This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

--enable-stack-protector for glibc, v9


Here, as promised, is version 9 of the stack-protected glibc patch,
incorporating all review comments to date (unless I missed some).  Sorry for the
delay: my ARM test box was acting unreliable and I spent way too long ruling out
obscure failure modes before I noticed that its swap device was throwing I/O
errors on all writes...

It's against glibc head as of Saturday 26th, bf469f0ce98.

Tested with these flag combinations on {i686,x86_64)-pc-linux-gnu (with GCC
6.2.1-20161118, binutils 2.27.0.20160920, and kernel headers for v4.7.4):

--enable-omitfp --enable-stack-protector=all
--enable-stack-protector
--enable-stack-protector=strong
--enable-stack-protector=all
--enable-stackguard-randomization --enable-stack-protector=all
--enable-omitfp --enable-stackguard-randomization --enable-stack-protector
--enable-omitfp --enable-stackguard-randomization --enable-stack-protector=strong
--enable-omitfp --enable-stackguard-randomization --enable-stack-protector=all
--disable-stack-protector
--enable-stack-protector=no

(The only skipped tests were the AVX math tests, since the test machine is not
AVX-capable.)

Tested with with these flag combinations on sparc{32,64}-pc-linux-gnu (with GCC
4.9.1-20140922 (a bit old, sorry), binutils 2.24, and kernel headers for
v4.1.12):

--enable-stack-protector
--enable-stack-protector=strong
--enable-stackguard-randomization --enable-stack-protector=strong
--enable-stackguard-randomization --enable-stack-protector=all
--disable-stack-protector

Tested with these flag combinations on armv7l-unknown-linux-gnueabihf (with GCC
4.8.5-2ubuntu1~14.04.1 (so -strong isn't available), binutils 2.24, and kernel
headers for v3.13.11):

--enable-stackguard-randomization --enable-stack-protector
--enable-stackguard-randomization --enable-stack-protector=all --enable-omitfp
--disable-stack-protector

No failures are observed that are not also observed on an unpatched glibc with
the same flag combinations (though there was one round of failures of the
localedata/wcs* tests with --enable-stack-protector on x86-32, and an
intermittent failure of the assertion in stdlib/tst-makecontext on sparc32,
these went away on retesting, so I regard them as likely spurious and unrelated
to the stack-protector patches.  The makecontext assertion also seems likely to
depend on the behaviour of the installed libgcc_s.so...)

On the copyright assignment front, I am informed that Oracle has a blanket
assignment on file for glibc work, so I don't need to do anything.  (Patch 8 is
in Adhemerval's name, but obviously there's no assignment problem there either.)

Overview of changes in this posting:

 - Drop some more libc_cv_predef_stack_protector checks that landed since my
   last series

 - Adjust assignment of rtld-CFLAGS to allow for i386 adding -mno-sse etc to it

 - Rebase atop the latest glibc and the ifunc_resolver work


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]