On Mon, May 25, 2020 at 7:20 PM Ian Cooper <iancoo...@hotmail.com> wrote: > > Removes the standalone implementation of stack smashing protection > in gcc's libssp in favour of the native implementation in musl, > glibc and uClibc and introduces a uniform configuration interface. > > This also makes kernel-level stack smashing protection available > for builds using non-musl libc (subject to architecture support). > > Signed-off-by: Ian Cooper <iancoo...@hotmail.com> I tested this. I noticed two problems.
It breaks make menuconfig by moving some advanced developer options to the front. It also breaks some packages that used libssp. I noticed this with my latest version bump of pkgconf with certain platforms. > --- > config/Config-build.in | 4 ---- > toolchain/Config.in | 2 +- > toolchain/binutils/Makefile | 8 -------- > toolchain/gcc/Config.in | 6 +----- > toolchain/glibc/common.mk | 3 ++- > 5 files changed, 4 insertions(+), 19 deletions(-) > > diff --git a/config/Config-build.in b/config/Config-build.in > index 61a9265ad7..ac1e05d2ff 100644 > --- a/config/Config-build.in > +++ b/config/Config-build.in > @@ -249,7 +249,6 @@ menu "Global build settings" > > choice > prompt "User space Stack-Smashing Protection" > - depends on USE_MUSL > default PKG_CC_STACKPROTECTOR_REGULAR > help > Enable GCC Stack Smashing Protection (SSP) for userspace > applications > @@ -257,18 +256,15 @@ menu "Global build settings" > bool "None" > config PKG_CC_STACKPROTECTOR_REGULAR > bool "Regular" > - select GCC_LIBSSP if !USE_MUSL > depends on KERNEL_CC_STACKPROTECTOR_REGULAR > config PKG_CC_STACKPROTECTOR_STRONG > bool "Strong" > - select GCC_LIBSSP if !USE_MUSL > depends on KERNEL_CC_STACKPROTECTOR_STRONG > endchoice > > choice > prompt "Kernel space Stack-Smashing Protection" > default KERNEL_CC_STACKPROTECTOR_REGULAR > - depends on USE_MUSL || !(x86_64 || i386) > help > Enable GCC Stack-Smashing Protection (SSP) for the kernel > config KERNEL_CC_STACKPROTECTOR_NONE > diff --git a/toolchain/Config.in b/toolchain/Config.in > index 762f4e10d7..cb557d4ad3 100644 > --- a/toolchain/Config.in > +++ b/toolchain/Config.in > @@ -284,7 +284,7 @@ config USE_MUSL > bool > > config SSP_SUPPORT > - default y if USE_MUSL || GCC_LIBSSP > + default y if !PKG_CC_STACKPROTECTOR_NONE > bool > > config USE_EXTERNAL_LIBC > diff --git a/toolchain/binutils/Makefile b/toolchain/binutils/Makefile > index c5c8bf588c..6eee77eaa9 100644 > --- a/toolchain/binutils/Makefile > +++ b/toolchain/binutils/Makefile > @@ -54,14 +54,6 @@ HOST_CONFIGURE_ARGS = \ > $(SOFT_FLOAT_CONFIG_OPTION) \ > $(call qstrip,$(CONFIG_EXTRA_BINUTILS_CONFIG_OPTIONS)) > > -ifneq ($(CONFIG_SSP_SUPPORT),) > - HOST_CONFIGURE_ARGS+= \ > - --enable-libssp > -else > - HOST_CONFIGURE_ARGS+= \ > - --disable-libssp > -endif > - > ifneq ($(CONFIG_EXTRA_TARGET_ARCH),) > HOST_CONFIGURE_ARGS+= \ > --enable-targets=$(call > qstrip,$(CONFIG_EXTRA_TARGET_ARCH_NAME))-linux-$(TARGET_SUFFIX) > diff --git a/toolchain/gcc/Config.in b/toolchain/gcc/Config.in > index 7d7f34210a..c481af88d0 100644 > --- a/toolchain/gcc/Config.in > +++ b/toolchain/gcc/Config.in > @@ -49,11 +49,7 @@ config GCC_DEFAULT_SSP > > config GCC_LIBSSP > bool > - prompt "Build gcc libssp" if TOOLCHAINOPTS > - depends on !USE_MUSL > - default y if !USE_MUSL > - help > - Enable Stack-Smashing Protection support > + default n > > config SJLJ_EXCEPTIONS > bool > diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk > index 768ff19060..b908afc50f 100644 > --- a/toolchain/glibc/common.mk > +++ b/toolchain/glibc/common.mk > @@ -39,7 +39,6 @@ ifeq ($(ARCH),mips64) > endif > endif > > - > # -Os miscompiles w. 2.24 gcc5/gcc6 > # only -O2 tested by upstream changeset > # "Optimize i386 syscall inlining for GCC 5" > @@ -61,6 +60,8 @@ GLIBC_CONFIGURE:= \ > --without-cvs \ > --enable-add-ons \ > --$(if $(CONFIG_SOFT_FLOAT),without,with)-fp \ > + $(if > $(CONFIG_PKG_CC_STACKPROTECTOR_REGULAR),--enable-stack-protector=yes,) \ > + $(if > $(CONFIG_PKG_CC_STACKPROTECTOR_STRONG),--enable-stack-protector=strong,) \ > --enable-kernel=4.14.0 > > export libc_cv_ssp=no > -- > 2.25.1 > > > _______________________________________________ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
