Stack protection via GCC's `-fstack-protector'

[Thomas Schwinge <tschwinge@gnu.org>]

[-- Attachment #1: Type: text/plain, Size: 3428 bytes --]

[Please keep both <bug-hurd@gnu.org> and <grub-devel@gnu.org> in the
recipients list.]


Hello!

For some time, GCC now offers the following feature:

info Gcc
#v+
`-fstack-protector'
     Emit extra code to check for buffer overflows, such as stack
     smashing attacks.  This is done by adding a guard variable to
     functions with vulnerable objects.  This includes functions that
     call alloca, and functions with buffers larger than 8 bytes.  The
     guards are initialized when a function is entered and then checked
     when the function exits.  If a guard check fails, an error message
     is printed and the program exits.
#v-

I now happen to be running a GCC 4.1 installation which has that one
enabled by default.  Unfortunately, building GNU Mach and GRUB2 (didn't
check GRUB legacy) is affected by that:

GRUB2
#v+
[...]
gcc -o kernel.exec kernel_img-kern_i386_pc_startup.o kernel_img-kern_main.o kernel_img-kern_device.o kernel_img-kern_disk.o kernel_img-kern_dl.o kernel_img-kern_file.o kernel_img-kern_fs.o kernel_img-kern_err.o kernel_img-kern_misc.o kernel_img-kern_mm.o kernel_img-kern_loader.o kernel_img-kern_rescue.o kernel_img-kern_term.o kernel_img-kern_i386_dl.o kernel_img-kern_i386_pc_init.o kernel_img-kern_parser.o kernel_img-kern_partition.o kernel_img-kern_env.o kernel_img-disk_i386_pc_biosdisk.o kernel_img-term_i386_pc_console.o kernel_img-symlist.o  -nostdlib -Wl,-N,-Ttext,8200 -fno-builtin -mrtd -mregparm=3 -m32
kernel_img-kern_device.o: In function `grub_device_iterate':
../kern/device.c:142: undefined reference to `__stack_chk_fail'
kernel_img-kern_disk.o: In function `grub_disk_write':
../kern/disk.c:553: undefined reference to `__stack_chk_fail'
kernel_img-kern_misc.o: In function `grub_vsprintf':
../kern/misc.c:897: undefined reference to `__stack_chk_fail'
kernel_img-kern_rescue.o: In function `grub_rescue_cmd_cat':
../kern/rescue.c:169: undefined reference to `__stack_chk_fail'
kernel_img-kern_i386_pc_init.o: In function `grub_machine_set_prefix':
../kern/i386/pc/init.c:239: undefined reference to `__stack_chk_fail'
kernel_img-kern_parser.o:../kern/parser.c:230: more undefined references to `__stack_chk_fail' follow
collect2: ld returned 1 exit status
make: *** [kernel.exec] Error 1
#v-

GNU Mach
#v+
[...]
ld -u _start -r -o gnumach.o --start-group  libkernel.a liblinux.a liblinux_pcmcia_cs_modules.a liblinux_pcmcia_cs_clients.a liblinux_pcmcia_cs_wireless.a 
nm -u gnumach.o | sed 's/  *U  *//;s/^_*//' | sort -u > gnumach-undef
sed '/^memcpy$/d; /^memmove$/d; /^memset$/d; /^bcopy$/d; /^bzero$/d; /^strchr$/d; /^strstr$/d; /^strsep$/d; /^strpbrk$/d; /^strtok$/d; /^htonl$/d; /^htons$/d; /^ntohl$/d; /^ntohs$/d; /^etext$/d; /^edata$/d; /^end$/d;' gnumach-undef > gnumach-undef-bad
if test -s gnumach-undef-bad; \
        then cat gnumach-undef-bad; exit 2; else true; fi
stack_chk_fail
make[2]: *** [clib-routines.o] Error 2
make[2]: Leaving directory `/fs/data/mount/home/thomas/tmp/source/gnumach/gnumach-1-branch/build'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/fs/data/mount/home/thomas/tmp/source/gnumach/gnumach-1-branch/build'
make: *** [all] Error 2
#v-


Is it feasible to have the `-fstack-protector' functionality in GNU Mach
and GRUB2 (and how to do that, then) or shall we unconditionally pass
`-fno-stack-protector' if available?


Regards,
 Thomas

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]