From nobody Tue May 14 12:47:03 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Vdx2n5vXzz5K3BL for ; Tue, 14 May 2024 12:47:29 +0000 (UTC) (envelope-from Alexander@Leidinger.net) Received: from mailgate.Leidinger.net (bastille.leidinger.net [89.238.82.207]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (P-256) client-digest SHA256) (Client CN "mailgate.leidinger.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Vdx2n2VYNz4JBf; Tue, 14 May 2024 12:47:29 +0000 (UTC) (envelope-from Alexander@Leidinger.net) Authentication-Results: mx1.freebsd.org; none List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@FreeBSD.org MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leidinger.net; s=outgoing-alex; t=1715690841; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=xiDqMmgcxZ1XsxYpzL5la2Xu97Y3zghlKmeeOXFsuhc=; b=Kol7yy5S6YRe/Q0ul6g1Xvb35bZ8kD4nK6nfKROSLCvnA8hyQW3Ep9YCaCLPqIJDRUIOwS zkOWE/ZK8N7GOgWJITgeY5uzIGztlVnOKZfxp8vdFEuCCQ0EcsxQN7KYw3NoPd/ygXydtR iXE+8OU3zdJ0nHGVHq6qJ0iamY8ezvSbK1WFd78eKWzhuYgGiNT6hKp8gnDFUhLAUCj9sL IEgQUsN/QWgnXDs9/qwtJ4Yo4urBJODfU3qZAi5pZlDT2ND9McVNrIf/C3bcu1BQNtcsmm UYP/7AYTzeqatfeT5pwuIb4uboL9NQh9tLf2YLyah85tJGjC2yf1f81+ZgQlYw== Date: Tue, 14 May 2024 14:47:03 +0200 From: Alexander Leidinger To: Kyle Evans Cc: "freebsd-hackers@FreeBSD.org" Subject: Re: Initial implementation of _FORTIFY_SOURCE In-Reply-To: References: Message-ID: <83ac28b8e8e79866facbde716b051340@Leidinger.net> Organization: No organization, this is a private message. Content-Type: multipart/signed; protocol="application/pgp-signature"; boundary="=_a86ef231b52f32732eaa0ca443f44a8f"; micalg=pgp-sha256 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:34240, ipnet:89.238.64.0/18, country:DE] X-Rspamd-Queue-Id: 4Vdx2n2VYNz4JBf This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --=_a86ef231b52f32732eaa0ca443f44a8f Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed Am 2024-05-13 19:47, schrieb Kyle Evans: > Hi, > > As of 9bfd3b407 ("Add a build knob for _FORTIFY_SOURCE"), I've imported > an initial version of FORTIFY_SOURCE from FreeBSD. FORTIFY_SOURCE is > an improvement over classical SSP, doing compiler-aided checking of > stack object sizes to detect more fine-grained stack overflow without > relying on the randomized stack canary just past the stack frame. This breaks some port builds. Example libfido2 (which is a dependency in the build of e.g. mysql): ---snip--- [ 0% 4/1032] /usr/local/libexec/ccache/cc -DHAVE_ARC4RANDOM_BUF -DHAVE_ASPRINTF -DHAVE_CLOCK_GETTIME -DHAVE_DEV_URANDOM -DHAVE_ENDIAN_H -DHAVE_ERR_H -DHAVE_EXPLICIT_BZERO -DHAVE_GETLINE -DHAVE_GETOPT -DHAVE_GETPAGESIZE -DHAVE_GETRANDOM -DHAVE_OPENSSLV_H -DHAVE_READPASSPHRASE -DHAVE_SIGNAL_H -DHAVE_STRLCAT -DHAVE_STRLCPY -DHAVE_STRSEP -DHAVE_SYSCONF -DHAVE_SYS_RANDOM_H -DHAVE_TIMESPECSUB -DHAVE_TIMINGSAFE_BCMP -DHAVE_UNISTD_H -DOPENSSL_API_COMPAT=0x10100000L -DTLS=__thread -D_FIDO_INTERNAL -D_FIDO_MAJOR=1 -D_FIDO_MINOR=14 -D_FIDO_PATCH=0 -I/wrkdirs/usr/ports/security/libfido2/work/libfido2-1.14.0/src -I/usr/local/include -D_POSIX_C_SOURCE=200809L -D_BSD_SOURCE -D__BSD_VISIBLE=1 -std=c99 -O2 -pipe -O2 -pipe -mtune=native -fvectorize -O2 -pipe -mtune=native -fvectorize -march=native -DOPENSSL_API_COMPAT=0x10100000L -fstack-protector-strong -fno-strict-aliasing -O2 -pipe -O2 -pipe -mtune=native -fvectorize -O2 -pipe -mtune=native -fvectorize -march=native -DOPENSSL_API_COMPAT=0x10100000L -fstack-protector-strong -fno-strict-aliasing -DNDEBUG -D_FORTIFY_SOURCE=2 -fPIC -Wall -Wextra -Werror -Wshadow -Wcast-qual -Wwrite-strings -Wmissing-prototypes -Wbad-function-cast -Wimplicit-fallthrough -pedantic -pedantic-errors -Wshorten-64-to-32 -fstack-protector-all -Wconversion -Wsign-conversion -Wframe-larger-than=2047 -MD -MT src/CMakeFiles/fido2.dir/aes256.c.o -MF src/CMakeFiles/fido2.dir/aes256.c.o.d -o src/CMakeFiles/fido2.dir/aes256.c.o -c /wrkdirs/usr/ports/security/libfido2/work/libfido2-1.14.0/src/aes256.c FAILED: src/CMakeFiles/fido2.dir/aes256.c.o /usr/local/libexec/ccache/cc -DHAVE_ARC4RANDOM_BUF -DHAVE_ASPRINTF -DHAVE_CLOCK_GETTIME -DHAVE_DEV_URANDOM -DHAVE_ENDIAN_H -DHAVE_ERR_H -DHAVE_EXPLICIT_BZERO -DHAVE_GETLINE -DHAVE_GETOPT -DHAVE_GETPAGESIZE -DHAVE_GETRANDOM -DHAVE_OPENSSLV_H -DHAVE_READPASSPHRASE -DHAVE_SIGNAL_H -DHAVE_STRLCAT -DHAVE_STRLCPY -DHAVE_STRSEP -DHAVE_SYSCONF -DHAVE_SYS_RANDOM_H -DHAVE_TIMESPECSUB -DHAVE_TIMINGSAFE_BCMP -DHAVE_UNISTD_H -DOPENSSL_API_COMPAT=0x10100000L -DTLS=__thread -D_FIDO_INTERNAL -D_FIDO_MAJOR=1 -D_FIDO_MINOR=14 -D_FIDO_PATCH=0 -I/wrkdirs/usr/ports/security/libfido2/work/libfido2-1.14.0/src -I/usr/local/include -D_POSIX_C_SOURCE=200809L -D_BSD_SOURCE -D__BSD_VISIBLE=1 -std=c99 -O2 -pipe -O2 -pipe -mtune=native -fvectorize -O2 -pipe -mtune=native -fvectorize -march=native -DOPENSSL_API_COMPAT=0x10100000L -fstack-protector-strong -fno-strict-aliasing -O2 -pipe -O2 -pipe -mtune=native -fvectorize -O2 -pipe -mtune=native -fvectorize -march=native -DOPENSSL_API_COMPAT=0x10100000L -fstack-protector-strong -fno-strict-aliasing -DNDEBUG -D_FORTIFY_SOURCE=2 -fPIC -Wall -Wextra -Werror -Wshadow -Wcast-qual -Wwrite-strings -Wmissing-prototypes -Wbad-function-cast -Wimplicit-fallthrough -pedantic -pedantic-errors -Wshorten-64-to-32 -fstack-protector-all -Wconversion -Wsign-conversion -Wframe-larger-than=2047 -MD -MT src/CMakeFiles/fido2.dir/aes256.c.o -MF src/CMakeFiles/fido2.dir/aes256.c.o.d -o src/CMakeFiles/fido2.dir/aes256.c.o -c /wrkdirs/usr/ports/security/libfido2/work/libfido2-1.14.0/src/aes256.c /wrkdirs/usr/ports/security/libfido2/work/libfido2-1.14.0/src/aes256.c:18:2: error: use of GNU statement expression extension from macro expansion [-Werror,-Wgnu-statement-expression-from-macro-expansion] 18 | memset(out, 0, sizeof(*out)); | ^ /usr/include/ssp/string.h:120:5: note: expanded from macro 'memset' 120 | __ssp_bos_check3_typed(memset, void *, dst, int, val, len) | ^ /usr/include/ssp/string.h:65:5: note: expanded from macro '__ssp_bos_check3_typed' 65 | __ssp_bos_check3_typed_var(fun, dsttype, __ssp_var(dstv), dst, \ | ^ /usr/include/ssp/string.h:54:24: note: expanded from macro '__ssp_bos_check3_typed_var' 54 | src, lenvar, len) ({ \ | ^ /wrkdirs/usr/ports/security/libfido2/work/libfido2-1.14.0/src/aes256.c:60:2: error: use of GNU statement expression extension from macro expansion [-Werror,-Wgnu-statement-expression-from-macro-expansion] 60 | memset(&iv, 0, sizeof(iv)); | ^ /usr/include/ssp/string.h:120:5: note: expanded from macro 'memset' 120 | __ssp_bos_check3_typed(memset, void *, dst, int, val, len) | ^ /usr/include/ssp/string.h:65:5: note: expanded from macro '__ssp_bos_check3_typed' 65 | __ssp_bos_check3_typed_var(fun, dsttype, __ssp_var(dstv), dst, \ | ^ /usr/include/ssp/string.h:54:24: note: expanded from macro '__ssp_bos_check3_typed_var' 54 | src, lenvar, len) ({ \ | ^ ---snip--- I also have a failed archivers/libdeflate, devel/highway, www/node20, and lang/rust, but those complain about something which could also be attributed to some kind of interaction between my use of -fvectorize and the new fortify stuff. Example with libdeflate (the libdeflate update in ports is from March, and I had it compiled with -fvectorize successfully before the fortify stuff came in): ---snip--- In file included from /wrkdirs/usr/ports/archivers/libdeflate/work/libdeflate-1.20/lib/x86/adler32_impl.h:93: /wrkdirs/usr/ports/archivers/libdeflate/work/libdeflate-1.20/lib/x86/adler32_template.h:197:21: error: always_inline function '_mm512_set1_epi8' requires target feature 'evex512', but would be inlined into function 'adler32_x86_avx512_vl512_vnni' that is compiled without support for 'evex512' 197 | const vec_t ones = VSET1_8(1); | ^ ---snip--- Note, my CPUs don't support evex512 or avx512 at all, the compile flags haven't changed, this version of the port is installed in multiple jails (since March 28), so there is a change in behavior since then. It may or may not be due to the fortify stuff. I will test without -fvectorize later, poudriere is still building ports, and I want to see if some other ports fail. Those 5 failed port builds result in 160 skipped ports already (out of the >600 which this run wants to build). Maybe you want to backout and request an exp-build to not get swamped with failure reports from various people... Bye, Alexander. -- http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_a86ef231b52f32732eaa0ca443f44a8f Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc; size=833 Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEER9UlYXp1PSd08nWXEg2wmwP42IYFAmZDXVYACgkQEg2wmwP4 2IZqHg//SkkwugcRRBf8WCZoKPg8a96Qr94RgTVkFSNS4DdutznQ4XIgvWIbt5nx 9YcF0WM5pw8hF21pt8WpB0xtjIErNB6YM1+efT4Qj+OC/FVq53r5ZBcY8PrN0cne 7z8A6bzaKvvHQn1XJzTWZFwSApaLVt3Jbcxo9K7UktWJuxnJABYXSn68Bc7K2s1z KSbu1v2sIM9wYBmylIJPi/Vhfjoa37U/WzH9OZhsmOMzjJ/3znpI2q+w4weYEZ+C uOsoqb/iyBZwh3XyYJmYtF/q7e+1+A7GnZVMxleTKWUc8ESZQUYgXBWWl+hHqCq4 Sipooy4V6TJQxZMOWpObCg9zdyinzc88XZWlAKR/KJo6FWYW60BofVXt9C7KUc6s r3mqJzg1/kFo5fJItQrHYj5MayLaqA3iH7x5YEPHGxVNHDV6a8fVQK6UtdJS4S6l iwvCMXu9BZms4AvOhRYj+8vOSPwYjwXRW4FIAVuMUQRi0d/0dsBjjqNI02DXJuOG v8FsRscDemQliFnmDzGngv9d9TvB+wwxV+NhvqKt6ET0IbzEG/Wv/VZau0Tq11qU waO2TG6T4QG8StjK/mEts+XkN0tnGPRyQJHxejPwmB5tII9UBuUHb28RObemGCsV RkFfdCJF9dj4t/mxAo0KJtDcsyz/hELt7sbxfFPy3LurtUTEL3Q= =Qnkn -----END PGP SIGNATURE----- --=_a86ef231b52f32732eaa0ca443f44a8f--