From: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] toolchain: improve SSP logic
Date: Tue, 15 Mar 2016 16:39:57 +0000 [thread overview]
Message-ID: <56E83ADD.3090809@imgtec.com> (raw)
In-Reply-To: <1458059967-37755-1-git-send-email-Vincent.Riera@imgtec.com>
Ignore this one.
Regards,
Vincent.
On 15/03/16 16:39, Vicente Olivert Riera wrote:
> Don't enable SSP support on external toolchains just because they use
> glibc or musl. Instead of that, make the external toolchains explictily
> declare if they support SSP or not. And also add a check to detect SSP
> support when using custom external toolchains.
>
> For internal toolchains we always enable SSP support for glibc and musl.
>
> Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
> ---
> package/glibc/Config.in | 1 +
> package/musl/Config.in | 1 +
> toolchain/Config.in | 2 --
> toolchain/helpers.mk | 18 ++++++++++++++++
> toolchain/toolchain-external/Config.in | 24 ++++++++++++++++++++--
> toolchain/toolchain-external/toolchain-external.mk | 1 +
> 6 files changed, 43 insertions(+), 4 deletions(-)
>
> diff --git a/package/glibc/Config.in b/package/glibc/Config.in
> index 0565162..a2d5c1a 100644
> --- a/package/glibc/Config.in
> +++ b/package/glibc/Config.in
> @@ -29,6 +29,7 @@ config BR2_PACKAGE_GLIBC
> bool
> default y
> select BR2_PACKAGE_LINUX_HEADERS
> + select BR2_TOOLCHAIN_HAS_SSP
>
> choice
> prompt "glibc version"
> diff --git a/package/musl/Config.in b/package/musl/Config.in
> index f1a3150..c263006 100644
> --- a/package/musl/Config.in
> +++ b/package/musl/Config.in
> @@ -4,3 +4,4 @@ config BR2_PACKAGE_MUSL
> default y
> select BR2_PACKAGE_LINUX_HEADERS
> select BR2_PACKAGE_NETBSD_QUEUE
> + select BR2_TOOLCHAIN_HAS_SSP
> diff --git a/toolchain/Config.in b/toolchain/Config.in
> index fc30c6e..e0044c1 100644
> --- a/toolchain/Config.in
> +++ b/toolchain/Config.in
> @@ -15,7 +15,6 @@ config BR2_TOOLCHAIN_USES_GLIBC
> select BR2_TOOLCHAIN_HAS_THREADS_DEBUG
> select BR2_TOOLCHAIN_HAS_THREADS_NPTL
> select BR2_TOOLCHAIN_HAS_SHADOW_PASSWORDS
> - select BR2_TOOLCHAIN_HAS_SSP
>
> config BR2_TOOLCHAIN_USES_UCLIBC
> bool
> @@ -27,7 +26,6 @@ config BR2_TOOLCHAIN_USES_MUSL
> select BR2_TOOLCHAIN_HAS_THREADS
> select BR2_TOOLCHAIN_HAS_THREADS_DEBUG
> select BR2_TOOLCHAIN_HAS_THREADS_NPTL
> - select BR2_TOOLCHAIN_HAS_SSP
>
> choice
> prompt "Toolchain type"
> diff --git a/toolchain/helpers.mk b/toolchain/helpers.mk
> index ee878e8..d8276ab 100644
> --- a/toolchain/helpers.mk
> +++ b/toolchain/helpers.mk
> @@ -421,6 +421,24 @@ check_unusable_toolchain = \
> fi
>
> #
> +# Check if the toolchain has SSP (stack smashing protector) support
> +#
> +# $1: cross-gcc path
> +#
> +check_toolchain_ssp = \
> + __CROSS_CC=$(strip $1) ; \
> + __HAS_SSP=`echo 'void main(){}' | $${__CROSS_CC} -fstack-protector -x c - -o $(BUILD_DIR)/.br-toolchain-test.tmp && echo y` ; \
> + if [ "$(BR2_TOOLCHAIN_HAS_SSP)" != "y" -a "$${__HAS_SSP}" = "y" ] ; then \
> + echo "SSP support available in this toolchain, please enable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP" ; \
> + exit 1 ; \
> + fi ; \
> + if [ "$(BR2_TOOLCHAIN_HAS_SSP)" = "y" -a "$${__HAS_SSP}" != "y" ] ; then \
> + echo "SSP support not available in this toolchain, please disable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP" ; \
> + exit 1 ; \
> + fi ; \
> + rm -f $(BUILD_DIR)/.br-toolchain-test.tmp*
> +
> +#
> # Generate gdbinit file for use with Buildroot
> #
> gen_gdbinit_file = \
> diff --git a/toolchain/toolchain-external/Config.in b/toolchain/toolchain-external/Config.in
> index ff759a0..0b3cff3 100644
> --- a/toolchain/toolchain-external/Config.in
> +++ b/toolchain/toolchain-external/Config.in
> @@ -22,6 +22,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM
> depends on BR2_ARM_EABIHF
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_1
> @@ -44,6 +45,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM
> depends on BR2_ARM_EABIHF
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_0
> @@ -66,6 +68,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARMEB
> depends on BR2_ARM_EABIHF
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_1
> @@ -88,6 +91,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARMEB
> depends on BR2_ARM_EABIHF
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_0
> @@ -108,6 +112,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM
> depends on BR2_ARM_EABI
