AuroraMiddleware/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2024-09-19 16:10:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

csu: Disable stack protector for static-reloc for static-pie

Browse Source 
For instance on x86_64 with gcc 12.1.1 andwith fstack-protector
enabled the empty function still generates a stack protector code
sequence:

  0000000000000000 <_dl_relocate_static_pie>:
     0:   48 83 ec 18             sub    $0x18,%rsp
     4:   64 48 8b 04 25 28 00    mov    %fs:0x28,%rax
     b:   00 00
     d:   48 89 44 24 08          mov    %rax,0x8(%rsp)
    12:   31 c0                   xor    %eax,%eax
    14:   48 8b 44 24 08          mov    0x8(%rsp),%rax
    19:   64 48 2b 04 25 28 00    sub    %fs:0x28,%rax
    20:   00 00
    22:   75 05                   jne    29 <_dl_relocate_static_pie+0x29>
    24:   48 83 c4 18             add    $0x18,%rsp
    28:   c3                      ret
    29:   e8 00 00 00 00          call   2e <_dl_relocate_static_pie+0x2e>

And since the function is called prior thread pointer setup, it
triggers a invalid memory access (this is shown with the failure
of elf/tst-tls1-static-non-pie).

Although it might characterizes as compiler issue or missed
optimization, to be safe also disables stack protector on
static-reloc object.

Checked on x86_64-linux-gnu and sparc64-linux-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
This commit is contained in:
Adhemerval Zanella 2022-10-05 14:07:28 -03:00
parent 90d58fe844
commit e82aab227b
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
csu/Makefile
View File

@ -50,15 +50,21 @@ tests =
# applications, so that build flags matter.
# See <https://sourceware.org/ml/libc-alpha/2018-07/msg00101.html>.
#
# The function is called prior the thread pointer setup, and if stack
# protector is enabled the compiler might still generate the stack check
# (which requires the thread pointer correctly set).
extra-no-ssp = static-reloc
# libc-start.os is safe to be built with stack protector since
# __libc_start_main is called after stack canary setup is done.
ssp-safe.os = static-reloc libc-start
ssp-safe.os = libc-start
CFLAGS-.o += $(call elide-stack-protector,.o,$(routines))
CFLAGS-.op += $(call elide-stack-protector,.op,$(routines))
CFLAGS-.oS += $(call elide-stack-protector,.oS,$(routines))
CFLAGS-.o += $(call elide-stack-protector,.o,$(routines) $(extra-no-ssp))
CFLAGS-.op += $(call elide-stack-protector,.op,$(routines) $(extra-no-ssp))
CFLAGS-.oS += $(call elide-stack-protector,.oS,$(routines) $(extra-no-ssp))
CFLAGS-.os += $(call elide-stack-protector,.os,$(filter-out \
$(ssp-safe.os),$(routines)))
$(ssp-safe.os), \
$(routines) $(extra-no-ssp)))
ifeq (yes,$(build-shared))
extra-objs += S$(start-installed-name) gmon-start.os