* [Buildroot] [PATCH v1] package/ntpsec: fix Stack Smashing Protection detection @ 2023-02-11 16:32 Peter Seiderer 2023-02-11 16:49 ` Yann E. MORIN 0 siblings, 1 reply; 3+ messages in thread From: Peter Seiderer @ 2023-02-11 16:32 UTC (permalink / raw) To: buildroot Fix SSP missdetection (compiler supports '-fstack-protector-all' command line argument but selected libc/toolchain does not support SSP, e.g. i686-musl. Fixes: - http://autobuild.buildroot.net/results/ded9ad5badbcfa6552443d3ce0866722becfefbd [...] Checking if C compiler supports -fstack-protector-all : yes [...] Checking for type struct timex : no The configuration failed (complete log in .../build/ntpsec-1_2_2/build/config.log) And from build/ntpsec-1_2_2/build/config.log: err: .../host/lib/gcc/i686-buildroot-linux-musl/12.2.0/../../../../i686-buildroot-linux-musl/bin/ld: test.c.1.o: in function `main': test.c:(.text.startup+0x2a): undefined reference to `__stack_chk_fail_local' .../host/lib/gcc/i686-buildroot-linux-musl/12.2.0/../../../../i686-buildroot-linux-musl/bin/ld: .../build/ntpsec-1_2_2/build/.conf_check_01f3f794d5b6ffb7add7ce130581ae04/testbuild/main/testprog: hidden symbol `__stack_chk_fail_local' isn't defined .../host/lib/gcc/i686-buildroot-linux-musl/12.2.0/../../../../i686-buildroot-linux-musl/bin/ld: final link failed: bad value collect2: error: ld returned 1 exit status Signed-off-by: Peter Seiderer <ps.report@gmx.net> --- package/ntpsec/ntpsec.mk | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/package/ntpsec/ntpsec.mk b/package/ntpsec/ntpsec.mk index c7fa2f85a8..18a8353900 100644 --- a/package/ntpsec/ntpsec.mk +++ b/package/ntpsec/ntpsec.mk @@ -30,6 +30,15 @@ NTPSEC_DEPENDENCIES = \ libcap \ openssl +# prevent '-fstack-protector-all' compiler flag detection without +# ssp support (e.g. i686-musl) +ifeq ($(BR2_TOOLCHAIN_HAS_SSP),) +define NTPSEC_FORCE_DISABLE_SSP + $(SED) s/fstack-protector-all/fstack-protector-all-disabled/g $(@D)/wscript +endef +endif +NTPSEC_PRE_CONFIGURE_HOOKS += NTPSEC_FORCE_DISABLE_SSP + # CC="$(HOSTCC)" is strange but needed to build some host tools, the # cross-compiler will properly be used to build target code thanks to # --cross-compiler -- 2.39.1 _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH v1] package/ntpsec: fix Stack Smashing Protection detection 2023-02-11 16:32 [Buildroot] [PATCH v1] package/ntpsec: fix Stack Smashing Protection detection Peter Seiderer @ 2023-02-11 16:49 ` Yann E. MORIN 2023-02-11 17:55 ` Peter Seiderer 0 siblings, 1 reply; 3+ messages in thread From: Yann E. MORIN @ 2023-02-11 16:49 UTC (permalink / raw) To: Peter Seiderer; +Cc: buildroot Peter, All, On 2023-02-11 17:32 +0100, Peter Seiderer spake thusly: > Fix SSP missdetection (compiler supports '-fstack-protector-all' command > line argument but selected libc/toolchain does not support SSP, > e.g. i686-musl. > > Fixes: > > - http://autobuild.buildroot.net/results/ded9ad5badbcfa6552443d3ce0866722becfefbd > > [...] > Checking if C compiler supports -fstack-protector-all : yes > [...] > Checking for type struct timex : no > The configuration failed > (complete log in .../build/ntpsec-1_2_2/build/config.log) > > And from build/ntpsec-1_2_2/build/config.log: > > err: .../host/lib/gcc/i686-buildroot-linux-musl/12.2.0/../../../../i686-buildroot-linux-musl/bin/ld: test.c.1.o: in function `main': > test.c:(.text.startup+0x2a): undefined reference to `__stack_chk_fail_local' > .../host/lib/gcc/i686-buildroot-linux-musl/12.2.0/../../../../i686-buildroot-linux-musl/bin/ld: .../build/ntpsec-1_2_2/build/.conf_check_01f3f794d5b6ffb7add7ce130581ae04/testbuild/main/testprog: hidden symbol `__stack_chk_fail_local' isn't defined > .../host/lib/gcc/i686-buildroot-linux-musl/12.2.0/../../../../i686-buildroot-linux-musl/bin/ld: final link failed: bad value > collect2: error: ld returned 1 exit status > > Signed-off-by: Peter Seiderer <ps.report@gmx.net> > --- > package/ntpsec/ntpsec.mk | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/package/ntpsec/ntpsec.mk b/package/ntpsec/ntpsec.mk > index c7fa2f85a8..18a8353900 100644 > --- a/package/ntpsec/ntpsec.mk > +++ b/package/ntpsec/ntpsec.mk > @@ -30,6 +30,15 @@ NTPSEC_DEPENDENCIES = \ > libcap \ > openssl > > +# prevent '-fstack-protector-all' compiler flag detection without > +# ssp support (e.g. i686-musl) > +ifeq ($(BR2_TOOLCHAIN_HAS_SSP),) > +define NTPSEC_FORCE_DISABLE_SSP > + $(SED) s/fstack-protector-all/fstack-protector-all-disabled/g $(@D)/wscript > +endef > +endif > +NTPSEC_PRE_CONFIGURE_HOOKS += NTPSEC_FORCE_DISABLE_SSP Assigning to hooks should be done in the conditional if-block, not outside. But in Buildroot, the SSP flags are automatically handled by the wrapper, so we should just unconditionally remove said flags as set by the package, like was done in 50cbac5099b1 (package/sysvinit: add patch to fix compile without stack-protector support) for example (and no, that commit was not chosen totally at random ;-) ). Regards, Yann E. MORIN. > # CC="$(HOSTCC)" is strange but needed to build some host tools, the > # cross-compiler will properly be used to build target code thanks to > # --cross-compiler > -- > 2.39.1 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot -- .