diff options
| author | Tim Schumacher <timschumi@gmx.de> | 2022-10-25 23:53:07 +0200 |
|---|---|---|
| committer | Linus Groh <mail@linusgroh.de> | 2022-11-01 14:49:09 +0000 |
| commit | 678db534ff772cb9d35d7edf10af8a9f89ad3638 (patch) | |
| tree | 765539a01d0cb93685e08d54dc67476bb9faf1ed /Userland/Libraries/LibC | |
| parent | 7834e26ddb6f0205b8a4688b5df339f50803cc48 (diff) | |
| download | serenity-678db534ff772cb9d35d7edf10af8a9f89ad3638.zip | |
LibC: Properly implement stack protectors
The shared parts are now firmly compiled into LibC instead of being
defined as a static library and then being copied over manually.
The non-shared ("local") parts are kept as a static library that is
linked into each binary on demand.
This finally allows us to support linking with the -fstack-protector
flag, which now replaces the `ssp` target being linked into each binary
accidentally via CMake.
Diffstat (limited to 'Userland/Libraries/LibC')
| -rw-r--r-- | Userland/Libraries/LibC/CMakeLists.txt | 22 | ||||
| -rw-r--r-- | Userland/Libraries/LibC/ssp.cpp | 5 | ||||
| -rw-r--r-- | Userland/Libraries/LibC/ssp_nonshared.cpp | 20 |
3 files changed, 30 insertions, 17 deletions
diff --git a/Userland/Libraries/LibC/CMakeLists.txt b/Userland/Libraries/LibC/CMakeLists.txt index bdc7769e66..5c91f50a32 100644 --- a/Userland/Libraries/LibC/CMakeLists.txt +++ b/Userland/Libraries/LibC/CMakeLists.txt @@ -46,6 +46,7 @@ set(LIBC_SOURCES shadow.cpp signal.cpp spawn.cpp + ssp.cpp stat.cpp stdio.cpp stdlib.cpp @@ -129,15 +130,10 @@ add_custom_command( COMMAND "${CMAKE_COMMAND}" -E copy $<TARGET_OBJECTS:crtn> ${CMAKE_INSTALL_PREFIX}/usr/lib/crtn.o ) -set_source_files_properties (ssp.cpp PROPERTIES COMPILE_FLAGS - "-fno-stack-protector") -add_library(ssp STATIC ssp.cpp) -target_link_libraries(ssp PRIVATE NoCoverage) -add_custom_command( - TARGET ssp - COMMAND "${CMAKE_COMMAND}" -E copy $<TARGET_OBJECTS:ssp> ${CMAKE_INSTALL_PREFIX}/usr/lib/ssp.o -) -install(FILES ${CMAKE_CURRENT_BINARY_DIR}/libssp.a DESTINATION ${CMAKE_INSTALL_PREFIX}/usr/lib/) +set_source_files_properties (ssp_nonshared.cpp PROPERTIES COMPILE_FLAGS "-fno-stack-protector") +add_library(ssp_nonshared STATIC ssp_nonshared.cpp) +target_link_libraries(ssp_nonshared PRIVATE NoCoverage) +install(FILES ${CMAKE_CURRENT_BINARY_DIR}/libssp_nonshared.a DESTINATION ${CMAKE_INSTALL_PREFIX}/usr/lib/) set(SOURCES ${LIBC_SOURCES} ${AK_SOURCES} ${ELF_SOURCES} ${ASM_SOURCES}) @@ -149,18 +145,19 @@ if (CMAKE_CXX_COMPILER_ID STREQUAL "GNU") set_source_files_properties(string.cpp wchar.cpp PROPERTIES COMPILE_FLAGS "-fno-tree-loop-distribution -fno-tree-loop-distribute-patterns") endif() +set_source_files_properties(ssp.cpp PROPERTIES COMPILE_FLAGS "-fno-stack-protector") + add_library(LibCStaticWithoutDeps STATIC ${SOURCES}) target_link_libraries(LibCStaticWithoutDeps PUBLIC ssp LibTimeZone PRIVATE NoCoverage) add_dependencies(LibCStaticWithoutDeps LibSystem LibUBSanitizer) add_custom_target(LibCStatic COMMAND ${CMAKE_AR} -x $<TARGET_FILE:LibCStaticWithoutDeps> - COMMAND ${CMAKE_AR} -x $<TARGET_FILE:ssp> COMMAND ${CMAKE_AR} -x $<TARGET_FILE:LibSystemStatic> COMMAND ${CMAKE_AR} -x $<TARGET_FILE:LibUBSanitizerStatic> COMMAND ${CMAKE_AR} -rcs ${CMAKE_CURRENT_BINARY_DIR}/libc.a *.o WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR} - DEPENDS LibCStaticWithoutDeps ssp LibSystemStatic LibUBSanitizerStatic + DEPENDS LibCStaticWithoutDeps LibSystemStatic LibUBSanitizerStatic ) install(FILES ${CMAKE_CURRENT_BINARY_DIR}/libc.a DESTINATION ${CMAKE_INSTALL_PREFIX}/usr/lib/) @@ -174,7 +171,7 @@ set_property( set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -nolibc") serenity_libc(LibC c) add_dependencies(LibC crti crt0 crt0_shared crtn) -target_link_libraries(LibC ssp LibSystem LibTimeZone) +target_link_libraries(LibC LibSystem LibTimeZone) # We mark LibCStatic as a dependency of LibC because this triggers the build of the LibCStatic target add_dependencies(LibC LibCStatic) @@ -183,3 +180,4 @@ add_dependencies(LibC LibCStatic) file(WRITE "${CMAKE_STAGING_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libpthread.so" "INPUT(libc.so)") file(WRITE "${CMAKE_STAGING_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libdl.so" "INPUT(libc.so)") file(WRITE "${CMAKE_STAGING_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libm.so" "INPUT(libc.so)") +file(WRITE "${CMAKE_STAGING_PREFIX}/${CMAKE_INSTALL_LIBDIR}/libssp.so" "INPUT(libc.so)") diff --git a/Userland/Libraries/LibC/ssp.cpp b/Userland/Libraries/LibC/ssp.cpp index 7660151d1b..edc1c3912b 100644 --- a/Userland/Libraries/LibC/ssp.cpp +++ b/Userland/Libraries/LibC/ssp.cpp @@ -28,9 +28,4 @@ __attribute__((noreturn)) void __stack_chk_fail() abort(); } -__attribute__((noreturn)) void __stack_chk_fail_local() -{ - __stack_chk_fail(); -} - } // extern "C" diff --git a/Userland/Libraries/LibC/ssp_nonshared.cpp b/Userland/Libraries/LibC/ssp_nonshared.cpp new file mode 100644 index 0000000000..1db9c6b729 --- /dev/null +++ b/Userland/Libraries/LibC/ssp_nonshared.cpp @@ -0,0 +1,20 @@ +/* + * Copyright (c) 2021, Brian Gianforcaro <bgianf@serenityos.org> + * + * SPDX-License-Identifier: BSD-2-Clause + */ + +#include <sys/internals.h> + +#if defined __SSP__ || defined __SSP_ALL__ +# error "file must not be compiled with stack protection enabled on it. Use -fno-stack-protector" +#endif + +extern "C" { + +__attribute__((noreturn)) void __stack_chk_fail_local() +{ + __stack_chk_fail(); +} + +} // extern "C" |