* [Buildroot] [PATCH 0/3] Allow toolchain to indicate if they support SSP strong
@ 2020-02-20 2:01 Thomas Petazzoni
2020-02-20 2:01 ` [Buildroot] [PATCH 1/3] toolchain: add hidden BR2_TOOLCHAIN_HAS_SSP_STRONG boolean Thomas Petazzoni
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Thomas Petazzoni @ 2020-02-20 2:01 UTC (permalink / raw)
To: buildroot
Hello,
In the autobuilders, we are seen build failures when the old
CodeSourcery ARM toolchain is selected, and BR2_SSP_STRONG=y.
Indeed, this toolchain has gcc 4.8, and it doesn't support
-fstack-protector-strong.
Unfortunately, we cannot simply make BR2_SSP_STRONG depend on gcc >=
4.9, because as explained in the BR2_SSP_STRONG help text, some custom
toolchains with gcc < 4.9 have had the SSP strong support backported.
So, we introduce a BR2_TOOLCHAIN_HAS_SSP_STRONG hidden boolean. It is
enabled as soon as SSP is available *and* gcc >= 4.9, so that most
cases are covered without the need for each toolchain to select
BR2_TOOLCHAIN_HAS_SSP_STRONG.
The only case require special attention is custom external toolchains,
for which we add a visble Config.in option that allows the user to
explicitly indicate if the toolchain supports SSP strong.
Thanks to this small patch series, we will be able to avoid the build
failure in the autobuilders.
Thanks,
Thomas
Thomas Petazzoni (3):
toolchain: add hidden BR2_TOOLCHAIN_HAS_SSP_STRONG boolean
toolchain/toolchain-external/toolchain-external-custom: add option to
indicate SSP_STRONG support
Config.in: ensure BR2_SSP_STRONG can only be selected if supported
Config.in | 1 +
toolchain/Config.in | 4 ++++
.../toolchain-external-custom/Config.in.options | 12 ++++++++++++
3 files changed, 17 insertions(+)
--
2.24.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/3] toolchain: add hidden BR2_TOOLCHAIN_HAS_SSP_STRONG boolean
2020-02-20 2:01 [Buildroot] [PATCH 0/3] Allow toolchain to indicate if they support SSP strong Thomas Petazzoni
@ 2020-02-20 2:01 ` Thomas Petazzoni
2020-02-20 2:01 ` [Buildroot] [PATCH 2/3] toolchain/toolchain-external/toolchain-external-custom: add option to indicate SSP_STRONG support Thomas Petazzoni
2020-02-20 2:01 ` [Buildroot] [PATCH 3/3] Config.in: ensure BR2_SSP_STRONG can only be selected if supported Thomas Petazzoni
2 siblings, 0 replies; 5+ messages in thread
From: Thomas Petazzoni @ 2020-02-20 2:01 UTC (permalink / raw)
To: buildroot
This will allow toolchain to indicate if they support
-fstack-protector-strong or not.
Whenever the gcc version is >= 4.9, we always have SSP_STRONG support
if we have SSP support. However, some toolchains older than gcc 4.9
might have backported SSP_STRONG support, which is why we cannot rely
just on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9.
