From owner-freebsd-current@FreeBSD.ORG Tue Dec 11 22:48:34 2007 Return-Path: Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 00E6416A417 for ; Tue, 11 Dec 2007 22:48:34 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from postfix2-g20.free.fr (postfix2-g20.free.fr [212.27.60.43]) by mx1.freebsd.org (Postfix) with ESMTP id 73E0F13C467 for ; Tue, 11 Dec 2007 22:48:33 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from smtp5-g19.free.fr (smtp5-g19.free.fr [212.27.42.35]) by postfix2-g20.free.fr (Postfix) with ESMTP id D39712111232 for ; Tue, 11 Dec 2007 21:14:52 +0100 (CET) Received: from smtp5-g19.free.fr (localhost.localdomain [127.0.0.1]) by smtp5-g19.free.fr (Postfix) with ESMTP id 2116C3F6183 for ; Tue, 11 Dec 2007 23:15:40 +0100 (CET) Received: from tatooine.tataz.chchile.org (tataz.chchile.org [82.233.239.98]) by smtp5-g19.free.fr (Postfix) with ESMTP id 6D4163F617E for ; Tue, 11 Dec 2007 23:15:39 +0100 (CET) Received: from obiwan.tataz.chchile.org (unknown [192.168.1.25]) by tatooine.tataz.chchile.org (Postfix) with ESMTP id 0664D9B497 for ; Tue, 11 Dec 2007 22:13:19 +0000 (UTC) Received: by obiwan.tataz.chchile.org (Postfix, from userid 1000) id EC9DE405D; Tue, 11 Dec 2007 23:13:18 +0100 (CET) Date: Tue, 11 Dec 2007 23:13:18 +0100 From: Jeremie Le Hen To: freebsd-current@FreeBSD.org Message-ID: <20071211221318.GB47521@obiwan.tataz.chchile.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="cvVnyQ+4j833TQvp" Content-Disposition: inline User-Agent: Mutt/1.5.15 (2007-04-06) Cc: Subject: Patch to enable SSP on RELENG_7/CURRENT by default X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Dec 2007 22:48:34 -0000 --cvVnyQ+4j833TQvp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi list, I already posted a couple of month ago for a patch to bring in ProPolice/SSP into 6-STABLE and 7-CURRENT [1]. Understandably, it has never been commited because this required to heavily patch GCC 3.4.6, which is a contributed software. Now that RELENG_7 and CURRENT have GCC 4.2.1, which provides SSP, FreeBSD just lacks the "glue" bits to make the best of it. Once applied, FreeBSD will be compiled with SSP unless WITHOUT_SSP is set. This patch is a kind of proof of concept. For example, the FreeBSD team might not want to enable SSP by default (any benchmark from other users than me would be welcome). The Makefile guy(s?) may also have comments on how I've implemented it in the build infrastructure (SSP_CFLAGS notably). Also, the kernel bits I scrawled in sys/kern/stack_protector.c should surely be improved. Best regards, [1] http://tataz.chchile.org/~tataz/FreeBSD/SSP/ -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > --cvVnyQ+4j833TQvp Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="fbsd7-ssp-glue.patch" diff -urNp src.0/Makefile.inc1 src/Makefile.inc1 --- src.0/Makefile.inc1 2007-10-31 09:26:42.000000000 +0000 +++ src/Makefile.inc1 2007-12-11 12:20:31.000000000 +0000 @@ -213,6 +213,7 @@ BMAKE= MAKEOBJDIRPREFIX=${WORLDTMP} \ ${BMAKEENV} ${MAKE} -f Makefile.inc1 \ DESTDIR= \ BOOTSTRAPPING=${OSRELDATE} \ + SSP_CFLAGS= \ -DWITHOUT_HTML -DWITHOUT_INFO -DNO_LINT -DWITHOUT_MAN \ -DWITHOUT_NLS -DNO_PIC -DWITHOUT_PROFILE -DNO_SHARED \ -DNO_CPU_CFLAGS -DNO_WARNS @@ -222,6 +223,7 @@ TMAKE= MAKEOBJDIRPREFIX=${OBJTREE} \ ${BMAKEENV} ${MAKE} -f Makefile.inc1 \ TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH} \ DESTDIR= \ + SSP_CFLAGS= \ BOOTSTRAPPING=${OSRELDATE} -DNO_LINT -DNO_CPU_CFLAGS -DNO_WARNS # cross-tools stage @@ -433,7 +435,7 @@ build32: .if ${MK_KERBEROS} != "no" .for _t in obj depend all cd ${.CURDIR}/kerberos5/tools; \ - MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} DESTDIR= ${_t} + MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} SSP_CFLAGS= DESTDIR= ${_t} .endfor .endif .for _t in obj includes @@ -455,7 +457,7 @@ build32: .endfor .for _dir in lib/ncurses/ncurses lib/ncurses/ncursesw lib/libmagic cd ${.CURDIR}/${_dir}; \ - MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} DESTDIR= build-tools + MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} SSP_CFLAGS= DESTDIR= build-tools .endfor cd ${.CURDIR}; \ ${LIB32WMAKE} -f Makefile.inc1 libraries @@ -728,13 +730,13 @@ buildkernel: @echo "--------------------------------------------------------------" cd ${KRNLOBJDIR}/${_kernel}; \ MAKESRCPATH=${KERNSRCDIR}/dev/aic7xxx/aicasm \ - ${MAKE} -DNO_CPU_CFLAGS -f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile + ${MAKE} SSP_CFLAGS= -DNO_CPU_CFLAGS -f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile # XXX - Gratuitously builds aicasm in the ``makeoptions NO_MODULES'' case. .if !defined(MODULES_WITH_WORLD) && !defined(NO_MODULES) && exists(${KERNSRCDIR}/modules) .for target in obj depend all cd ${KERNSRCDIR}/modules/aic7xxx/aicasm; \ MAKEOBJDIRPREFIX=${KRNLOBJDIR}/${_kernel}/modules \ - ${MAKE} -DNO_CPU_CFLAGS ${target} + ${MAKE} SSP_CFLAGS= -DNO_CPU_CFLAGS ${target} .endfor .endif .if !defined(NO_KERNELDEPEND) Files src.0/lib/libc/sys/.stack_protector.c.swp and src/lib/libc/sys/.stack_protector.c.swp differ diff -urNp src.0/lib/libstand/Makefile src/lib/libstand/Makefile --- src.0/lib/libstand/Makefile 2007-10-24 21:32:57.000000000 +0000 +++ src/lib/libstand/Makefile 2007-12-11 12:22:04.000000000 +0000 @@ -12,6 +12,7 @@ NO_PIC= INCS= stand.h MAN= libstand.3 +SSP_CFLAGS= CFLAGS+= -ffreestanding -Wformat CFLAGS+= -I${.CURDIR} diff -urNp src.0/share/mk/bsd.README src/share/mk/bsd.README --- src.0/share/mk/bsd.README 2006-06-18 11:26:17.000000000 +0000 +++ src/share/mk/bsd.README 2007-12-11 12:17:35.000000000 +0000 @@ -37,6 +37,7 @@ bsd.port.pre.mk - building ports bsd.port.subdir.mk - targets for building subdirectories for ports bsd.prog.mk - building programs from source files bsd.snmpmod.mk - building modules for the SNMP daemon bsnmpd +bsd.ssp.mk - handle ProPolice (SSP) settings bsd.subdir.mk - targets for building subdirectories bsd.sys.mk - common settings used for building FreeBSD sources sys.mk - default rules for all makes diff -urNp src.0/share/mk/bsd.own.mk src/share/mk/bsd.own.mk --- src.0/share/mk/bsd.own.mk 2007-10-20 19:01:49.000000000 +0000 +++ src/share/mk/bsd.own.mk 2007-12-11 14:37:38.000000000 +0000 @@ -111,6 +111,7 @@ SRCCONF?