBSD changes.
crunchide:
Apr 11, 2009: fix some -Wsign-compare issues.
Sep 20, 1999: Free the right thing.

crunchgen:
Apr 14, 2009: Fix some WARNS=4 issues (-Wshadow -Wcast-qual)
Oct 30, 2004: Add (unsigned char) cast to ctype functions
Feb 5, 2001: fix nested extern.

examples:
Aug 30, 2007: NetBSD 36867 - trsp references are deprecated

Obtained from:	NetBSD
MFC after:	1 week
2013-02-02 21:51:14 +00:00
obrien
7ade5e92e5 Some amount of style(9)
-- function definitions, header ordering, and $FreeBSD$.
2012-06-27 04:39:30 +00:00
obrien
e7fd66eb8d Ensure crunchen uses the same make binary as the rest of the build.
Submitted by:	Simon Gerraty <sjg@juniper.net>
2012-06-25 21:56:36 +00:00
uqs
8ae3afcfad mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
2010-10-08 12:40:16 +00:00
uqs
1ab3783e1a mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the
bottom of the manpages and order them consistently.

GNU groff doesn't care about the ordering, and doesn't even mention
CAVEATS and SECURITY CONSIDERATIONS as common sections and where to put
them.

Found by:	mdocml lint run
Reviewed by:	ru
2010-05-13 12:07:55 +00:00
obrien
0f4fe38ea3 Run with -B and just .POSIX. 2009-01-31 07:03:36 +00:00
obrien
3f0231d9a9 Set .POSIX mode, along with disable parallel mode. Crunchgen parses the
output from make(1) and its picky what it should look like.
Also use make's conditional assignment operator rather than test and set.
2009-01-13 06:52:51 +00:00
yar
dfc9a5b8f5 Include <stdlib.h> for the right prototype for exit(3). 2007-10-27 16:16:02 +00:00
yar
59761712e0 Set the program name if the crunched program is selected through
argv[1] to mimic crt0 behaviour.  Do the job by a direct assignment
to __progname in order to stay compatible with NetBSD, whose
setprogname() is a deliberate no-op.

The reason for this change is that some programs (usually those
imported from NetBSD) use getprogname() to distinguish between their
aliases.  (See pkill aka pgrep for example.)

This change can be useful, and applicable, to NetBSD, too.
2007-10-27 16:13:31 +00:00
jb
af31dbd353 Back out half of my previous change to support parallel makes.
The generated Makefile clashes with the src/bin/sh/Makefile, causing
it to try to use a rule to build something it doesn't need to.
2006-11-27 01:35:11 +00:00
jb
d863ef25a6 Fix another parallel make problem with the generated make file.
Define the xxx_OBJPATHS earlier and then use it in the xxx_make
target because each obj is actually made through that.

This allows the crunch to work with -j32 on sun4v.

The makefile generated is still poor, though. It really shouldn't use
the general 'make all' to do the submakes in the app directories being
crunched because each of those objects is listed as a dependency in
the generated crunch makefile. Doing that really requires a unique rule
to generate them.
2006-11-24 03:56:25 +00:00
jb
9ae0f48df6 Add the SUBMAKE_TARGETS (like ppp_make) to the dependency list
for linking the crunched app so that when a parallel make is run
(like -j32 on sun4v), the link waits for the sub-make processes
to complete.
2006-11-22 07:52:14 +00:00
ru
081fcce9b9 Markup fixes. 2006-09-29 17:57:04 +00:00
ceri
ce1a214db7 Bump .Dd before I get told off. 2005-12-23 15:33:31 +00:00
ceri
9618c3e8c0 Commands like gmirror, graid3, ... and others which use dlopen() to load
classes from say, /lib/geom, cannot be statically linked completely.
Moreover, those shared objects may require other shared objects (i.e.
 for geom, libraries like -lmd, -lcrypto).

The libs_so extension to crunchgen fixes this by allowing some libraries
to be linked in dynamically.  This requires that a copy of rtld and the
shared libraries be made available to the crunched binary, and so is not
suitable for all environments.  Crunchgen configurations which do not
use the 'libs_so' keyword are unaffected and produce identical binaries
with and without this commit.

Approved by:		murray (mentor, in spirit), jhb
In collaboration with:	Adrian Steinmann <ast at marabu dot ch>
MFC After:		6 weeks
2005-12-23 15:31:37 +00:00
ru
5db530c8aa In crunchgen(1), when calling make(1), don't redirect stderr to stdout,
just rely on the exit status to detect an error.  This makes crunchgen(1)
safe to use with certain make(1) debugging flags.

MFC after:	1 week
2005-01-20 10:49:03 +00:00
harti
f6d1039bdc Fix a 4.X -> 5.X upgrade problem: crunchgen used to emit a line 'MAKE=make'
or 'env MAKEOBJDIRPREFIX=... make' depending on the setting of
MAKEOBJDIRPREFIX in the environment. In any case this line kills the
original value of ${MAKE}. When during buildworld a new make is built (as
is the case during the upgrade) this causes a wrong make to be picked up
(the first one in the path). Use the same technique as Makefile.inc1:
create a MAKEENV variable and a CRUNCHMAKE that calls ${MAKE} with that
MAKEENV prefixed. Use CRUNCHMAKE instead of MAKE throughout the generated
makefile. This leaves the original ${MAKE} undisturbed.
2004-08-09 19:18:19 +00:00
ru
6bcbb62f6a The second chdir(1) that I trimmed is needed too
if the program has an object directory.