Having this "default" value allows to avoid adding a "select
BR2_TOOLCHAIN_HAS_SSP_STRONG" in the internal toolchain logic plus in
almost external toolchains. But it allows custom external toolchains
that are pre-4.9 to potentially declare that they support strong SSP.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
toolchain/Config.in | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/toolchain/Config.in b/toolchain/Config.in
index 973c03254f..87509f3d64 100644
--- a/toolchain/Config.in
+++ b/toolchain/Config.in
@@ -189,6 +189,10 @@ config BR2_TOOLCHAIN_HAS_THREADS_NPTL
config BR2_TOOLCHAIN_HAS_SSP
bool
+config BR2_TOOLCHAIN_HAS_SSP_STRONG
+ bool
+ default y if BR2_TOOLCHAIN_HAS_SSP && BR2_TOOLCHAIN_GCC_AT_LEAST_4_9
+
config BR2_TOOLCHAIN_HAS_UCONTEXT
bool
--
2.24.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 2/3] toolchain/toolchain-external/toolchain-external-custom: add option to indicate SSP_STRONG support
2020-02-20 2:01 [Buildroot] [PATCH 0/3] Allow toolchain to indicate if they support SSP strong Thomas Petazzoni
2020-02-20 2:01 ` [Buildroot] [PATCH 1/3] toolchain: add hidden BR2_TOOLCHAIN_HAS_SSP_STRONG boolean Thomas Petazzoni
@ 2020-02-20 2:01 ` Thomas Petazzoni
2020-02-20 22:04 ` Yann E. MORIN
2020-02-20 2:01 ` [Buildroot] [PATCH 3/3] Config.in: ensure BR2_SSP_STRONG can only be selected if supported Thomas Petazzoni
2 siblings, 1 reply; 5+ messages in thread
From: Thomas Petazzoni @ 2020-02-20 2:01 UTC (permalink / raw)
To: buildroot
This commit adds a user-visible option
BR2_TOOLCHAIN_EXTERNAL_HAS_SSP_STRONG, which will allow the user to
indicate if the custom external toolchain does or does not have
SSP_STRONG support. Depending on this, the user will be able to use
(or not) the BR2_SSP_STRONG option.
Checking if what the user said is true or not about this is already
done in toolchain/toolchain-external/pkg-toolchain-external.mk:
$$(Q)$$(call check_toolchain_ssp,$$(TOOLCHAIN_EXTERNAL_CC),$(BR2_SSP_OPTION))
If the user selects BR2_SSP_STRONG, this will check if
-fstack-protector-strong is really supported.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
.../toolchain-external-custom/Config.in.options | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/toolchain/toolchain-external/toolchain-external-custom/Config.in.options b/toolchain/toolchain-external/toolchain-external-custom/Config.in.options
index 302f6babac..c8cd2c03cc 100644
--- a/toolchain/toolchain-external/toolchain-external-custom/Config.in.options
+++ b/toolchain/toolchain-external/toolchain-external-custom/Config.in.options
@@ -410,6 +410,18 @@ config BR2_TOOLCHAIN_EXTERNAL_HAS_SSP
leave the default value, Buildroot will tell you if it's
correct or not.
+config BR2_TOOLCHAIN_EXTERNAL_HAS_SSP_STRONG
+ bool "Toolchain has SSP strong support?"
+ default y if BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 && BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ default y if BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 && BR2_TOOLCHAIN_EXTERNAL_MUSL
+ depends on BR2_TOOLCHAIN_EXTERNAL_HAS_SSP
+ select BR2_TOOLCHAIN_HAS_SSP_STRONG
+ help
+ Selection this option if your external toolchain has strong
+ Stack Smashing Protection support enabled. If you don't
+ know, leave the default value, Buildroot will tell you if
+ it's correct or not.
+
config BR2_TOOLCHAIN_EXTERNAL_INET_RPC
bool "Toolchain has RPC support?"
default y if BR2_TOOLCHAIN_EXTERNAL_GLIBC
--
2.24.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 3/3] Config.in: ensure BR2_SSP_STRONG can only be selected if supported
2020-02-20 2:01 [Buildroot] [PATCH 0/3] Allow toolchain to indicate if they support SSP strong Thomas Petazzoni
2020-02-20 2:01 ` [Buildroot] [PATCH 1/3] toolchain: add hidden BR2_TOOLCHAIN_HAS_SSP_STRONG boolean Thomas Petazzoni
2020-02-20 2:01 ` [Buildroot] [PATCH 2/3] toolchain/toolchain-external/toolchain-external-custom: add option to indicate SSP_STRONG support Thomas Petazzoni
@ 2020-02-20 2:01 ` Thomas Petazzoni
2 siblings, 0 replies; 5+ messages in thread
From: Thomas Petazzoni @ 2020-02-20 2:01 UTC (permalink / raw)
To: buildroot
This commit ensures that BR2_SSP_STRONG cannot be chosen if the
toolchain doesn't support strong SSP.
