43 Commits

Author SHA1 Message Date
Bryan Drewery
5608fd23c2 Revert r267233 for now. PIE support needs to be reworked.
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
   build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
   where it never would work anyhow, such as csu or loader. This suggests
   there may be better ways of adding support to the tree. Many of these
   cases can be fixed such that -fPIE will work but there is really no
   reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
   really building libraries but have been using bsd.prog.mk because the code
   is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
   been needed.

We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.

Reported by:	kib
2014-08-19 15:04:32 +00:00
Bryan Drewery
864c53ead8 In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.

Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]

Mark known build failures as NO_PIE for now.

The only known runtime failure was rtld.

[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by:		Shawn Webb <lattera@gmail.com>
Discussed between:	des@ and Shawn Webb [2]
2014-06-08 17:29:31 +00:00
Konstantin Belousov
d549ead6a9 Only assign the environ in the startup code when environ is NULL.
Preloaded library could have changed the environment, and
unconditional assingment to the environ undoes the customization.
The binaries needs to be recompiled to get the fix.

Move the common code to set up environ and __progname into the helper.
Note that ia64 possibly not fixed, due to it still using old csu.

Reported and tested by:	John Hein <jhein@symmetricom.com>
Reviewed by:	kan, scf
Approved by:	secteam (simon)
MFC after:	2 weeks
2013-01-07 17:58:27 +00:00
Dimitry Andric
d2cc835cb5 After r217375, some startup objects under lib/csu are built in a special
way: first they are compiled to assembly, then some sed'ing is done on
the assembly, and lastly the assembly is compiled to an object file.

This last step is done using ${CC}, and not ${AS}, because when the
compiler is clang, it outputs directives that are too advanced for our
old gas.  So we use clang's integrated assembler instead.  (When the
compiler is gcc, it just calls gas, and nothing is different, except one
extra fork.)

However, in the .s to .o rules in lib/csu/$ARCH/Makefile, I still passed
CFLAGS to the compiler, instead of ACFLAGS, which are specifically for
compiling .s files.

In case you are using '-g' for debug info anywhere in your CFLAGS, it
causes the .s files to already contain debug information in the assembly
itself.  In the next step, the .s files are also compiled using '-g',
and if the compiler is clang, it complains: "error: input can't have
.file dwarf directives when -g is used to generate dwarf debug info for
assembly code".

Fix this by using ${ACFLAGS} for compiling the .s files instead.

Reported by:	jasone
MFC after:	1 week
2012-04-20 21:00:39 +00:00
Konstantin Belousov
a22748dbd9 Stop calling _init/_fini methods from crt1 for dynamic binaries. Do
call preinit, init and fini arrays methods from crt1 for static binaries.

Mark new crt1 with FreeBSD-specific ELF note.

Move some common crt1 code into new MI file ignore_init.c, to reduce
duplication.  Also, conservatively adjust nearby sources for style.

Reviewed by:	kan
Tested by:	andrew (arm), flo (sparc64)
MFC after:	3 weeks
2012-03-11 20:04:09 +00:00
Dimitry Andric
9ef4e3afcb Apply a workaround for a binutils issue with the .note.ABI-tag section
generated from lib/csu/common/crtbrand.c (which ultimately ends up in
executables and shared libraries, via crt1.o, gcrt1.o or Scrt1.o).

For all arches except sparc, gcc emits the section directive for the
abitag struct in crtbrand.c with a PROGBITS type.  However, newer
versions of binutils (after 2.16.90) require the section to be of NOTE
type, to guarantee that the .note.ABI-tag section correctly ends up in
the first page of the final executable.

Unfortunately, there is no clean way to tell gcc to use another section
type, so crtbrand.c (or the C files that include it) must be compiled in
multiple steps:

- Compile the .c file to a .s file.
- Edit the .s file to change the 'progbits' type to 'note', for the section
  directive that defines the .note.ABI-tag section.
- Compile the .s file to an object file.

These steps are done in the invididual Makefiles for each applicable arch.

Reviewed by:	kib
2011-01-13 20:44:31 +00:00
Konstantin Belousov
88c23d858b Add section .note.GNU-stack for assembly files used by 386 and amd64. 2011-01-07 16:07:51 +00:00
Dimitry Andric
cbbcfbf8b7 Let all .c and .S files under lib/csu consistently use the __FBSDID()
macro for identification, instead of several different hand-rolled
variants (plain .ident, .ascii, etc).
2010-12-09 21:31:21 +00:00
Ulrich Spörlein
98b77738b8 Properly declare non-extern functions in crt1
Also move the declarations after __progname consistently to
make the distinction clearer.

Reviewed by:	jmallett
Approved by:	ed (co-mentor)
2010-03-05 13:28:05 +00:00
Konstantin Belousov
c09ba32715 Properly support -fPIE by linking PIE binaries with specially-built
Scrt1.o instead of crt1.o, since the later is built as non-PIC.

Separate i386-elf crt1.c into the pure assembler part and C code,
supplying all data extracted by assembler stub as explicit parameters [1].
Hide and localize _start1 symbol used as an interface between asm and
C code.

In collaboration with:	kan
Inspired by:	PR i386/127387 [1]
Prodded and tested by:	rdivacky [1]
MFC after:	3 weeks
2009-12-02 16:34:20 +00:00
Konstantin Belousov
af8d325c77 Add -fno-omit-frame-pointer to CFLAGS used to compile crt1.c on amd64.
For gcc' __builtin_frame_address() to work, all call frames need to save
frame pointer. In particular, this is important for the upper frame that
should terminate the chain.

No objections from:	jhb
PR:	amd64/126543
MFC after:	1 week
2008-08-22 09:23:39 +00:00
Bruce Evans
d31f7e4991 Fixed profiling of main() for amd64 and i386. This started rotting
in 1993 in rev.1.5 of the i386 a.out version (csu/i386/crt0.c).
Profiling uses a magic label "eprol" to delimit the start of the part
of the text section covered by profiling.  This label must be placed
before the call to main() to get main() properly profiled.  It was
placed there in rev.1.1 of crt0.c.  Rev.1.5 imported the initial
implementation of shared libraries in FreeBSD and misplaced the label.
Fortunately, the misplaced label was misspelled and the old label
wasn't removed, so the new label had no effect.  Unfortunately, when
profiling was implemented for the ELF in 1998 in rev.1.2 of
csu/i386-elf/crt1.c, only the incorrectly placed label was copied
(after fixing its name).  The bug was then copied to all other arches.
The label seems to be still misplaced in NetBSD for most arches.  It
is in common.c for most arches so it is even further from being inside
the function that calls main().

I think "eprol" is short for "end of prologue", but it must be placed
before the end of the prologue so that it covers main().  crt0.c has
it before the calls atexit(_mcleanup) and monstartup(...), but it
cannot affect these calls so I moved it after the call to monstartup().
It now also covers the call to _init() but not the newer call to
_init_tls().  Profiling of _init() seems to be harmless, and the call
to _init_tls() seems to be misplaced.

Reviewed by:	jdp (long ago, for a slightly different i386 version)
2005-10-07 22:13:17 +00:00
Doug Rabson
ccd13c49b5 Add support for TLS in statically linked programs. 2004-08-15 16:18:52 +00:00
Peter Wemm
c50be14baa Adjust stack alignment so that when the 'call xxx' functions are
gathered into the middle of the _init and _fini sections, they get
executed with their expected stack alignment.
2004-03-21 01:39:01 +00:00
Ruslan Ermilov
6de4623bfe MFi386: revision 1.19. 2003-06-30 12:53:39 +00:00
Peter Wemm
1b376078fd Update for AMD64. repocopied from i386-elf/crt1.c. Deal with regparm
argument passing rather than stack based args.  The kernel passes the
base of the argument/env vector in %rdi (arg1).
2003-04-30 19:27:07 +00:00
Mark Murray
818c8b696b make these more useful for lint(1). Minor diff-reductions while I'm
about it.
2003-01-26 23:14:47 +00:00
Bruce Evans
4ce32d5dee Backed out previous commit (alignment suitable for RELENG_4) as planned
since it has been MFC'ed.  See the log message for the previous commit
for more details.  The alignment bug in gcc-3 has not been fixed, but
it is not very serious and the previous commit just moved it (as intended).

Approved by:	re (murray)
2002-12-01 17:36:18 +00:00
Bruce Evans
fb0be37ded Align the stack suitably for the version of gcc in FreeBSD-4 (provided
-fomit-frame-pointer is not used).  This is mostly moot for -current
because gcc-3 does the alignment (slightly incorrectly) in main().

This patch is intended for easy MFC'ing and should be backed out in
-current soon since it causes compiler warnings and better fixes are
possible in -current.  The best fix is to do nothing here and wait for
gcc to do stack alignment right.  gcc-3 aligns the stack in main(), but
does it too late for main()'s local variables and too late for anything
called before main().  A misaligned stack is now more than an efficiency
problem, since some SSE instructions in some or all (hardware)
implementations trap on misaligned operands even if alignment checking
is not enabled.

PR:		41528:
Submitted by:	NIIMI Satoshi <sa2c@sa2c.net> (original version)
MFC after:	3 days
2002-09-29 13:42:27 +00:00
Ruslan Ermilov
d2893b161b Drop support for COPY, -c has been the default mode of install(1)
for a long time now.

Approved by:	bde
2002-07-29 09:40:17 +00:00
Mark Murray
828191256b The main reason for this is to reduce diffs between all the crt1.c's.
Assembler macros are tidied up and made as similar as sanely possible.
The macros are translated into C (__inline static) functions for lint.

Declaration orders are made the same.
Declarations are all ISOfied and tidied up.

Comment contents have gratuitous diffs removed.

The net result is a bunch of crt1.c's that are 90% the same.
It may be possible to now encapsulate the differences in one
MD header, and have only one MI crt1.c file (although the macros
to do this may be ugly).

Helpful comments by:	obrien, bde
Alpha tested by:	des
i386-elf tested by:	markm
2002-07-16 12:28:50 +00:00
Mark Murray
ccece3d626 Whitespace diffs only; this brings this file into the same whitespace
convention as src/lib/csu/*/crt1.c.

This will make the follow up diffs easier to see and extract.
2002-07-03 14:42:39 +00:00
David E. O'Brien
d03f581f32 Use .rodata section for $FreeBSD$. 2002-05-15 04:19:49 +00:00
Ruslan Ermilov
2020063860 Fixed CLEANFILES after bsd.lib.mk sweep. 2002-05-13 15:28:00 +00:00
Ruslan Ermilov
7893b524b9 SOBJS are not used here for a long time, and were just
pessimising the `install'.
2002-05-13 11:51:11 +00:00
Ruslan Ermilov
2a53f3fb35 Major cleanup of bsd.lib.mk.
Get rid of the INTERNALSTATICLIB knob and just use plain INTERNALLIB.
INTERNALLIB now means to build static library only and don't install
anything.  Added a NOINSTALLLIB knob for libpam/modules.  To not
build any library at all, just do not set LIB.
2002-05-13 10:53:24 +00:00
Ruslan Ermilov
5b8f41af39 Revert the last change. The corresponding bsd.lib.mk changes were
already backed out.
2002-05-12 16:21:23 +00:00
David E. O'Brien
785b36d40f Use the simpler NOMAN rather than NOMAN, NOPIC, NOPROFILE, INTERNALLIB. 2002-05-11 17:45:03 +00:00
Bruce Evans
ccc4300e95 Removed "-fkeep-inline-functions" from CFLAGS, since it now has no effect
except to generate spurious warnings about a system header <sys/param.h>
having some inline functions (the bswap family).  This backs out the main
part of rev.1.5 (which was the only part left).  The problem fixed by
rev.1.5 of the Makefile went away in rev.1.5 of ../common/crtbegin.c
when the references to do_ctors() and do_dtors() in the latter were moved
from inline asm to C code.

This leaves the problem that implementation details cause warnings.

Discussed with:	jdp
2002-04-29 13:07:20 +00:00
Mark Murray
4cd0119367 Do not use __progname directly (except in [gs]etprogname(3)).
Also, make an internal _getprogname() that is used only inside
libc. For libc, getprogname(3) is a weak symbol in case a
function of the same name is defined in userland.
2002-03-29 22:43:43 +00:00
David E. O'Brien
1e23f97e5c Minor style(9) nit + utilize ELF features for the FreeBSD ID. 2002-02-27 22:13:02 +00:00
David E. O'Brien
41513796e8 minor style updating 2001-10-27 08:30:36 +00:00
David E. O'Brien
ae7c8a2bb8 * Bring back the guts of crt{i,n}.S. This allows C++ exceptions to work
when using the egcs and gcc-devel ports, along with GCC built from stock
public FSF sources.  With out this change, FreeBSD will be removed from
the list of systems GCC 3.0 must be evaluated on before release.  With
the effort some of us put into getting FreeBSD on this list, we should
not turn this effort into a waste, else we might not be worth fighting
for in the future.  (note that Alpha and IA-64 versions of crt{i,n}.S
are needed)

* Switch from our own crt{begin,in} to those created from GCC's crtstuff.c.
This will allow us to switch to DWARF2 exceptions in the future, along with
staying in sync with any future GCC requirements.

