Author: kan
Date: Sun Jun 28 23:51:39 2009
New Revision: 195151
URL: http://svn.freebsd.org/changeset/base/195151
Log:
Eliminate .text relocations in shared libraries compiled with stack protector.
Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC generates
local calls to this function which result in absolute relocations put into
position-independent code segment, making dynamic loader do extra work everys
time given shared library is being relocated and making affected text pages
non-shareable.
Reviewed by: kib
Approved by: re (kensmith)
Modified:
head/Makefile.inc1
head/gnu/lib/libgcc/Makefile
head/gnu/lib/libssp/libssp_nonshared/Makefile
head/gnu/usr.bin/cc/cc_tools/freebsd-native.h
head/lib/libc/Makefile
head/lib/libc/sys/Symbol.map
head/lib/libc/sys/stack_protector.c
head/libexec/rtld-elf/Makefile
Modified: head/Makefile.inc1
==============================================================================
--- head/Makefile.inc1 Sun Jun 28 23:21:18 2009 (r195150)
+++ head/Makefile.inc1 Sun Jun 28 23:51:39 2009 (r195151)
@@ -1069,7 +1069,7 @@ libraries:
#
# static libgcc.a prerequisite for shared libc
#
-_prereq_libs= gnu/lib/libgcc
+_prereq_libs= gnu/lib/libssp/libssp_nonshared gnu/lib/libgcc
# These dependencies are not automatically generated:
#
Modified: head/gnu/lib/libgcc/Makefile
==============================================================================
--- head/gnu/lib/libgcc/Makefile Sun Jun 28 23:21:18 2009
(r195150)
+++ head/gnu/lib/libgcc/Makefile Sun Jun 28 23:51:39 2009
(r195151)
@@ -6,6 +6,12 @@ LIB= gcc
SHLIB_NAME= libgcc_s.so.1
SHLIBDIR?= /lib
+#
+# libgcc is linked in last and thus cannot depend on ssp symbols coming
+# from earlier libraries. Disable stack protection for this library.
+#
+WITHOUT_SSP= yes
+
.include <bsd.own.mk>
.include "${.CURDIR}/../../usr.bin/cc/Makefile.tgt"
@@ -18,7 +24,7 @@ CFLAGS+= -DIN_GCC -DIN_LIBGCC2 -D__GCC_F
-I${.CURDIR}/../../usr.bin/cc/cc_tools
LDFLAGS+= -nodefaultlibs
-LDADD+= -lc
+LDADD+= -lc -lssp_nonshared
OBJS= # added to below in various ways depending on TARGET_ARCH
Modified: head/gnu/lib/libssp/libssp_nonshared/Makefile
==============================================================================
--- head/gnu/lib/libssp/libssp_nonshared/Makefile Sun Jun 28 23:21:18
2009 (r195150)
+++ head/gnu/lib/libssp/libssp_nonshared/Makefile Sun Jun 28 23:51:39
2009 (r195151)
@@ -13,6 +13,6 @@ SRCS= ssp-local.c
CFLAGS+= -DHAVE_CONFIG_H
CFLAGS+= -I${.CURDIR}/.. -I${GCCLIB}/libssp -I${GCCLIB}/include
-CFLAGS+= -fPIC -DPIC
+CFLAGS+= -fPIC -DPIC -fvisibility=hidden
.include <bsd.lib.mk>
Modified: head/gnu/usr.bin/cc/cc_tools/freebsd-native.h
==============================================================================
--- head/gnu/usr.bin/cc/cc_tools/freebsd-native.h Sun Jun 28 23:21:18
2009 (r195150)
+++ head/gnu/usr.bin/cc/cc_tools/freebsd-native.h Sun Jun 28 23:51:39
2009 (r195151)
@@ -62,3 +62,11 @@
/* FreeBSD is 4.4BSD derived */
#define bsd4_4
+
+/*
+ * Link in libssp_nonshared to get local hidden symbol for
+ * __stack_chk_fail_local into each binary that needs it.
+ * Linux does this with static part of their libc.so linker script, we reuse
+ * libssp_nonshared.a for the same purpose.
+ */
+#define LINK_SSP_SPEC
"%{fstack-protector|fstack-protector-all:-lssp_nonshared}"
Modified: head/lib/libc/Makefile
==============================================================================
--- head/lib/libc/Makefile Sun Jun 28 23:21:18 2009 (r195150)
+++ head/lib/libc/Makefile Sun Jun 28 23:51:39 2009 (r195151)
@@ -26,7 +26,7 @@ PRECIOUSLIB=
#
DPADD+= ${LIBGCC}
LDFLAGS+= -nodefaultlibs
-LDADD+= -lgcc
+LDADD+= -lgcc -lssp_nonshared
# Define (empty) variables so that make doesn't give substitution
# errors if the included makefiles don't change these:
Modified: head/lib/libc/sys/Symbol.map
==============================================================================
--- head/lib/libc/sys/Symbol.map Sun Jun 28 23:21:18 2009
(r195150)
+++ head/lib/libc/sys/Symbol.map Sun Jun 28 23:51:39 2009
(r195151)
@@ -282,7 +282,6 @@ FBSD_1.0 {
socket;
socketpair;
__stack_chk_fail;
- __stack_chk_fail_local;
__stack_chk_guard;
stat;
statfs;
Modified: head/lib/libc/sys/stack_protector.c
==============================================================================
--- head/lib/libc/sys/stack_protector.c Sun Jun 28 23:21:18 2009
(r195150)
+++ head/lib/libc/sys/stack_protector.c Sun Jun 28 23:51:39 2009
(r195151)
@@ -47,7 +47,6 @@ static void __guard_setup(void) __attrib
static void __fail(const char *);
void __stack_chk_fail(void);
void __chk_fail(void);
-void __stack_chk_fail_local(void);
/*LINTED used*/
static void
@@ -109,8 +108,4 @@ __chk_fail(void)
__fail("buffer overflow detected; terminated");
}
-void
-__stack_chk_fail_local(void)
-{
- __stack_chk_fail();
-}
+__sym_compat(__stack_chk_fail_local, __stack_chk_fail, FBSD_1.0);
Modified: head/libexec/rtld-elf/Makefile
==============================================================================
--- head/libexec/rtld-elf/Makefile Sun Jun 28 23:21:18 2009
(r195150)
+++ head/libexec/rtld-elf/Makefile Sun Jun 28 23:51:39 2009
(r195151)
@@ -22,7 +22,7 @@ MLINKS= rtld.1 ld-elf.so.1.1 \
CFLAGS+= -fpic -DPIC
LDFLAGS+= -shared -Wl,-Bsymbolic
DPADD= ${LIBC_PIC}
-LDADD= -lc_pic
+LDADD= -lc_pic -lssp_nonshared
.if ${MACHINE_ARCH} != "ia64"
.if ${MK_SYMVER} == "yes"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"