= /etc/src.conf .endif .endif +.if !defined(_ONLY_SRCCONF) # Binaries BINOWN?= root BINGRP?= wheel @@ -173,6 +174,7 @@ STRIP?= -s COMPRESS_CMD?= gzip -cn COMPRESS_EXT?= .gz +.endif # !_ONLY_SRCCONF .if !defined(_WITHOUT_SRCCONF) # diff -urNp src.0/share/mk/bsd.port.mk src/share/mk/bsd.port.mk --- src.0/share/mk/bsd.port.mk 2006-11-19 16:28:52.000000000 +0000 +++ src/share/mk/bsd.port.mk 2007-12-11 12:16:29.000000000 +0000 @@ -9,3 +9,10 @@ _WITHOUT_SRCCONF= .include .include "${BSDPORTMK}" + +# XXX This belongs to ports/Mk/bsd.port.mk where it should be documented as +# well, but it is easier to distribute as long as it is a patch. +.if defined(USE_SSP) +SSP_CFLAGS ?= -fstack-protector +CFLAGS += ${SSP_CFLAGS} +.endif diff -urNp src.0/share/mk/bsd.ssp.mk src/share/mk/bsd.ssp.mk --- src.0/share/mk/bsd.ssp.mk 1970-01-01 00:00:00.000000000 +0000 +++ src/share/mk/bsd.ssp.mk 2007-12-11 14:47:22.000000000 +0000 @@ -0,0 +1,10 @@ +# $FreeBSD$ + +# Handle stack protection flags. +.if ${MK_SSP} != "no" && ${CC} != 'icc' +SSP_CFLAGS ?= -fstack-protector +CFLAGS += ${SSP_CFLAGS} +. if defined(SSP_WARNS) && !empty(SSP_FLAGS) +CWARNFLAGS += -Wstack-protector +. endif +.endif diff -urNp src.0/share/mk/bsd.sys.mk src/share/mk/bsd.sys.mk --- src.0/share/mk/bsd.sys.mk 2007-11-22 23:21:12.000000000 +0000 +++ src/share/mk/bsd.sys.mk 2007-12-11 12:15:35.000000000 +0000 @@ -76,3 +76,5 @@ CWARNFLAGS += -Wno-unknown-pragmas # Allow user-specified additional warning flags CFLAGS += ${CWARNFLAGS} + +.include diff -urNp src.0/sys/boot/efi/Makefile.inc src/sys/boot/efi/Makefile.inc --- src.0/sys/boot/efi/Makefile.inc 2004-02-12 08:10:33.000000000 +0000 +++ src/sys/boot/efi/Makefile.inc 2007-12-11 12:23:20.000000000 +0000 @@ -5,3 +5,6 @@ BINDIR?= /boot # Options used when building app-specific efi components CFLAGS+= -ffreestanding -fshort-wchar -Wformat LDFLAGS+= -nostdlib + +# No SSP in /boot. +SSP_CFLAGS= diff -urNp src.0/sys/boot/ficl/Makefile src/sys/boot/ficl/Makefile --- src.0/sys/boot/ficl/Makefile 2007-10-15 14:20:24.000000000 +0000 +++ src/sys/boot/ficl/Makefile 2007-12-11 12:24:13.000000000 +0000 @@ -7,6 +7,8 @@ BASE_SRCS= dict.c ficl.c fileaccess.c fl SRCS= ${BASE_SRCS} sysdep.c softcore.c CLEANFILES= softcore.c testmain testmain.o CFLAGS+= -ffreestanding +# No SSP in /boot. +SSP_CFLAGS= .if ${MACHINE_ARCH} == "i386" || ${MACHINE_ARCH} == "amd64" CFLAGS+= -mpreferred-stack-boundary=2 CFLAGS+= -mno-mmx -mno-3dnow -mno-sse -mno-sse2 diff -urNp src.0/sys/boot/i386/Makefile.inc src/sys/boot/i386/Makefile.inc --- src.0/sys/boot/i386/Makefile.inc 