-----------------.--------------------.------------------.--------------------. | Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: | | +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ | | +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no | | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. | '------------------------------^-------^------------------^--------------------' _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH v1] package/ntpsec: fix Stack Smashing Protection detection 2023-02-11 16:49 ` Yann E. MORIN @ 2023-02-11 17:55 ` Peter Seiderer 0 siblings, 0 replies; 3+ messages in thread From: Peter Seiderer @ 2023-02-11 17:55 UTC (permalink / raw) To: Yann E. MORIN; +Cc: buildroot Hello Yann, *, On Sat, 11 Feb 2023 17:49:26 +0100, "Yann E. MORIN" <yann.morin.1998@free.fr> wrote: > Peter, All, > > On 2023-02-11 17:32 +0100, Peter Seiderer spake thusly: > > Fix SSP missdetection (compiler supports '-fstack-protector-all' command > > line argument but selected libc/toolchain does not support SSP, > > e.g. i686-musl. > > > > Fixes: > > > > - http://autobuild.buildroot.net/results/ded9ad5badbcfa6552443d3ce0866722becfefbd > > > > [...] > > Checking if C compiler supports -fstack-protector-all : yes > > [...] > > Checking for type struct timex : no > > The configuration failed > > (complete log in .../build/ntpsec-1_2_2/build/config.log) > > > > And from build/ntpsec-1_2_2/build/config.log: > > > > err: .../host/lib/gcc/i686-buildroot-linux-musl/12.2.0/../../../../i686-buildroot-linux-musl/bin/ld: test.c.1.o: in function `main': > > test.c:(.text.startup+0x2a): undefined reference to `__stack_chk_fail_local' > > .../host/lib/gcc/i686-buildroot-linux-musl/12.2.0/../../../../i686-buildroot-linux-musl/bin/ld: .../build/ntpsec-1_2_2/build/.conf_check_01f3f794d5b6ffb7add7ce130581ae04/testbuild/main/testprog: hidden symbol `__stack_chk_fail_local' isn't defined > > .../host/lib/gcc/i686-buildroot-linux-musl/12.2.0/../../../../i686-buildroot-linux-musl/bin/ld: final link failed: bad value > > collect2: error: ld returned 1 exit status > > > > Signed-off-by: Peter Seiderer <ps.report@gmx.net> > > --- > > package/ntpsec/ntpsec.mk | 9 +++++++++ > > 1 file changed, 9 insertions(+) > > > > diff --git a/package/ntpsec/ntpsec.mk b/package/ntpsec/ntpsec.mk > > index c7fa2f85a8..18a8353900 100644 > > --- a/package/ntpsec/ntpsec.mk > > +++ b/package/ntpsec/ntpsec.mk > > @@ -30,6 +30,15 @@ NTPSEC_DEPENDENCIES = \ > > libcap \ > > openssl > > > > +# prevent '-fstack-protector-all' compiler flag detection without > > +# ssp support (e.g. i686-musl) > > +ifeq ($(BR2_TOOLCHAIN_HAS_SSP),) > > +define NTPSEC_FORCE_DISABLE_SSP > > + $(SED) s/fstack-protector-all/fstack-protector-all-disabled/g $(@D)/wscript > > +endef > > +endif > > +NTPSEC_PRE_CONFIGURE_HOOKS += NTPSEC_FORCE_DISABLE_SSP > > Assigning to hooks should be done in the conditional if-block, not > outside. > > But in Buildroot, the SSP flags are automatically handled by the > wrapper, so we should just unconditionally remove said flags as set by > the package, like was done in 50cbac5099b1 (package/sysvinit: add patch > to fix compile without stack-protector support) for example (and no, > that commit was not chosen totally at random ;-) ). Nice reference ;-), do you prefer the above sed hack unconditionally (not sure if the wscript will add additional -lssp/-lssp_nonshared if available) or a patch removing the whole -fstack-protector-all/-lssp/-lssp_nonshared handling? Regards, Peter > > Regards, > Yann E. MORIN. > > > # CC="$(HOSTCC)" is strange but needed to build some host tools, the > > # cross-compiler will properly be used to build target code thanks to > > # --cross-compiler > > -- > > 2.39.1 > > > > _______________________________________________ > > buildroot mailing list > > buildroot@buildroot.org > > https://lists.buildroot.org/mailman/listinfo/buildroot > _______________________________________________ buildroot mailing list buildroot@buildroot.org https://lists.buildroot.org/mailman/listinfo/buildroot ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-02-11 17:55 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2023-02-11 16:32 [Buildroot] [PATCH v1] package/ntpsec: fix Stack Smashing Protection detection Peter Seiderer 2023-02-11 16:49 ` Yann E. MORIN 2023-02-11 17:55 ` Peter Seiderer
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox