From owner-freebsd-arch@FreeBSD.ORG Fri May 2 07:04:06 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 05E3A106567B for ; Fri, 2 May 2008 07:04:06 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from smtp5-g19.free.fr (smtp5-g19.free.fr [212.27.42.35]) by mx1.freebsd.org (Postfix) with ESMTP id 624718FC13 for ; Fri, 2 May 2008 07:04:05 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from smtp5-g19.free.fr (localhost.localdomain [127.0.0.1]) by smtp5-g19.free.fr (Postfix) with ESMTP id EC5AA3F61E4; Fri, 2 May 2008 09:04:03 +0200 (CEST) Received: from tatooine.tataz.chchile.org (tataz.chchile.org [82.233.239.98]) by smtp5-g19.free.fr (Postfix) with ESMTP id BA8C33F6260; Fri, 2 May 2008 09:04:03 +0200 (CEST) Received: from obiwan.tataz.chchile.org (unknown [192.168.1.25]) by tatooine.tataz.chchile.org (Postfix) with ESMTP id 9533D9F282; Fri, 2 May 2008 07:01:47 +0000 (UTC) Received: by obiwan.tataz.chchile.org (Postfix, from userid 1000) id 879704089; Fri, 2 May 2008 09:01:47 +0200 (CEST) Date: Fri, 2 May 2008 09:01:47 +0200 From: Jeremie Le Hen To: obrien@freebsd.org Message-ID: <20080502070147.GE74500@obiwan.tataz.chchile.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="eAbsdosE1cNLO4uF" Content-Disposition: inline In-Reply-To: <20080427012416.GA9817@dragon.NUXI.org> User-Agent: Mutt/1.5.15 (2007-04-06) Cc: freebsd-arch@FreeBSD.org Subject: Re: Integration of ProPolice in FreeBSD X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2008 07:04:06 -0000 --eAbsdosE1cNLO4uF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi David, Sorry for the late reply, I was abroad. On Sat, Apr 26, 2008 at 06:24:16PM -0700, David O'Brien wrote: > On Fri, Apr 18, 2008 at 03:27:49PM +0200, Jeremie Le Hen wrote: > > As you may already know I've integrated GCC's ProPolice into > > FreeBSD. The build infrastructure overlord, namely ru@, (I'm > > quoting kan@) has reviewed the patch and technically it is ready to > > hit the CVS tree. > > Please post the patch in this thread - your webserver has been very > difficult to contact. Indeed, sorry for the disturbance. I've attached the patch. This is what you should hit the tree, except there will be a few additional bits to prevent self foot-shooting when people will turn -fstack-protector into -fstack-protector-all in share/mk/bsd.sys.mk. I'm currently working on it. Thanks. Best regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > --eAbsdosE1cNLO4uF Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="fbsd8-ssp.diff" Index: Makefile.inc1 =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/Makefile.inc1,v retrieving revision 1.601 diff -u -p -r1.601 Makefile.inc1 --- Makefile.inc1 2 Mar 2008 11:10:46 -0000 1.601 +++ Makefile.inc1 27 Mar 2008 21:24:53 -0000 @@ -216,6 +216,7 @@ BMAKE= MAKEOBJDIRPREFIX=${WORLDTMP} \ ${BMAKEENV} ${MAKE} -f Makefile.inc1 \ DESTDIR= \ BOOTSTRAPPING=${OSRELDATE} \ + -DWITHOUT_SSP \ -DWITHOUT_HTML -DWITHOUT_INFO -DNO_LINT -DWITHOUT_MAN \ -DWITHOUT_NLS -DNO_PIC -DWITHOUT_PROFILE -DNO_SHARED \ -DNO_CPU_CFLAGS -DNO_WARNS @@ -225,6 +226,7 @@ TMAKE= MAKEOBJDIRPREFIX=${OBJTREE} \ ${BMAKEENV} ${MAKE} -f Makefile.inc1 \ TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH} \ DESTDIR= \ + -DWITHOUT_SSP \ BOOTSTRAPPING=${OSRELDATE} -DNO_LINT -DNO_CPU_CFLAGS -DNO_WARNS # cross-tools stage @@ -437,7 +439,7 @@ build32: .if ${MK_KERBEROS} != "no" .for _t in obj depend all cd ${.CURDIR}/kerberos5/tools; \ - MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} DESTDIR= ${_t} + MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} -DWITHOUT_SSP DESTDIR= ${_t} .endfor .endif .for _t in obj includes @@ -459,7 +461,7 @@ build32: .endfor .for _dir in lib/ncurses/ncurses lib/ncurses/ncursesw lib/libmagic cd ${.CURDIR}/${_dir}; \ - MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} DESTDIR= build-tools + MAKEOBJDIRPREFIX=${OBJTREE}/lib32 ${MAKE} -DWITHOUT_SSP DESTDIR= build-tools .endfor cd ${.CURDIR}; \ ${LIB32WMAKE} -f Makefile.inc1 libraries @@ -740,13 +742,13 @@ buildkernel: @echo "--------------------------------------------------------------" cd ${KRNLOBJDIR}/${_kernel}; \ MAKESRCPATH=${KERNSRCDIR}/dev/aic7xxx/aicasm \ - ${MAKE} -DNO_CPU_CFLAGS -f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile + ${MAKE} -DWITHOUT_SSP -DNO_CPU_CFLAGS -f ${KERNSRCDIR}/dev/aic7xxx/aicasm/Makefile # XXX - Gratuitously builds aicasm in the ``makeoptions NO_MODULES'' case. .if !defined(MODULES_WITH_WORLD) && !defined(NO_MODULES) && exists(${KERNSRCDIR}/modules) .for target in obj depend all cd ${KERNSRCDIR}/modules/aic7xxx/aicasm; \ MAKEOBJDIRPREFIX=${KRNLOBJDIR}/${_kernel}/modules \ - ${MAKE} -DNO_CPU_CFLAGS ${target} + ${MAKE} -DWITHOUT_SSP -DNO_CPU_CFLAGS ${target} .endfor .endif .if !defined(NO_KERNELDEPEND) Index: lib/libstand/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/lib/libstand/Makefile,v retrieving revision 1.59 diff -u -p -r1.59 Makefile --- lib/libstand/Makefile 24 Oct 2007 21:32:57 -0000 1.59 +++ lib/libstand/Makefile 16 Apr 2008 09:11:15 -0000 @@ -12,6 +12,7 @@ NO_PIC= INCS= stand.h MAN= libstand.3 +WITHOUT_SSP= CFLAGS+= -ffreestanding -Wformat CFLAGS+= -I${.CURDIR} Index: rescue/librescue/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/rescue/librescue/Makefile,v retrieving revision 1.9 diff -u -p -r1.9 Makefile --- rescue/librescue/Makefile 27 Jul 2006 12:28:05 -0000 1.9 +++ rescue/librescue/Makefile 16 Apr 2008 09:11:36 -0000 @@ -2,6 +2,8 @@ # $FreeBSD: src/rescue/librescue/Makefile,v 1.9 2006/07/27 12:28:05 yar Exp $ # +WITHOUT_SSP= + .include # Certain library entries have hard-coded references to Index: rescue/rescue/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/rescue/rescue/Makefile,v retrieving revision 1.59 diff -u -p -r1.59 Makefile --- rescue/rescue/Makefile 5 Mar 2008 23:32:12 -0000 1.59 +++ rescue/rescue/Makefile 16 Apr 2008 09:12:02 -0000 @@ -2,6 +2,7 @@ # @(#)Makefile 8.1 (Berkeley) 6/2/93 NO_MAN= +WITHOUT_SSP= .include Index: share/mk/bsd.sys.mk =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/share/mk/bsd.sys.mk,v retrieving revision 1.44 diff -u -p -r1.44 bsd.sys.mk --- share/mk/bsd.sys.mk 22 Nov 2007 23:21:12 -0000 1.44 +++ share/mk/bsd.sys.mk 29 Mar 2008 23:13:06 -0000 @@ -74,5 +74,10 @@ CWARNFLAGS += -Werror CWARNFLAGS += -Wno-unknown-pragmas .endif +.if ${MK_SSP} != "no" && ${CC} != "icc" +CFLAGS += -fstack-protector +# Don't use -Wstack-protector as it breaks world with -Werror. +.endif + # Allow user-specified additional warning flags