* Break out our ELF branding bits into a seperate file.  Currently this
is now included by our crt1.c files (since this functionality was part of
our native crtbegin.c).  Later crtbrand.o will be merged in the creation
of crti.o.
2000-10-28 21:26:48 +00:00
John Polstra
bb63c9d3b4 Take crtbegin.c and crtend.c from the new machine-independent
"common" sister directory.
2000-05-20 17:47:29 +00:00
John Polstra
f6d15b87f8 This is step 1 in an effort to unify the start-up files for the
various architectures.  Now all the work is done in crtbegin.c.
It doesn't contain any assembly language code, so it should work
fine on all architectures.  (I have tested it on the i386 and the
alpha.) The old assembly language files crt[in].S are now empty
shells that generate no code or data.  They should not be removed
any time soon, because the various versions of gcc in src and ports
expect them to exist.

Next I will move crtbegin.c into a new common machine-independent
directory, and adjust the i386-elf Makefile to use that version.
After that I will adjust the alpha Makefile to use the common
version too.

Requested by:	obrien
2000-05-19 04:32:17 +00:00
David E. O'Brien
c815a20cb2 Change our ELF binary branding to something more acceptable to the Binutils
maintainers.

After we established our branding method of writing upto 8 characters of
the OS name into the ELF header in the padding; the Binutils maintainers
and/or SCO (as USL) decided that instead the ELF header should grow two new
fields -- EI_OSABI and EI_ABIVERSION.  Each of these are an 8-bit unsigned
integer.  SCO has assigned official values for the EI_OSABI field.  In
addition to this, the Binutils maintainers and NetBSD decided that a better
ELF branding method was to include ABI information in a ".note" ELF
section.

With this set of changes, we will now create ELF binaries branded using
both "official" methods.  Due to the complexity of adding a section to a
binary, binaries branded with ``brandelf'' will only brand using the
EI_OSABI method.  Also due to the complexity of pulling a section out of an
ELF file vs. poking around in the ELF header, our image activator only
looks at the EI_OSABI header field.

Note that a new kernel can still properly load old binaries except for
Linux static binaries branded in our old method.

  *
  * For a short period of time, ``ld'' will also brand ELF binaries
  * using our old method.  This is so people can still use kernel.old
  * with a new world.  This support will be removed before 5.0-RELEASE,
  * and may not last anywhere upto the actual release.  My expiration
  * time for this is about 6mo.
  *
2000-04-18 02:39:26 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
John Polstra
c30965b3bd Add "-fkeep-inline-functions" to CFLAGS so that higher optimization
levels (-O3 and above) won't remove essential code.  Many thanks
to Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru> for pointing out
that it was the optimizer's removal of this code that caused make
world with -O3 to break.  With this change, make buildworld now
completes.
1999-03-15 21:56:54 +00:00
John Polstra
bb2b869188 Move the code for the ".init" and ".fini" sections outside of a
C function so the compiler won't try to emit line numbers for it
with "-g", breaking the build.  This has the nice side-effect of
making crtbegin.o and crtbeginS.o a little bit smaller.

Remove "-Wno-unused" from the Makefile.  Replace it with "__unused"
on particular function and variable declarations.
1999-03-12 17:33:28 +00:00
John Polstra
f92bdbd010 Switch to using ".So" as the extension for PIC object files rather
than ".so".  The old extension conflicted with well-established
naming conventions for dynamically loadable modules.

The "clean" targets continue to remove ".so" files too, to deal with
old systems.
1999-01-09 21:51:00 +00:00
Steve Price
a124f32704 Strip the leading path from __progname as is done in the a.out case. Also
bring in stddef.h so we can use NULL instead of 0 for pointer comparisons.

Hinted at by:	Bruce Evans
Reviewed by:	John Polstra
1998-12-24 18:19:47 +00:00
John Polstra
5584f22bb3 Make profiling work for ELF. gprof now autodetects the format of
the executable file, so it will work for both a.out and ELF format
files.  I have split the object format specific code into separate
source files.  It's cleaner than it was before, but it's still
pretty crufty.

Don't cheat on your make world for this update.  A lot of things
have to be rebuilt for it to work, including the compiler and all
of the profiled libraries.
1998-09-07 23:32:00 +00:00
John Polstra
966a88d986 Import C startup files for ELF support.
Submitted by:	John Polstra <jdp@polstra.com>
1998-03-07 20:27:11 +00:00