Removes the standalone implementation of stack smashing protection
in gcc's libssp in favour of the native implementation in musl,
glibc and uClibc and introduces a uniform configuration interface.
This also makes kernel-level stack smashing protection available
for builds using non-musl libc (subject to architecture support).
Signed-off-by: Ian Cooper <iancoo...@hotmail.com>
---
config/Config-build.in | 4 ----
toolchain/Config.in | 2 +-
toolchain/binutils/Makefile | 8 --------
toolchain/gcc/Config.in | 6 +-----
toolchain/glibc/common.mk | 3 ++-
5 files changed, 4 insertions(+), 19 deletions(-)
diff --git a/config/Config-build.in b/config/Config-build.in
index 61a9265ad7..ac1e05d2ff 100644
--- a/config/Config-build.in
+++ b/config/Config-build.in
@@ -249,7 +249,6 @@ menu "Global build settings"
choice
prompt "User space Stack-Smashing Protection"
- depends on USE_MUSL
default PKG_CC_STACKPROTECTOR_REGULAR
help
Enable GCC Stack Smashing Protection (SSP) for userspace
applications
@@ -257,18 +256,15 @@ menu "Global build settings"
bool "None"
config PKG_CC_STACKPROTECTOR_REGULAR
bool "Regular"
- select GCC_LIBSSP if !USE_MUSL
depends on KERNEL_CC_STACKPROTECTOR_REGULAR
config PKG_CC_STACKPROTECTOR_STRONG
bool "Strong"
- select GCC_LIBSSP if !USE_MUSL
depends on KERNEL_CC_STACKPROTECTOR_STRONG
endchoice
choice
prompt "Kernel space Stack-Smashing Protection"
default KERNEL_CC_STACKPROTECTOR_REGULAR
- depends on USE_MUSL || !(x86_64 || i386)
help
Enable GCC Stack-Smashing Protection (SSP) for the kernel
config KERNEL_CC_STACKPROTECTOR_NONE
diff --git a/toolchain/Config.in b/toolchain/Config.in
index 762f4e10d7..cb557d4ad3 100644
--- a/toolchain/Config.in
+++ b/toolchain/Config.in
@@ -284,7 +284,7 @@ config USE_MUSL
bool
config SSP_SUPPORT
- default y if USE_MUSL || GCC_LIBSSP
+ default y if !PKG_CC_STACKPROTECTOR_NONE
bool
config USE_EXTERNAL_LIBC
diff --git a/toolchain/binutils/Makefile b/toolchain/binutils/Makefile
index c5c8bf588c..6eee77eaa9 100644
--- a/toolchain/binutils/Makefile
+++ b/toolchain/binutils/Makefile
@@ -54,14 +54,6 @@ HOST_CONFIGURE_ARGS = \
$(SOFT_FLOAT_CONFIG_OPTION) \
$(call qstrip,$(CONFIG_EXTRA_BINUTILS_CONFIG_OPTIONS))
-ifneq ($(CONFIG_SSP_SUPPORT),)
- HOST_CONFIGURE_ARGS+= \
- --enable-libssp
-else
- HOST_CONFIGURE_ARGS+= \
- --disable-libssp
-endif
-
ifneq ($(CONFIG_EXTRA_TARGET_ARCH),)
HOST_CONFIGURE_ARGS+= \
--enable-targets=$(call
qstrip,$(CONFIG_EXTRA_TARGET_ARCH_NAME))-linux-$(TARGET_SUFFIX)
diff --git a/toolchain/gcc/Config.in b/toolchain/gcc/Config.in
index 7d7f34210a..c481af88d0 100644
--- a/toolchain/gcc/Config.in
+++ b/toolchain/gcc/Config.in
@@ -49,11 +49,7 @@ config GCC_DEFAULT_SSP
config GCC_LIBSSP
bool
- prompt "Build gcc libssp" if TOOLCHAINOPTS
- depends on !USE_MUSL
- default y if !USE_MUSL
- help
- Enable Stack-Smashing Protection support
+ default n
config SJLJ_EXCEPTIONS
bool
diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk
index 768ff19060..b908afc50f 100644
--- a/toolchain/glibc/common.mk
+++ b/toolchain/glibc/common.mk
@@ -39,7 +39,6 @@ ifeq ($(ARCH),mips64)
endif
endif
-
# -Os miscompiles w. 2.24 gcc5/gcc6
# only -O2 tested by upstream changeset
# "Optimize i386 syscall inlining for GCC 5"
@@ -61,6 +60,8 @@ GLIBC_CONFIGURE:= \
--without-cvs \
--enable-add-ons \
--$(if $(CONFIG_SOFT_FLOAT),without,with)-fp \
+ $(if
$(CONFIG_PKG_CC_STACKPROTECTOR_REGULAR),--enable-stack-protector=yes,) \
+ $(if
$(CONFIG_PKG_CC_STACKPROTECTOR_STRONG),--enable-stack-protector=strong,) \
--enable-kernel=4.14.0
export libc_cv_ssp=no
--
2.25.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