2006-09-28 10:02:04.000000000 +0000 +++ src/sys/boot/i386/Makefile.inc 2007-12-11 12:24:40.000000000 +0000 @@ -15,6 +15,9 @@ LDFLAGS+= -m elf_i386_fbsd AFLAGS+= --32 .endif +# No SSP in /boot. +SSP_CFLAGS= + # BTX components .if exists(${.OBJDIR}/../btx) BTXDIR= ${.OBJDIR}/../btx diff -urNp src.0/sys/boot/ofw/libofw/Makefile src/sys/boot/ofw/libofw/Makefile --- src.0/sys/boot/ofw/libofw/Makefile 2007-06-17 00:17:15.000000000 +0000 +++ src/sys/boot/ofw/libofw/Makefile 2007-12-11 12:25:16.000000000 +0000 @@ -17,6 +17,9 @@ CFLAGS+= -ffreestanding CFLAGS+= -msoft-float .endif +# No SSP in /boot. +SSP_CFLAGS= + .ifdef(BOOT_DISK_DEBUG) # Make the disk code more talkative CFLAGS+= -DDISK_DEBUG diff -urNp src.0/sys/boot/sparc64/Makefile.inc src/sys/boot/sparc64/Makefile.inc --- src.0/sys/boot/sparc64/Makefile.inc 2004-02-09 14:17:02.000000000 +0000 +++ src/sys/boot/sparc64/Makefile.inc 2007-12-11 12:25:34.000000000 +0000 @@ -3,3 +3,6 @@ BINDIR?= /boot CFLAGS+= -ffreestanding LDFLAGS+= -nostdlib + +# No SSP in /boot. +SSP_CFLAGS= diff -urNp src.0/sys/conf/files src/sys/conf/files --- src.0/sys/conf/files 2007-11-21 21:42:55.000000000 +0000 +++ src/sys/conf/files 2007-12-11 15:08:38.000000000 +0000 @@ -1474,6 +1474,7 @@ kern/posix4_mib.c standard kern/sched_4bsd.c optional sched_4bsd kern/sched_ule.c optional sched_ule kern/serdev_if.m standard +kern/stack_protector.c standard kern/subr_acl_posix1e.c standard kern/subr_autoconf.c standard kern/subr_blist.c standard diff -urNp src.0/sys/conf/kern.mk src/sys/conf/kern.mk --- src.0/sys/conf/kern.mk 2007-05-24 21:53:42.000000000 +0000 +++ src/sys/conf/kern.mk 2007-12-11 14:49:31.000000000 +0000 @@ -97,3 +97,11 @@ CFLAGS+= -ffreestanding .if ${CC} == "icc" CFLAGS+= -restrict .endif + +# +# GCC SSP support. +# +.if ${MK_SSP} != 'no' && ${CC} != 'icc' +SSP_CFLAGS?= -fstack-protector +CFLAGS+= ${SSP_CFLAGS} +.endif diff -urNp src.0/sys/conf/kern.pre.mk src/sys/conf/kern.pre.mk --- src.0/sys/conf/kern.pre.mk 2007-08-08 19:12:06.000000000 +0000 +++ src/sys/conf/kern.pre.mk 2007-12-11 14:39:59.000000000 +0000 @@ -3,10 +3,8 @@ # Part of a unified Makefile for building kernels. This part contains all # of the definitions that need to be before %BEFORE_DEPEND. -SRCCONF?= /etc/src.conf -.if exists(${SRCCONF}) -.include "${SRCCONF}" -.endif +_ONLY_SRCCONF= +.include # Can be overridden by makeoptions or /etc/make.conf KERNEL_KO?= kernel diff -urNp src.0/sys/kern/stack_protector.c src/sys/kern/stack_protector.c --- src.0/sys/kern/stack_protector.c 1970-01-01 00:00:00.000000000 +0000 +++ src/sys/kern/stack_protector.c 2007-12-11 15:51:39.000000000 +0000 @@ -0,0 +1,13 @@ +void panic(const char *, ...); +void __stack_chk_fail(void); + +long __stack_chk_guard[8] = { 0, 0, 0, 0, 0, 0, 0, 0 }; + +void +__stack_chk_fail(void) +{ + static char *msg = "stack overflow caught by SSP; backtrace may be " + "corrupted."; + + panic(msg); +} --cvVnyQ+4j833TQvp--