Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 29 May 2012 14:54:06 +0200
From:      Mel Flynn <rflynn@acsalaska.net>
To:        freebsd-hackers@freebsd.org
Subject:   Re: Activating libssp
Message-ID:  <4FC4C6EE.2020601@acsalaska.net>
In-Reply-To: <20120528212236.GC47353@felucia.tataz.chchile.org>
References:  <4FC26F26.6000907@acsalaska.net> <20120528212236.GC47353@felucia.tataz.chchile.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 28-5-2012 23:22, Jeremie Le Hen wrote:
> Hi Mel,
> 
> On Sun, May 27, 2012 at 08:15:02PM +0200, Mel Flynn wrote:
>> Hi,
>>
>> for a port, I'm seeing:
>> #ifdef _FORTIFY_SOURCE
>> ...
>> #endif
>>
>> I did a bit of reading (http://wiki.debian.org/Hardening) for example,
>> searching through /usr/share/mk/* /usr/include/libssp, /usr/src/gnu/libssp.
>>
>> However, it's not clear to me, where the magic is that pulls in the
>> libssp library that is in /lib.
>>
>> Also - it seems to be part of gcc, so does that mean on systems without
>> gcc, that this library is not available or does clang have a variant?
> 
> gnu/lib/libssp is built for compatibility reasons.  See
> http://svnweb.freebsd.org/base?view=revision&revision=169718

This clarifies a bit about the existence of libssp as a shared lib. Thanks.

> Our libc provides the necessary symbols.
> http://svnweb.freebsd.org/base/head/lib/libc/sys/stack_protector.c
> 
>> I do see -fstack-protector is added to CFLAGS by default, so I'm
>> thinking there's some magic somewhere, but I'm just missing the docs
>> that tell me "if you add foo to CFLAGS then bar will happen, unless baz".
> 
> I'm not sure what you mean, but -fstack-protector is documented in GCC
> documentation, I suppose it's the same for Clang but I didn't check.
> You can disable it on FreeBSD by setting WITHOUT_SSP in src.conf(5).

Right, I wasn't very clear with that, so let me clarify:
- _FORTIFY_SOURCE is used in /usr/include/ssp/ssp.h
- There is a shared library /lib/libssp.so
- In the sources of the software there is no mention of ssp.h or -lssp
- In the sources of the software there are conditionals based on
_FORTIFY_SOURCE being defined.

So, for me as port maintainer, it looks as though adding
-D_FORTIFY_SOURCE=2 does absolutely nothing for the software, unless I
also #include <ssp/ssp.h> and add -lssp to LDFLAGS, unless there's some
magic in libc or the compiler that activates bits and overrides the
definitions for the symbols.
Based on the commit message, I assume that adding _FORTIFY_SOURCE to
CFLAGS does nothing, as the actual setting of this flag is compiled into
libc.
And -fstack-protector tells the compiler to activate the stack protector
callbacks that are again, implemented in libc. Without this, they won't
be activated. Does this sound correct?

As a side note, the code in question does not apply to FreeBSD at all as
we have no __FD_SETSIZE symbol anywhere that I can find:
#ifndef _FORTIFY_SOURCE
#include <bits/types.h>
#undef __FD_SETSIZE
#define __FD_SETSIZE 8192
#endif
so I'm patching that to read FD_SETSIZE or add -DFD_SETSIZE=8192 to
CFLAGS (not sure which I'll use yet).
-- 
Mel



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FC4C6EE.2020601>