CFLAGS += ${CWARNFLAGS} Index: sys/boot/Makefile.inc =================================================================== RCS file: sys/boot/Makefile.inc diff -N sys/boot/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/Makefile.inc 16 Apr 2008 09:13:16 -0000 @@ -0,0 +1,2 @@ +# Really, there's no need for stack-smashing protection in /boot programs. +WITHOUT_SSP= Index: sys/boot/arm/Makefile.inc =================================================================== RCS file: sys/boot/arm/Makefile.inc diff -N sys/boot/arm/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/arm/Makefile.inc 28 Mar 2008 07:51:09 -0000 @@ -0,0 +1 @@ +.include "../Makefile.inc" Index: sys/boot/arm/at91/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/arm/at91/Makefile.inc,v retrieving revision 1.7 diff -u -p -r1.7 Makefile.inc --- sys/boot/arm/at91/Makefile.inc 13 Jul 2007 14:27:04 -0000 1.7 +++ sys/boot/arm/at91/Makefile.inc 28 Mar 2008 07:52:30 -0000 @@ -53,3 +53,5 @@ MK_FPGA:=no .endif .endif + +.include "../Makefile.inc" Index: sys/boot/efi/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/efi/Makefile.inc,v retrieving revision 1.7 diff -u -p -r1.7 Makefile.inc --- sys/boot/efi/Makefile.inc 12 Feb 2004 08:10:33 -0000 1.7 +++ sys/boot/efi/Makefile.inc 28 Mar 2008 06:55:25 -0000 @@ -5,3 +5,5 @@ BINDIR?= /boot # Options used when building app-specific efi components CFLAGS+= -ffreestanding -fshort-wchar -Wformat LDFLAGS+= -nostdlib + +.include "../Makefile.inc" Index: sys/boot/i386/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/i386/Makefile.inc,v retrieving revision 1.12 diff -u -p -r1.12 Makefile.inc --- sys/boot/i386/Makefile.inc 28 Sep 2006 10:02:04 -0000 1.12 +++ sys/boot/i386/Makefile.inc 28 Mar 2008 07:41:32 -0000 @@ -24,3 +24,5 @@ BTXDIR= ${.CURDIR}/../btx BTXLDR= ${BTXDIR}/btxldr/btxldr BTXKERN= ${BTXDIR}/btx/btx BTXCRT= ${BTXDIR}/lib/crt0.o + +.include "../Makefile.inc" Index: sys/boot/i386/loader/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/i386/loader/Makefile,v retrieving revision 1.85 diff -u -p -r1.85 Makefile --- sys/boot/i386/loader/Makefile 29 May 2007 14:35:57 -0000 1.85 +++ sys/boot/i386/loader/Makefile 16 Apr 2008 09:14:10 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/i386/loader/Makefile,v 1.85 2007/05/29 14:35:57 simokawa Exp $ +WITHOUT_SSP= + .include PROG= loader.sym Index: sys/boot/ia64/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/ia64/Makefile.inc,v retrieving revision 1.3 diff -u -p -r1.3 Makefile.inc --- sys/boot/ia64/Makefile.inc 12 Feb 2004 08:10:33 -0000 1.3 +++ sys/boot/ia64/Makefile.inc 28 Mar 2008 07:42:17 -0000 @@ -5,3 +5,5 @@ BINDIR?= /boot # Options used when building standalone components CFLAGS+= -ffreestanding -fshort-wchar -Wformat LDFLAGS+= -nostdlib + +.include "../Makefile.inc" Index: sys/boot/ia64/common/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/ia64/common/Makefile,v retrieving revision 1.1 diff -u -p -r1.1 Makefile --- sys/boot/ia64/common/Makefile 5 Nov 2006 22:03:03 -0000 1.1 +++ sys/boot/ia64/common/Makefile 16 Apr 2008 09:14:35 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/ia64/common/Makefile,v 1.1 2006/11/05 22:03:03 marcel Exp $ +WITHOUT_SSP= + .include LIB= ia64 Index: sys/boot/ia64/efi/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/ia64/efi/Makefile,v retrieving revision 1.28 diff -u -p -r1.28 Makefile --- sys/boot/ia64/efi/Makefile 5 Nov 2006 22:03:03 -0000 1.28 +++ sys/boot/ia64/efi/Makefile 16 Apr 2008 09:15:11 -0000 @@ -1,6 +1,7 @@ # $FreeBSD: src/sys/boot/ia64/efi/Makefile,v 1.28 2006/11/05 22:03:03 marcel Exp $ NO_MAN= +WITHOUT_SSP= .include Index: sys/boot/ia64/ski/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/ia64/ski/Makefile,v retrieving revision 1.20 diff -u -p -r1.20 Makefile --- sys/boot/ia64/ski/Makefile 5 Nov 2006 22:03:04 -0000 1.20 +++ sys/boot/ia64/ski/Makefile 16 Apr 2008 09:15:25 -0000 @@ -1,6 +1,7 @@ # $FreeBSD: src/sys/boot/ia64/ski/Makefile,v 1.20 2006/11/05 22:03:04 marcel Exp $ NO_MAN= +WITHOUT_SSP= .include Index: sys/boot/ofw/Makefile.inc =================================================================== RCS file: sys/boot/ofw/Makefile.inc diff -N sys/boot/ofw/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/ofw/Makefile.inc 28 Mar 2008 07:43:20 -0000 @@ -0,0 +1 @@ +.include "../Makefile.inc" Index: sys/boot/pc98/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/pc98/Makefile.inc,v retrieving revision 1.7 diff -u -p -r1.7 Makefile.inc --- sys/boot/pc98/Makefile.inc 15 Oct 2007 14:20:24 -0000 1.7 +++ sys/boot/pc98/Makefile.inc 28 Mar 2008 07:44:15 -0000 @@ -19,3 +19,5 @@ BTXDIR= ${.CURDIR}/../btx BTXLDR= ${BTXDIR}/btxldr/btxldr BTXKERN= ${BTXDIR}/btx/btx BTXCRT= ${BTXDIR}/lib/crt0.o + +.include "../Makefile.inc" Index: sys/boot/pc98/loader/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/pc98/loader/Makefile,v retrieving revision 1.41 diff -u -p -r1.41 Makefile --- sys/boot/pc98/loader/Makefile 2 Nov 2006 00:26:45 -0000 1.41 +++ sys/boot/pc98/loader/Makefile 16 Apr 2008 09:15:51 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/pc98/loader/Makefile,v 1.41 2006/11/02 00:26:45 marcel Exp $ +WITHOUT_SSP= + .include PROG= loader.sym Index: sys/boot/powerpc/Makefile.inc =================================================================== RCS file: sys/boot/powerpc/Makefile.inc diff -N sys/boot/powerpc/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/powerpc/Makefile.inc 28 Mar 2008 07:46:36 -0000 @@ -0,0 +1 @@ +.include "../Makefile.inc" Index: sys/boot/powerpc/ofw/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/powerpc/ofw/Makefile,v retrieving revision 1.23 diff -u -p -r1.23 Makefile --- sys/boot/powerpc/ofw/Makefile 23 Feb 2008 17:48:23 -0000 1.23 +++ sys/boot/powerpc/ofw/Makefile 16 Apr 2008 09:16:20 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/powerpc/ofw/Makefile,v 1.23 2008/02/23 17:48:23 marcel Exp $ +WITHOUT_SSP= + .include PROG= loader Index: sys/boot/sparc64/Makefile.inc =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/sparc64/Makefile.inc,v retrieving revision 1.1 diff -u -p -r1.1 Makefile.inc --- sys/boot/sparc64/Makefile.inc 9 Feb 2004 14:17:02 -0000 1.1 +++ sys/boot/sparc64/Makefile.inc 28 Mar 2008 07:49:09 -0000 @@ -3,3 +3,5 @@ BINDIR?