[uClibc] some patches/cleanups

Peter S. Mazinger ps.m at gmx.net
Wed Sep 1 12:47:42 UTC 2004 

On Wed, 1 Sep 2004, Joakim Tjernlund wrote:

> > Remaining issues:
> > 1. all the libs except libc can be built fully protected, but there is 
> > no location where this can be defined generally (the same CFLAGS is used 
> > almost over all of the build system and there are no special defines if we 
> > are building libc/libm/utilities and so on,
> > glibc uses IN_libc/NOT_IN_libc for ex.)
> 
> Can you explain what you mean with "fully protected" and how IN_libc/NOT_IN_libc
> should be used?

Propolice (SSP) is a stack protector addon for gcc (see link in uclibc's
Config.in). The procedure was modified by gentoo so that __guard() and 
__stack_smash_handler() were removed from gcc's libgcc library and moved 
to libc because of too much trouble, this was "ported" by me to uclibc 
(patching the libc/misc/internals/__uClibc_main.c file and adding 
libc/sysdeps/linux/common/ssp.c) enabled by the UCLIBC_PROPOLICE option.
Due to the fact that __guard and __stack_smash_handler reside now in 
libc, libc can't be built w/ both -fstack-protector and 
-fstack-protector-all options enabled, the second one can't be used.
Also if a protector patched gcc is found ld.so has to be built w/o any 
protection (Rules.mak: SSP_LDSO_CFLAGS=-fno-stack-protector used in 
ldso/ldso/Makefile, from my latest patches)
My problem:
Rules.mak defines a generic CFLAGS used everywhere (less 
ldso/ldso,ldso/libdl,and in utils for hostutils)

I would use
SSP_CFLAGS=-fstack-protector -fstack-protector-all applying for 
all generally (this is full protection) and
SSP_LIBC_CFLAGS=-fno-stack-protector-all -fstack-protector 
applying to libc build (currently used as SSP_CFLAGS)

I would add generally SSP_CFLAGS to CFLAGS if not building libc, else 
SSP_LIBC_CFLAGS but I do not have any info at build time (at Rules.mak 
inclusion time) what I am building, for ex.
ifdef IN_libc
CFLAGS+=$(SSP_LIBC_CFLAGS)
else
CFLAGS+=$(SSP_CFLAGS)
endif

I tried to define this in libc/Makefile, but this is not inherited to all 
object builds under libc, so the only way I have found, is to patch all
{libcrypt,libm,libpthread,libnsl,libintl,libresolv,libutil,utils}/Makefile-s,
CFLAGS defaulting to -fno-stack-protector-all and replacing that w/ 
-fstack-protector-all in all these makefiles.

Peter

-- 
Peter S. Mazinger <ps dot m at gmx dot net>           ID: 0xA5F059F2
Key fingerprint = 92A4 31E1 56BC 3D5A 2D08  BB6E C389 975E A5F0 59F2


____________________________________________________________________
Miert fizetsz az internetert? Korlatlan, ingyenes internet hozzaferes a FreeStarttol.
Probald ki most! http://www.freestart.hu

More information about the uClibc mailing list