601718 – sys-libs/glibc: ENABLE_SSP_SMASH_DUMPS_CORE is not reliable

Bug 601718 - sys-libs/glibc: ENABLE_SSP_SMASH_DUMPS_CORE is not reliable

Summary: sys-libs/glibc: ENABLE_SSP_SMASH_DUMPS_CORE is not reliable

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Toolchain Maintainers

URL:	https://crbug.com/406598
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2016-12-05 19:55 UTC by SpanKY
Modified:	2018-05-20 16:06 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SpanKY gentoo-dev

2016-12-05 19:55:58 UTC

as debugged in https://crbug.com/406598 (see comment #50), the current ENABLE_SSP_SMASH_DUMPS_CORE logic in chk_fail.c code is not reliable.  see this file for details:
sys-libs/glibc/files/2.20/glibc-2.20-gentoo-chk_fail.c

it is possible for things to race such that the SIGABRT is not delivered before the SIGKILL is sent & delivered, and the kernel could deliver the SIGKILL thus disabling the possibility to catch the signal or get a coredump.

in CrOS, we solved this by calling abort() directly:
-           INLINE_SYSCALL(kill, 2, pid, SIGABRT);
+       /* Use abort() directly. https://crbug.com/406598 */
+       abort();

the glibc code goes through a lot of effort to actually trigger an abort and not simply kill itself.  in Gentoo, we're not keen on calling abort() because chk_fail itself is designed to only make syscalls directly.  maybe in this case we can make an exception since ENABLE_SSP_SMASH_DUMPS_CORE is only active when USE=debug is turned on ...

Comment 1 Magnus Granberg gentoo-dev

2016-12-06 21:46:52 UTC

is okay

Comment 2 Andreas K. Hüttel archtester

2018-04-21 20:43:29 UTC

So who knows if this is still relevant in any way? I don't.

Comment 3 Larry the Git Cow gentoo-dev

2018-04-21 21:25:28 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3c4ea812e61978466afdbf77e44e04f808762e07

commit 3c4ea812e61978466afdbf77e44e04f808762e07
Author:     Andreas K. Hüttel <dilfridge@gentoo.org>
AuthorDate: 2018-04-21 21:24:59 +0000
Commit:     Andreas K. Hüttel <dilfridge@gentoo.org>
CommitDate: 2018-04-21 21:25:19 +0000

    sys-libs/glibc: Remove useflag debug and related logic. Bug 601718.
    
    Closes: https://bugs.gentoo.org/601718
    Package-Manager: Portage-2.3.27, Repoman-2.3.9

 sys-libs/glibc/glibc-9999.ebuild | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

Comment 4 Larry the Git Cow gentoo-dev

2018-05-20 16:06:10 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=134eb78addb5db67d99bc8e3580b68b38343512d

commit 134eb78addb5db67d99bc8e3580b68b38343512d
Author:     Andreas K. Hüttel <dilfridge@gentoo.org>
AuthorDate: 2018-05-20 16:04:55 +0000
Commit:     Andreas K. Hüttel <dilfridge@gentoo.org>
CommitDate: 2018-05-20 16:05:53 +0000

    sys-libs/glibc: Stop installing SSP and FORTIFY_SOURCE handler
    
    [12:38:42] <Zorry> dilfridge: you can remove the einfo "Installing
               Hardened Gentoo SSP and FORTIFY_SOURCE handler" and cp files too
    [12:38:53] <Zorry> for glibc
    [12:50:17] <dilfridge> ok
    [12:50:20] <dilfridge> will do
    
    Closes: https://bugs.gentoo.org/601718
    Package-Manager: Portage-2.3.36, Repoman-2.3.9

 sys-libs/glibc/glibc-9999.ebuild | 9 ---------
 1 file changed, 9 deletions(-)