Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 06 Nov 2014 13:40:43 +0100
From: John Spencer <maillist-musl@...fooze.de>
To: Timo Teras <timo.teras@....fi>
CC:  musl@...ts.openwall.com, Gregor Richards <gr@...due.edu>
Subject: Re: fixing -fPIE + -fstack-protector-all

Timo Teras wrote:
> On Wed, 05 Nov 2014 16:25:03 +0100
> John Spencer <maillist-musl@...fooze.de> wrote:
> 
>> using -fPIE + -fstack-protector-all is currently broken for a number
>> of architectures (most notably i386) in the default gcc setup
>> (including the musl-cross patches), as it depends on a
>> libssp_nonshared.a which provides __stack_chk_fail_local().
> 
> In Alpine Linux we are patching gcc to unconditionally to have
> -lssp_nonshared:
> http://git.alpinelinux.org/cgit/aports/tree/main/gcc/gcc-4.8-musl-libssp.patch
> 
> And making musl package provide that library:
> http://git.alpinelinux.org/cgit/aports/tree/main/musl/__stack_chk_fail_local.c
> http://git.alpinelinux.org/cgit/aports/tree/main/musl/APKBUILD#n60
> 

yeah, i originally looked at what alpine does but then noticed that gcc 
builds its own libssp_nonshared.a anyway.
btw: the gcc one is, unlike alpine's, built with hidden visibility (from 
ssp-local.c):

extern void __stack_chk_fail (void);

void
__attribute__((visibility ("hidden")))
__stack_chk_fail_local (void)
{
   __stack_chk_fail ();
}

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.