Explained by:	Tim Kientzle <kientzle@acm.org>
2003-04-23 04:28:35 +00:00
ru
2788f60153 chdir(1) into a source directory before attempting to determine the
OBJS list.  This is needed to crunch any program that relies on the
correct .CURDIR setting, e.g. src/bin/csh.

Submitted by:	Tim Kientzle <kientzle@acm.org>
2003-04-22 14:01:33 +00:00
gshapiro
87f7a8db5e Apply the envp fix to the other call to main() as well.
Submitted by:	Peter Edwards <pmedwards@eircom.net>
2002-08-09 02:39:38 +00:00
gshapiro
ce61bcc930 Pass envp to crunched program's main() routines as some depend on it.
Note that crunchgen's stub .c programs already have the code to use it:

	    "int _crunched_%s_stub(int argc, char **argv, char **envp)"
	    "{return main(argc,argv,envp);}\" >%s_stub.c\n",

Add $FreeBSD$ to allow the commit.

Reviewed by:	luigi
MFC after:	3 days
2002-08-04 22:14:44 +00:00
ru
395bccbe7f mdoc(7) police: markup nit. 2002-05-30 07:51:22 +00:00
charnier
fdbc3fd42a Use `The .Nm utility' 2002-04-20 12:27:18 +00:00
luigi
de9ccb62a4 Add a "special progname lib xxx ..." command to crunchgen
so the .lo files can be partially linked against libraries
which redefine symbols in the standard libs, or which reference
symbols in the objects.

Submitted by: Sam Leffler
MFC After: 3 days
2002-03-30 16:48:30 +00:00
joe
cd7a777b74 Make source crunches work as well as object crunches; broken in the
last commit that fixed object crunches.

Repeat after me, "no excuses for not testing".
2001-08-17 11:11:10 +00:00
joe
839c5a1332 Make crunchgen crunch pre-built object files again, i.e.:
progs prog1
    special prog1 objdir ../../prog1/obj
    special prog1 objs prog1.o

This fixes a bug that I introduced around the time of 4.2-release.

Reported by:	Larry Baird <lab@gta.com>
2001-08-15 14:37:26 +00:00
ru
24c7b0a61d mdoc(7) police: s/BSD/.Bx/ where appropriate. 2001-08-14 10:01:54 +00:00
obrien
9c97c8f02d Perform a major cleanup of the usr.sbin Makefiles.
These are not perfectly in agreement with each other style-wise, but they
are orders of orders of magnitude more consistent style-wise than before.
2001-07-20 06:20:32 +00:00
obrien
be022bb715 Remove GCC'isms in CFLAGS. 2001-07-20 04:23:13 +00:00
ru
0d5f9334cf mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 15:12:08 +00:00
joe
cfd6d3b0f9 Use 'LIBS+= ...' instead of 'LIBS= ...' in the generated makefile
so that the user can override libraries at build time.  This is
makes it easier to cross-compile crunch builds.

Suggested by:	luigi
MFC after:	3 days
2001-06-20 23:21:02 +00:00
ru
0df69b81ab Document ``special <progname> ident <identifier>'' command. 2001-04-04 08:28:00 +00:00
ru
df79f208d7 - Call subclean' after clean' for each program.
- Eliminate compiler warning.
2001-04-04 08:26:54 +00:00
ru
b83dc0f648 `buildopts' may affect the selection of object files.
Make sure we pass $(BUILDOPTS) to the `clean' target
so that `make clean' works on the same set of object
files.  Otherwise, we may end up with an incorrectly
built and up-to-date object file.
2001-03-30 08:04:25 +00:00
joe
92c29403ab Liberal application of style(9). 2001-01-10 14:08:48 +00:00
joe
73275f90e1 Flag an error and remove the program from the list if there is
no source directory or no objects can be determined.

Initialise a structure variable.
2001-01-10 13:27:38 +00:00
joe
60930484fc Clean up the source directory finding code, and in the process fix a
problem that occurs when a program's source isn't found.
2000-12-24 12:21:15 +00:00
joe
0449442242 Use one of the TMPDIR env variable or _PATH_TMP instead of hardcoding
/tmp.

Submitted by:	jedgar
2000-12-17 19:49:07 +00:00
joe
651ae8ea0f Avoid potential problems with the existance of a shadow obj directory
confusing the 'make -f tmpfile' in the tmpfile, by creating it in /tmp.
2000-12-17 17:07:40 +00:00
joe
8ec6857b99 Clarify an ambiguous 'else' introduced by a recent commit. 2000-12-17 17:03:05 +00:00
joe
702e01fe1e o check strdup() return values
o strcpy() -> strlcpy()
o sprintf() -> snprintf()
o mktemp() -> mkstemp()
o use err() instead of errx() in out_of_memory() function since
  errno will probably be set

Submitted by:	jedgar
2000-12-17 16:51:00 +00:00
joe
8112d68767 Hopefully the last patch in a series to try and teach crunchgen to
handle MAKEOBJDIRPREFIX better, in conjunction with the -o and -p
flags.
2000-12-17 16:13:23 +00:00
ru
08eda6b2ec mdoc(7) police: fixed errors from the previous revision, keep
the synopsis in a nice form, and a few more cosmetic changes.
2000-12-01 08:17:15 +00:00
luigi
ddef5da232 Make crunchgen aware of obj directories. Formerly it had
/usr/obj hardwired in the code, now you can override it
with a command line option or MAKEOBJDIRPREFIX env. variable.
The above is useful to build picobsd-specific objects in some other
place than /usr/obj

While at it, fix documentation and change a few sprintf -> snprintf.
2000-11-30 21:14:54 +00:00
ru
71e2293ad4 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 20:10:44 +00:00