Fixes:
http://autobuild.buildroot.net/results/cba93a681d10692c4e4c5584e4c962bd18a608d4/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
---
Config.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/Config.in b/Config.in
index 5a4239bc9a..2913d39ec8 100644
--- a/Config.in
+++ b/Config.in
@@ -758,6 +758,7 @@ config BR2_SSP_REGULAR
config BR2_SSP_STRONG
bool "-fstack-protector-strong"
+ depends on BR2_TOOLCHAIN_HAS_SSP_STRONG
help
Like -fstack-protector but includes additional functions to be
protected - those that have local array definitions, or have
--
2.24.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 2/3] toolchain/toolchain-external/toolchain-external-custom: add option to indicate SSP_STRONG support
2020-02-20 2:01 ` [Buildroot] [PATCH 2/3] toolchain/toolchain-external/toolchain-external-custom: add option to indicate SSP_STRONG support Thomas Petazzoni
@ 2020-02-20 22:04 ` Yann E. MORIN
0 siblings, 0 replies; 5+ messages in thread
From: Yann E. MORIN @ 2020-02-20 22:04 UTC (permalink / raw)
To: buildroot
Thomas, All,
On 2020-02-20 03:01 +0100, Thomas Petazzoni spake thusly:
> This commit adds a user-visible option
> BR2_TOOLCHAIN_EXTERNAL_HAS_SSP_STRONG, which will allow the user to
> indicate if the custom external toolchain does or does not have
> SSP_STRONG support. Depending on this, the user will be able to use
> (or not) the BR2_SSP_STRONG option.
>
> Checking if what the user said is true or not about this is already
> done in toolchain/toolchain-external/pkg-toolchain-external.mk:
>
> $$(Q)$$(call check_toolchain_ssp,$$(TOOLCHAIN_EXTERNAL_CC),$(BR2_SSP_OPTION))
>
> If the user selects BR2_SSP_STRONG, this will check if
> -fstack-protector-strong is really supported.
>
> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
> ---
> .../toolchain-external-custom/Config.in.options | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/toolchain/toolchain-external/toolchain-external-custom/Config.in.options b/toolchain/toolchain-external/toolchain-external-custom/Config.in.options
> index 302f6babac..c8cd2c03cc 100644
> --- a/toolchain/toolchain-external/toolchain-external-custom/Config.in.options
> +++ b/toolchain/toolchain-external/toolchain-external-custom/Config.in.options
> @@ -410,6 +410,18 @@ config BR2_TOOLCHAIN_EXTERNAL_HAS_SSP
> leave the default value, Buildroot will tell you if it's
> correct or not.
>
> +config BR2_TOOLCHAIN_EXTERNAL_HAS_SSP_STRONG
> + bool "Toolchain has SSP strong support?"
> + default y if BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 && BR2_TOOLCHAIN_EXTERNAL_GLIBC
> + default y if BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 && BR2_TOOLCHAIN_EXTERNAL_MUSL
> + depends on BR2_TOOLCHAIN_EXTERNAL_HAS_SSP
> + select BR2_TOOLCHAIN_HAS_SSP_STRONG
> + help
> + Selection this option if your external toolchain has strong
*Select
Fixed, and whole series applied, thanks!
Regards,
Yann E. MORIN.
> + Stack Smashing Protection support enabled. If you don't
> + know, leave the default value, Buildroot will tell you if
> + it's correct or not.
> +
> config BR2_TOOLCHAIN_EXTERNAL_INET_RPC
> bool "Toolchain has RPC support?"
> default y if BR2_TOOLCHAIN_EXTERNAL_GLIBC
> --
> 2.24.1
>
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-02-20 22:04 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-02-20 2:01 [Buildroot] [PATCH 0/3] Allow toolchain to indicate if they support SSP strong Thomas Petazzoni
2020-02-20 2:01 ` [Buildroot] [PATCH 1/3] toolchain: add hidden BR2_TOOLCHAIN_HAS_SSP_STRONG boolean Thomas Petazzoni
2020-02-20 2:01 ` [Buildroot] [PATCH 2/3] toolchain/toolchain-external/toolchain-external-custom: add option to indicate SSP_STRONG support Thomas Petazzoni
2020-02-20 22:04 ` Yann E. MORIN
2020-02-20 2:01 ` [Buildroot] [PATCH 3/3] Config.in: ensure BR2_SSP_STRONG can only be selected if supported Thomas Petazzoni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox