Re: How to turn off SSP stack-protector on 11.0S

2016-11-29 Thread Konstantin Belousov 
On Tue, Nov 29, 2016 at 12:32:28PM +1100, Dewayne Geraghty wrote:
> Is WITHOUT_SSP actually honoured and is building a world and/or ports
> without SSP possible? Advise/suggestions appreciated.
> 
> Amongst the 9 different server configurations that we build/support, we've
> been asked to build a machine dedicated to PROLOG use.  (yes really).
> 
> As such we're trying to turn off everything that isn't needed for this
> particular server.  For those concerned with security, it is an air-gap
> machine receiving data via usb.
> 
> We've built/installed 11.0S from source.  Now we're building the custom
> server.  However, even with WITHOUT_SSP= in both /etc/make.conf and
> /etc/src.conf, we come up against little issues like:
> "can not find /usr/lib/libssp_nonshared.a"
So, does your host have /usr/lib/libssp_nonshared.a ?  How did you installed
11.0, and what does designator 11.0S above mean ?

Easy way out is to claim that r307146 should help you, but I suspect that
there is something more broken in your configuration or build/install
method.

> 
> An example:
> Stage 2.3: build tools
> ===> bin/csh (obj,build-tools)
> grep 'ERR_' /usr/src/bin/csh/../../contrib/tcsh/sh.err.c | grep '^#define'
> >> sh.err.h
> cc -E -O2 -pipe -g0 -ggdb0 -DSTRIP_FBSDID -UDEBUGGING -UDEBUG
> -DUSB_HAVE_DISABLE_ENUM -I. -I/usr/src/bin/csh
> -I/usr/src/bin/csh/../../contrib/tcsh -D_PATH_TCSHELL='"/bin/csh"' -g
> -std=gnu99 -Qunused-arguments
> -I/usr/obj/prod/110001/D/K8/usr/src/tmp/legacy/usr/include
> /usr/src/bin/csh/../../contrib/tcsh/tc.const.c
> /usr/src/bin/csh/../../contrib/tcsh/sh.char.h /usr/src/bin/csh/config.h
> /usr/src/bin/csh/../../contrib/tcsh/config_f.h
> /usr/src/bin/csh/../../contrib/tcsh/sh.types.h sh.err.h -D_h_tc_const |
> grep 'Char STR' |  sed -e 's/Char \([a-zA-Z0-9_]*\)\(.*\)/extern Char
> \1[];/' |  sort >> tc.const.h
> cc -o gethost  -L/usr/obj/prod/110001/D/K8/usr/src/tmp/legacy/usr/lib -O2
> -pipe -g0 -ggdb0 -DSTRIP_FBSDID  -UDEBUGGING -UDEBUG
> -DUSB_HAVE_DISABLE_ENUM -I. -I/usr/src/bin/csh
> -I/usr/src/bin/csh/../../contrib/tcsh -D_PATH_TCSHELL='"/bin/csh"' -g
> -std=gnu99 -Qunused-arguments
> -I/usr/obj/prod/110001/D/K8/usr/src/tmp/legacy/usr/include
> /usr/src/bin/csh/../../contrib/tcsh/gethost.c
> /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
> cc: error: linker command failed with exit code 1 (use -v to see invocation)
> *** [gethost] Error code 1
> 
> Note the
> /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
> 
> It seems that the linker is trying to use the above library during the
> build of all static images/executables.

P.S. Toolchain@ is the place where you more likely to get a useful feedback.
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

How to turn off SSP stack-protector on 11.0S

2016-11-28 Thread Dewayne Geraghty 
Is WITHOUT_SSP actually honoured and is building a world and/or ports
without SSP possible? Advise/suggestions appreciated.

Amongst the 9 different server configurations that we build/support, we've
been asked to build a machine dedicated to PROLOG use.  (yes really).

As such we're trying to turn off everything that isn't needed for this
particular server.  For those concerned with security, it is an air-gap
machine receiving data via usb.

We've built/installed 11.0S from source.  Now we're building the custom
server.  However, even with WITHOUT_SSP= in both /etc/make.conf and
/etc/src.conf, we come up against little issues like:
"can not find /usr/lib/libssp_nonshared.a"

An example:
Stage 2.3: build tools
===> bin/csh (obj,build-tools)
grep 'ERR_' /usr/src/bin/csh/../../contrib/tcsh/sh.err.c | grep '^#define'
>> sh.err.h
cc -E -O2 -pipe -g0 -ggdb0 -DSTRIP_FBSDID -UDEBUGGING -UDEBUG
-DUSB_HAVE_DISABLE_ENUM -I. -I/usr/src/bin/csh
-I/usr/src/bin/csh/../../contrib/tcsh -D_PATH_TCSHELL='"/bin/csh"' -g
-std=gnu99 -Qunused-arguments
-I/usr/obj/prod/110001/D/K8/usr/src/tmp/legacy/usr/include
/usr/src/bin/csh/../../contrib/tcsh/tc.const.c
/usr/src/bin/csh/../../contrib/tcsh/sh.char.h /usr/src/bin/csh/config.h
/usr/src/bin/csh/../../contrib/tcsh/config_f.h
/usr/src/bin/csh/../../contrib/tcsh/sh.types.h sh.err.h -D_h_tc_const |
grep 'Char STR' |  sed -e 's/Char \([a-zA-Z0-9_]*\)\(.*\)/extern Char
\1[];/' |  sort >> tc.const.h
cc -o gethost  -L/usr/obj/prod/110001/D/K8/usr/src/tmp/legacy/usr/lib -O2
-pipe -g0 -ggdb0 -DSTRIP_FBSDID  -UDEBUGGING -UDEBUG
-DUSB_HAVE_DISABLE_ENUM -I. -I/usr/src/bin/csh
-I/usr/src/bin/csh/../../contrib/tcsh -D_PATH_TCSHELL='"/bin/csh"' -g
-std=gnu99 -Qunused-arguments
-I/usr/obj/prod/110001/D/K8/usr/src/tmp/legacy/usr/include
/usr/src/bin/csh/../../contrib/tcsh/gethost.c
/usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
cc: error: linker command failed with exit code 1 (use -v to see invocation)
*** [gethost] Error code 1

Note the
/usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a

It seems that the linker is trying to use the above library during the
build of all static images/executables.
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"