= /boot CFLAGS+= -ffreestanding LDFLAGS+= -nostdlib + +.include "../Makefile.inc" Index: sys/boot/sparc64/loader/Makefile =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/boot/sparc64/loader/Makefile,v retrieving revision 1.20 diff -u -p -r1.20 Makefile --- sys/boot/sparc64/loader/Makefile 17 Mar 2006 18:54:36 -0000 1.20 +++ sys/boot/sparc64/loader/Makefile 16 Apr 2008 09:16:39 -0000 @@ -1,5 +1,7 @@ # $FreeBSD: src/sys/boot/sparc64/loader/Makefile,v 1.20 2006/03/17 18:54:36 ru Exp $ +WITHOUT_SSP= + .include PROG= loader Index: sys/boot/uboot/Makefile.inc =================================================================== RCS file: sys/boot/uboot/Makefile.inc diff -N sys/boot/uboot/Makefile.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/boot/uboot/Makefile.inc 28 Mar 2008 07:50:18 -0000 @@ -0,0 +1 @@ +.include "../Makefile.inc" Index: sys/conf/files =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/conf/files,v retrieving revision 1.1284 diff -u -p -r1.1284 files --- sys/conf/files 26 Mar 2008 15:23:08 -0000 1.1284 +++ sys/conf/files 27 Mar 2008 21:24:57 -0000 @@ -1507,6 +1507,7 @@ kern/posix4_mib.c standard kern/sched_4bsd.c optional sched_4bsd kern/sched_ule.c optional sched_ule kern/serdev_if.m standard +kern/stack_protector.c standard kern/subr_acl_posix1e.c standard kern/subr_autoconf.c standard kern/subr_blist.c standard Index: sys/conf/kern.mk =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/conf/kern.mk,v retrieving revision 1.52 diff -u -p -r1.52 kern.mk --- sys/conf/kern.mk 24 May 2007 21:53:42 -0000 1.52 +++ sys/conf/kern.mk 29 Mar 2008 13:44:15 -0000 @@ -97,3 +97,10 @@ CFLAGS+= -ffreestanding .if ${CC} == "icc" CFLAGS+= -restrict .endif + +# +# GCC SSP support. +# +.if ${MK_SSP} != "no" && ${CC} != "icc" +CFLAGS+= -fstack-protector +.endif Index: sys/conf/kern.pre.mk =================================================================== RCS file: /mnt/octobre/space/freebsd-cvs/src/sys/conf/kern.pre.mk,v retrieving revision 1.97 diff -u -p -r1.97 kern.pre.mk --- sys/conf/kern.pre.mk 2 Feb 2008 19:55:28 -0000 1.97 +++ sys/conf/kern.pre.mk 29 Mar 2008 14:06:45 -0000 @@ -3,10 +3,7 @@ # Part of a unified Makefile for building kernels. This part contains all # of the definitions that need to be before %BEFORE_DEPEND. -SRCCONF?= /etc/src.conf -.if exists(${SRCCONF}) -.include "${SRCCONF}" -.endif +.include # Can be overridden by makeoptions or /etc/make.conf KERNEL_KO?= kernel Index: sys/kern/stack_protector.c =================================================================== RCS file: sys/kern/stack_protector.c diff -N sys/kern/stack_protector.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ sys/kern/stack_protector.c 29 Mar 2008 18:20:37 -0000 @@ -0,0 +1,32 @@ +#include +#include +#include +#include +#include + +#if defined(__SSP__) || defined(__SSP_ALL__) +long __stack_chk_guard[8] = {}; +void __stack_chk_fail(void); + +void +__stack_chk_fail(void) +{ + + panic("stack overflow detected; backtrace may be corrupted"); +} + +#define __arraycount(__x) (sizeof(__x) / sizeof(__x[0])) +static void +__stack_chk_init(void *dummy __unused) +{ + size_t i; + long guard[__arraycount(__stack_chk_guard)]; + + arc4rand(guard, sizeof(guard), 0); + for (i = 0; i < __arraycount(guard); i++) + __stack_chk_guard[i] = guard[i]; +} +/* SI_SUB_EVENTHANDLER is right after SI_SUB_LOCK used by arc4rand() init. */ +SYSINIT(stack_chk, SI_SUB_EVENTHANDLER, SI_ORDER_ANY, __stack_chk_init, NULL); + +#endif --eAbsdosE1cNLO4uF--