From 99ee4d26dc07c3eadfbf6793db26ef9dfb1551e5 Mon Sep 17 00:00:00 2001 From: Samuel Thibault Date: Sun, 27 Aug 2017 22:26:49 +0200 Subject: hurd: Fix static initialization with -fstack-protector-strong When linked statically, TLS initialization is not achieved before mach_init and alike, so ssp accesses to tcbhead's stack_guard would crash. We can just avoid using ssp in the few functions needed before TLS is set up. * mach/Makefile (CFLAGS-mach_init.o, CFLAGS-RPC_vm_statistics.o, CFLAGS-RPC_vm_map.o, CFLAGS-RPC_vm_protect.o, CFLAGS-RPC_i386_set_gdt.o, CFLAGS-RPC_i386_set_ldt.o, CFLAGS-RPC_task_get_special_port.o): Add $(no-stack-protector). * hurd/Makefile (CFLAGS-hurdstartup.o, CFLAGS-RPC_exec_startup_get_info.o): Add $(no-stack-protector). --- ChangeLog | 6 ++++++ hurd/Makefile | 4 ++++ mach/Makefile | 9 +++++++++ 3 files changed, 19 insertions(+) diff --git a/ChangeLog b/ChangeLog index 4d94fee93b..a93769f3b5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,12 @@ stack_chk_fail_local. * mach/Versions (GLIBC_2.4): Add __stack_chk_fail. * hurd/Versions (GLIBC_2.4): Add __stack_chk_fail. + * mach/Makefile (CFLAGS-mach_init.o, CFLAGS-RPC_vm_statistics.o, + CFLAGS-RPC_vm_map.o, CFLAGS-RPC_vm_protect.o, + CFLAGS-RPC_i386_set_gdt.o, CFLAGS-RPC_i386_set_ldt.o, + CFLAGS-RPC_task_get_special_port.o): Add $(no-stack-protector). + * hurd/Makefile (CFLAGS-hurdstartup.o, + CFLAGS-RPC_exec_startup_get_info.o): Add $(no-stack-protector). 2017-08-25 H.J. Lu diff --git a/hurd/Makefile b/hurd/Makefile index 9205822b24..b44b9b80c6 100644 --- a/hurd/Makefile +++ b/hurd/Makefile @@ -81,6 +81,10 @@ $(inlines:%=$(objpfx)%.c): $(objpfx)%-inlines.c: %.h echo '#include "$<"') > $@-new mv -f $@-new $@ generated += $(inlines:=.c) + +# Avoid ssp before TLS is initialized. +CFLAGS-hurdstartup.o = $(no-stack-protector) +CFLAGS-RPC_exec_startup_get_info.o = $(no-stack-protector) include ../mach/Machrules include ../Rules diff --git a/mach/Makefile b/mach/Makefile index 127cad00ca..b4f18b1525 100644 --- a/mach/Makefile +++ b/mach/Makefile @@ -53,6 +53,15 @@ server-interfaces := mach/exc # Clear any environment value. generated = + +# Avoid ssp before TLS is initialized. +CFLAGS-mach_init.o = $(no-stack-protector) +CFLAGS-RPC_vm_statistics.o = $(no-stack-protector) +CFLAGS-RPC_vm_map.o = $(no-stack-protector) +CFLAGS-RPC_vm_protect.o = $(no-stack-protector) +CFLAGS-RPC_i386_set_gdt.o = $(no-stack-protector) +CFLAGS-RPC_i386_set_ldt.o = $(no-stack-protector) +CFLAGS-RPC_task_get_special_port.o = $(no-stack-protector) # Translate GNU names for CPUs into the names used in Mach header files. mach-machine = $(patsubst powerpc,ppc,$(base-machine)) -- cgit 1.4.1