[OpenWrt-Devel] [PATCH 1/1] toolchain: remove gcc libssp and use libc variant

Rosen Penev rosenp at gmail.com
Tue Jun 2 16:29:27 EDT 2020


On Mon, May 25, 2020 at 7:20 PM Ian Cooper <iancooper at hotmail.com> wrote:
>
> Removes the standalone implementation of stack smashing protection
> in gcc's libssp in favour of the native implementation in musl,
> glibc and uClibc and introduces a uniform configuration interface.
>
> This also makes kernel-level stack smashing protection available
> for builds using non-musl libc (subject to architecture support).
>
> Signed-off-by: Ian Cooper <iancooper at hotmail.com>
I tested this. I noticed two problems.

It breaks make menuconfig by moving some advanced developer options to
the front.

It also breaks some packages that used libssp. I noticed this with my
latest version bump of pkgconf with certain platforms.
> ---
>  config/Config-build.in      | 4 ----
>  toolchain/Config.in         | 2 +-
>  toolchain/binutils/Makefile | 8 --------
>  toolchain/gcc/Config.in     | 6 +-----
>  toolchain/glibc/common.mk   | 3 ++-
>  5 files changed, 4 insertions(+), 19 deletions(-)
>
> diff --git a/config/Config-build.in b/config/Config-build.in
> index 61a9265ad7..ac1e05d2ff 100644
> --- a/config/Config-build.in
> +++ b/config/Config-build.in
> @@ -249,7 +249,6 @@ menu "Global build settings"
>
>         choice
>                 prompt "User space Stack-Smashing Protection"
> -               depends on USE_MUSL
>                 default PKG_CC_STACKPROTECTOR_REGULAR
>                 help
>                   Enable GCC Stack Smashing Protection (SSP) for userspace applications
> @@ -257,18 +256,15 @@ menu "Global build settings"
>                         bool "None"
>                 config PKG_CC_STACKPROTECTOR_REGULAR
>                         bool "Regular"
> -                       select GCC_LIBSSP if !USE_MUSL
>                         depends on KERNEL_CC_STACKPROTECTOR_REGULAR
>                 config PKG_CC_STACKPROTECTOR_STRONG
>                         bool "Strong"
> -                       select GCC_LIBSSP if !USE_MUSL
>                         depends on KERNEL_CC_STACKPROTECTOR_STRONG
>         endchoice
>
>         choice
>                 prompt "Kernel space Stack-Smashing Protection"
>                 default KERNEL_CC_STACKPROTECTOR_REGULAR
> -               depends on USE_MUSL || !(x86_64 || i386)
>                 help
>                   Enable GCC Stack-Smashing Protection (SSP) for the kernel
>                 config KERNEL_CC_STACKPROTECTOR_NONE
> diff --git a/toolchain/Config.in b/toolchain/Config.in
> index 762f4e10d7..cb557d4ad3 100644
> --- a/toolchain/Config.in
> +++ b/toolchain/Config.in
> @@ -284,7 +284,7 @@ config USE_MUSL
>         bool
>
>  config SSP_SUPPORT
> -       default y if USE_MUSL || GCC_LIBSSP
> +       default y if !PKG_CC_STACKPROTECTOR_NONE
>         bool
>
>  config USE_EXTERNAL_LIBC
> diff --git a/toolchain/binutils/Makefile b/toolchain/binutils/Makefile
> index c5c8bf588c..6eee77eaa9 100644
> --- a/toolchain/binutils/Makefile
> +++ b/toolchain/binutils/Makefile
> @@ -54,14 +54,6 @@ HOST_CONFIGURE_ARGS = \
>         $(SOFT_FLOAT_CONFIG_OPTION) \
>         $(call qstrip,$(CONFIG_EXTRA_BINUTILS_CONFIG_OPTIONS))
>
> -ifneq ($(CONFIG_SSP_SUPPORT),)
> -  HOST_CONFIGURE_ARGS+= \
> -               --enable-libssp
> -else
> -  HOST_CONFIGURE_ARGS+= \
> -               --disable-libssp
> -endif
> -
>  ifneq ($(CONFIG_EXTRA_TARGET_ARCH),)
>    HOST_CONFIGURE_ARGS+= \
>                 --enable-targets=$(call qstrip,$(CONFIG_EXTRA_TARGET_ARCH_NAME))-linux-$(TARGET_SUFFIX)
> diff --git a/toolchain/gcc/Config.in b/toolchain/gcc/Config.in
> index 7d7f34210a..c481af88d0 100644
> --- a/toolchain/gcc/Config.in
> +++ b/toolchain/gcc/Config.in
> @@ -49,11 +49,7 @@ config GCC_DEFAULT_SSP
>
>  config GCC_LIBSSP
>         bool
> -       prompt "Build gcc libssp" if TOOLCHAINOPTS
> -       depends on !USE_MUSL
> -       default y if !USE_MUSL
> -       help
> -           Enable Stack-Smashing Protection support
> +       default n
>
>  config SJLJ_EXCEPTIONS
>         bool
> diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk
> index 768ff19060..b908afc50f 100644
> --- a/toolchain/glibc/common.mk
> +++ b/toolchain/glibc/common.mk
> @@ -39,7 +39,6 @@ ifeq ($(ARCH),mips64)
>    endif
>  endif
>
> -
>  # -Os miscompiles w. 2.24 gcc5/gcc6
>  # only -O2 tested by upstream changeset
>  # "Optimize i386 syscall inlining for GCC 5"
> @@ -61,6 +60,8 @@ GLIBC_CONFIGURE:= \
>                 --without-cvs \
>                 --enable-add-ons \
>                 --$(if $(CONFIG_SOFT_FLOAT),without,with)-fp \
> +                 $(if $(CONFIG_PKG_CC_STACKPROTECTOR_REGULAR),--enable-stack-protector=yes,) \
> +                 $(if $(CONFIG_PKG_CC_STACKPROTECTOR_STRONG),--enable-stack-protector=strong,) \
>                 --enable-kernel=4.14.0
>
>  export libc_cv_ssp=no
> --
> 2.25.1
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel

_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list