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -143,6 +148,7 @@ config BR2_TOOLCHAIN_EXTERNAL_ARAGO_ARMV7A
> depends on BR2_ARM_CPU_HAS_VFPV3
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -166,6 +172,7 @@ config BR2_TOOLCHAIN_EXTERNAL_ARAGO_ARMV5TE
> depends on BR2_ARM_EABI
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -185,6 +192,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS
> depends on !BR2_MIPS_NABI32
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -408,6 +416,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII
> depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -425,6 +434,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_POWERPC_E500V2
> depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -443,6 +453,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_POWERPC
> depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -476,6 +487,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_SH
> depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -502,6 +514,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_AMD64
> depends on !BR2_STATIC_LIBS
> depends on BR2_x86_jaguar || BR2_x86_steamroller
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -527,6 +540,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_X86
> depends on !BR2_x86_jaguar
> depends on !BR2_x86_steamroller
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> @@ -572,6 +586,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_AARCH64
> depends on BR2_HOSTARCH = "x86"
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_INSTALL_LIBSTDCPP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_7
> @@ -587,6 +602,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_AARCH64
> depends on BR2_HOSTARCH = "x86_64"
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_INSTALL_LIBSTDCPP
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> select BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_0
> @@ -601,6 +617,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_AARCH64
> depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
> depends on !BR2_STATIC_LIBS
> select BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> @@ -625,6 +642,7 @@ config BR2_TOOLCHAIN_EXTERNAL_MUSL_CROSS
> # Unsupported for MIPS R6
> depends on !BR2_mips_32r6 && !BR2_mips_64r6
> select BR2_TOOLCHAIN_EXTERNAL_MUSL
> + select BR2_TOOLCHAIN_HAS_SSP
> select BR2_INSTALL_LIBSTDCPP
> select BR2_HOSTARCH_NEEDS_IA32_LIBS
> select BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
> @@ -1018,17 +1036,19 @@ config BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_NPTL
>
> endif # BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS
>
> +endif # BR2_TOOLCHAIN_EXTERNAL_CUSTOM_UCLIBC
> +
> config BR2_TOOLCHAIN_EXTERNAL_HAS_SSP
> bool "Toolchain has SSP support?"
> select BR2_TOOLCHAIN_HAS_SSP
> + default y if BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + default y if BR2_TOOLCHAIN_EXTERNAL_MUSL
> help
> Selection this option if your external toolchain has Stack
> Smashing Protection support enabled. If you don't know,
> leave the default value, Buildroot will tell you if it's
> correct or not.
>
> -endif # BR2_TOOLCHAIN_EXTERNAL_CUSTOM_UCLIBC
> -
> config BR2_TOOLCHAIN_EXTERNAL_INET_RPC
> bool "Toolchain has RPC support?"
> select BR2_TOOLCHAIN_HAS_NATIVE_RPC
> diff --git a/toolchain/toolchain-external/toolchain-external.mk b/toolchain/toolchain-external/toolchain-external.mk
> index 37e1a2e..00fa572 100644
> --- a/toolchain/toolchain-external/toolchain-external.mk
> +++ b/toolchain/toolchain-external/toolchain-external.mk
> @@ -502,6 +502,7 @@ define TOOLCHAIN_EXTERNAL_CONFIGURE_CMDS
> else \
> $(call check_glibc,$${SYSROOT_DIR}) ; \
> fi
> + $(Q)$(call check_toolchain_ssp,$(TOOLCHAIN_EXTERNAL_CC))
> endef
>
> # With the musl C library, the libc.so library directly plays the role
>
next prev parent reply other threads:[~2016-03-15 16:39 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-15 16:39 [Buildroot] [PATCH] toolchain: improve SSP logic Vicente Olivert Riera
2016-03-15 16:39 ` Vicente Olivert Riera [this message]
-- strict thread matches above, loose matches on Subject: below --
2016-03-08 16:08 Vicente Olivert Riera
2016-03-08 16:13 ` Thomas Petazzoni
2016-03-08 16:18 ` Vicente Olivert Riera
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56E83ADD.3090809@imgtec.com \
--to=vincent.riera@imgtec.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.