Date: Wed, 5 Nov 2014 18:01:40 +0200 From: Timo Teras <timo.teras@....fi> To: John Spencer <maillist-musl@...fooze.de> Cc: musl@...ts.openwall.com, Gregor Richards <gr@...due.edu> Subject: Re: fixing -fPIE + -fstack-protector-all On Wed, 05 Nov 2014 16:25:03 +0100 John Spencer <maillist-musl@...fooze.de> wrote: > using -fPIE + -fstack-protector-all is currently broken for a number > of architectures (most notably i386) in the default gcc setup > (including the musl-cross patches), as it depends on a > libssp_nonshared.a which provides __stack_chk_fail_local(). In Alpine Linux we are patching gcc to unconditionally to have -lssp_nonshared: http://git.alpinelinux.org/cgit/aports/tree/main/gcc/gcc-4.8-musl-libssp.patch And making musl package provide that library: http://git.alpinelinux.org/cgit/aports/tree/main/musl/__stack_chk_fail_local.c http://git.alpinelinux.org/cgit/aports/tree/main/musl/APKBUILD#n60 This is for two reasons: 1. gcc bootstrap is broken if it's to be compiled with -fstack-protector otherwise 2. Linking without "-fstack-protector" flag with .a or .o files that have been compiled with SSP would break. Basically, __stack_chk_fail_local symbol should be provided always. Agreeably gcc should emit 'hlt' or similar instead of that function call. Or at least provide implementation for that function with 'once' linking. /Timo
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.