From 818924d1295ea16db267ea6defe08b21243583b6 Mon Sep 17 00:00:00 2001 From: Thomas Weißschuh Date: Sun, 21 May 2023 11:36:34 +0200 Subject: tools/nolibc: add autodetection for stackprotector support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The stackprotector support in nolibc should be enabled iff it is also enabled in the compiler. Use the preprocessor defines added by gcc and clang if stackprotector support is enable to automatically do so in nolibc. This completely removes the need for any user-visible API. To avoid inlining the lengthy preprocessor check into every user introduce a new header compiler.h that abstracts the logic away. As the define NOLIBC_STACKPROTECTOR is now not user-relevant anymore prefix it with an underscore. Suggested-by: Willy Tarreau Link: https://lore.kernel.org/lkml/20230520133237.GA27501@1wt.eu/ Signed-off-by: Thomas Weißschuh Signed-off-by: Willy Tarreau Signed-off-by: Paul E. McKenney --- tools/include/nolibc/compiler.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 tools/include/nolibc/compiler.h (limited to 'tools/include/nolibc/compiler.h') diff --git a/tools/include/nolibc/compiler.h b/tools/include/nolibc/compiler.h new file mode 100644 index 000000000000..57da75cea799 --- /dev/null +++ b/tools/include/nolibc/compiler.h @@ -0,0 +1,15 @@ +/* SPDX-License-Identifier: LGPL-2.1 OR MIT */ +/* + * NOLIBC compiler support header + * Copyright (C) 2023 Thomas Weißschuh + */ +#ifndef _NOLIBC_COMPILER_H +#define _NOLIBC_COMPILER_H + +#if defined(__SSP__) || defined(__SSP_STRONG__) || defined(__SSP_ALL__) || defined(__SSP_EXPLICIT__) + +#define _NOLIBC_STACKPROTECTOR + +#endif /* defined(__SSP__) ... */ + +#endif /* _NOLIBC_COMPILER_H */ -- cgit v1.2.3 From e76b70dec9c257f4ccebd7f98d1de97ed071f0d1 Mon Sep 17 00:00:00 2001 From: Thomas Weißschuh Date: Wed, 24 May 2023 08:44:44 +0200 Subject: tools/nolibc: fix segfaults on compilers without attribute no_stack_protector MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Not all compilers, notably GCC < 10, have support for __attribute__((no_stack_protector)). Fall back to a mechanism that also works there. Tested with GCC 9.5.0 from kernel.org crosstools. Signed-off-by: Thomas Weißschuh Signed-off-by: Willy Tarreau Signed-off-by: Paul E. McKenney --- tools/include/nolibc/arch-aarch64.h | 2 +- tools/include/nolibc/arch-arm.h | 2 +- tools/include/nolibc/arch-i386.h | 2 +- tools/include/nolibc/arch-loongarch.h | 2 +- tools/include/nolibc/arch-mips.h | 2 +- tools/include/nolibc/arch-riscv.h | 2 +- tools/include/nolibc/arch-x86_64.h | 2 +- tools/include/nolibc/compiler.h | 10 ++++++++++ tools/include/nolibc/stackprotector.h | 2 +- 9 files changed, 18 insertions(+), 8 deletions(-) (limited to 'tools/include/nolibc/compiler.h') diff --git a/tools/include/nolibc/arch-aarch64.h b/tools/include/nolibc/arch-aarch64.h index 64ec65b4ee38..11f294a406b7 100644 --- a/tools/include/nolibc/arch-aarch64.h +++ b/tools/include/nolibc/arch-aarch64.h @@ -175,7 +175,7 @@ char **environ __attribute__((weak)); const unsigned long *_auxv __attribute__((weak)); /* startup code */ -void __attribute__((weak,noreturn,optimize("omit-frame-pointer"),no_stack_protector)) _start(void) +void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) __no_stack_protector _start(void) { __asm__ volatile ( #ifdef _NOLIBC_STACKPROTECTOR diff --git a/tools/include/nolibc/arch-arm.h b/tools/include/nolibc/arch-arm.h index 924169522cf7..45b89ffe8247 100644 --- a/tools/include/nolibc/arch-arm.h +++ b/tools/include/nolibc/arch-arm.h @@ -202,7 +202,7 @@ char **environ __attribute__((weak)); const unsigned long *_auxv __attribute__((weak)); /* startup code */ -void __attribute__((weak,noreturn,optimize("omit-frame-pointer"),no_stack_protector)) _start(void) +void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) __no_stack_protector _start(void) { __asm__ volatile ( #ifdef _NOLIBC_STACKPROTECTOR diff --git a/tools/include/nolibc/arch-i386.h b/tools/include/nolibc/arch-i386.h index 37f813912957..3d672d925e9e 100644 --- a/tools/include/nolibc/arch-i386.h +++ b/tools/include/nolibc/arch-i386.h @@ -190,7 +190,7 @@ const unsigned long *_auxv __attribute__((weak)); * 2) The deepest stack frame should be set to zero * */ -void __attribute__((weak,noreturn,optimize("omit-frame-pointer"),no_stack_protector)) _start(void) +void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) __no_stack_protector _start(void) { __asm__ volatile ( #ifdef _NOLIBC_STACKPROTECTOR diff --git a/tools/include/nolibc/arch-loongarch.h b/tools/include/nolibc/arch-loongarch.h index d8ea7e787df4..ad3f266e7093 100644 --- a/tools/include/nolibc/arch-loongarch.h +++ b/tools/include/nolibc/arch-loongarch.h @@ -172,7 +172,7 @@ const unsigned long *_auxv __attribute__((weak)); #endif /* startup code */ -void __attribute__((weak,noreturn,optimize("omit-frame-pointer"),no_stack_protector)) _start(void) +void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) __no_stack_protector _start(void) { __asm__ volatile ( #ifdef _NOLIBC_STACKPROTECTOR diff --git a/tools/include/nolibc/arch-mips.h b/tools/include/nolibc/arch-mips.h index 9860236e5340..db24e0837a39 100644 --- a/tools/include/nolibc/arch-mips.h +++ b/tools/include/nolibc/arch-mips.h @@ -182,7 +182,7 @@ char **environ __attribute__((weak)); const unsigned long *_auxv __attribute__((weak)); /* startup code, note that it's called __start on MIPS */ -void __attribute__((weak,noreturn,optimize("omit-frame-pointer"),no_stack_protector)) __start(void) +void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) __no_stack_protector __start(void) { __asm__ volatile ( /*".set nomips16\n"*/ diff --git a/tools/include/nolibc/arch-riscv.h b/tools/include/nolibc/arch-riscv.h index 86616aeb77a0..a2e8564e66d6 100644 --- a/tools/include/nolibc/arch-riscv.h +++ b/tools/include/nolibc/arch-riscv.h @@ -180,7 +180,7 @@ char **environ __attribute__((weak)); const unsigned long *_auxv __attribute__((weak)); /* startup code */ -void __attribute__((weak,noreturn,optimize("omit-frame-pointer"),no_stack_protector)) _start(void) +void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) __no_stack_protector _start(void) { __asm__ volatile ( ".option push\n" diff --git a/tools/include/nolibc/arch-x86_64.h b/tools/include/nolibc/arch-x86_64.h index 485a7ff72a87..6fc4d8392742 100644 --- a/tools/include/nolibc/arch-x86_64.h +++ b/tools/include/nolibc/arch-x86_64.h @@ -190,7 +190,7 @@ const unsigned long *_auxv __attribute__((weak)); * 2) The deepest stack frame should be zero (the %rbp). * */ -void __attribute__((weak,noreturn,optimize("omit-frame-pointer"),no_stack_protector)) _start(void) +void __attribute__((weak,noreturn,optimize("omit-frame-pointer"))) __no_stack_protector _start(void) { __asm__ volatile ( #ifdef _NOLIBC_STACKPROTECTOR diff --git a/tools/include/nolibc/compiler.h b/tools/include/nolibc/compiler.h index 57da75cea799..beddc3665d69 100644 --- a/tools/include/nolibc/compiler.h +++ b/tools/include/nolibc/compiler.h @@ -12,4 +12,14 @@ #endif /* defined(__SSP__) ... */ +#if defined(__has_attribute) +# if __has_attribute(no_stack_protector) +# define __no_stack_protector __attribute__((no_stack_protector)) +# else +# define __no_stack_protector __attribute__((__optimize__("-fno-stack-protector"))) +# endif +#else +# define __no_stack_protector __attribute__((__optimize__("-fno-stack-protector"))) +#endif /* defined(__has_attribute) */ + #endif /* _NOLIBC_COMPILER_H */ diff --git a/tools/include/nolibc/stackprotector.h b/tools/include/nolibc/stackprotector.h index 0a89e2b89ca6..88f7b2d098ff 100644 --- a/tools/include/nolibc/stackprotector.h +++ b/tools/include/nolibc/stackprotector.h @@ -37,7 +37,7 @@ void __stack_chk_fail_local(void) __attribute__((weak,section(".data.nolibc_stack_chk"))) uintptr_t __stack_chk_guard; -__attribute__((weak,no_stack_protector,section(".text.nolibc_stack_chk"))) +__attribute__((weak,section(".text.nolibc_stack_chk"))) __no_stack_protector void __stack_chk_init(void) { my_syscall3(__NR_getrandom, &__stack_chk_guard, sizeof(__stack_chk_guard), 0); -- cgit v1.2.3