Date: Wed, 05 Nov 2014 17:34:49 -0800 From: Andy Lutomirski <luto@...capital.net> To: musl@...ts.openwall.com Subject: Re: fixing -fPIE + -fstack-protector-all On 11/05/2014 07:43 AM, Rich Felker wrote: > On Wed, Nov 05, 2014 at 04:25:03PM +0100, John Spencer wrote: >> using -fPIE + -fstack-protector-all is currently broken for a number >> of architectures (most notably i386) in the default gcc setup >> (including the musl-cross patches), as it depends on a >> libssp_nonshared.a which provides __stack_chk_fail_local(). > > As discussed on IRC, I would _like_ to be able to simply add the > following to crt/i386/crti.s: > > __stack_chk_fail_local: hlt > > and equivalent for other archs. This has the added benefit of > effecting a crash without going through the PLT (whereas > libssp_nonshared.a's __stack_chk_fail_local calls __stack_chk_fail via > the PLT) so it's not vulnerable to attacks that have overwritten the > GOT with malicious pointers. > > However, this proposed solution breaks one odd corner case: static > linking when all the source files were compiled with -fPIC or -fPIE. > In that case, there would be no references to __stack_chk_fail, only > to __stack_chk_fail_local, and thereby __init_ssp would not get > linked, and a zero canary would be used. Can you do something like: __stack_chk_fail_local: hlt .pushsection .discard call __init_ssp .popsection and stick it in either its own object or its own group? Or is ld too clever for that? --Andy
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.