Summary: | sys-fs/e2fsprogs should honour CFLAGS/LDFLAGS properly | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Alexander Gabert (RETIRED) <pappy> |
Component: | [OLD] Core system | Assignee: | Alexander Gabert (RETIRED) <pappy> |
Status: | RESOLVED TEST-REQUEST | ||
Severity: | major | CC: | solar, sparc |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
silo-1.4.5.ebuild.diff
libssp.diff libssp.diff |
Description
Alexander Gabert (RETIRED)
2004-05-18 06:39:27 UTC
Correction: the proper CFLAGS to silo would be "-fno-stack-protector" of course. Or filter-flags "-fstack-protector", which then adds CFLAGS "-fno-stack-protector" in the eclass. Thanks, Alex Created attachment 31940 [details, diff]
silo-1.4.5.ebuild.diff
Try this.
I am currently testing if e2fsprogs can be compiled without SSP symbols. However, this program belongs to the base profile, so in the long run we got to get it going with SSP and re-invent a -lssp method for adding the symbols to binaries and libraries without a dependency to glibc. however, the question remains how the application behaves when a binary depends on glibc, a dynamically linked library of it not and thus contains a reference to the "wrong" __guard in the libssp library. Then the problems with the libgcc and the new libssp would be interchangeable again and we could run into the same apache+php problem with double __guard trouble in binary and linked libraries. And maybe it just works til something big breaks. src_compile() { local myconf use static \ && myconf="${myconf} --with-ldopts=-static" \ || myconf="${myconf} --enable-dynamic-e2fsck --enable-elf-shlibs" econf \ `use_enable nls` \ ${myconf} || die # brute force the SSP exclusion flags into the Makefiles use sparc && has_ssp && \ find ${WORKDIR} -type f -name "Makefile" -exec sed -i "s/CFLAGS =/CFLAGS = -fno-stack-protector/g" {} \; # Parallel make sometimes fails emake -j1 || die } If this bug gets assigned to us, i can also still fix it myself. Thank you so much. even the CFLAGS are not fully used, the emerged library still contained guard references, currently trying with changed CC variable. Created attachment 31947 [details, diff]
libssp.diff
Untested patch for glibc to give you -lssp per our chat.
Comment on attachment 31947 [details, diff]
libssp.diff
patch was missing ssp.c
Created attachment 31948 [details, diff]
libssp.diff
libssp.diff that adds ${FILESDIR}/2.3.3/ssp.c
# readelf -s /usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/libgcc_s.so.1 | grep guard 110: 00000000 32 OBJECT GLOBAL DEFAULT UND __guard@GLIBC_2.3.2 (9) 274: 00000000 32 OBJECT GLOBAL DEFAULT UND __guard@@GLIBC_2.3.2 this current gcc contains guard references i dont know how much that plays into the creation of the libraries, but i doubt it is okay and i also think the guard symbols come into the library because gcc in the linking run fetches it from libgcc, even if -fno-stack-protector is set: 11:40:13 [/space/pappy/chroots/chroot003:4485.pts-31.evildrop]evildrop /var/tmp/portage/e2fsprogs-1.35/work/e2fsprogs-1.35/lib/ext2fs/elfshared # gcc -fno-stack-protector --shared -o libext2fs.so.2.4 -Wl,-soname,libext2fs.so.2 bb_compat.o cmp_bitmaps.o fileio.o inode_io.o namei.o write_bb_file.o rs_bitmap.o dupfs.o test_io.o imager.o ext2_err.o alloc.o alloc_sb.o alloc_stats.o alloc_tables.o badblocks.o bb_inode.o bitmaps.o bitops.o block.o bmap.o check_desc.o closefs.o dblist.o dblist_dir.o dirblock.o dirhash.o dir_iterate.o expanddir.o ext_attr.o finddev.o flushb.o freefs.o gen_bitmap.o get_pathname.o getsize.o getsectsize.o icount.o initialize.o inline.o inode.o ismounted.o link.o llseek.o lookup.o mkdir.o mkjournal.o native.o newdir.o openfs.o read_bb.o read_bb_file.o rw_bitmaps.o swapfs.o unix_io.o unlink.o valid_blk.o version.o -L../.. -lcom_err -fno-stack-protector-all -fno-stack-protector -v Reading specs from /usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/specs Configured with: /var/tmp/portage/gcc-3.3.3-r5/work/gcc-3.3.3/configure --prefix=/usr --bindir=/usr/sparc-unknown-linux-gnu/gcc-bin/3.3 --includedir=/usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/include --datadir=/usr/share/gcc-data/sparc-unknown-linux-gnu/3.3 --mandir=/usr/share/gcc-data/sparc-unknown-linux-gnu/3.3/man --infodir=/usr/share/gcc-data/sparc-unknown-linux-gnu/3.3/info --enable-shared --host=sparc-unknown-linux-gnu --target=sparc-unknown-linux-gnu --with-system-zlib --enable-languages=c,c++ --enable-threads=posix --enable-long-long --disable-checking --disable-libunwind-exceptions --enable-cstdio=stdio --enable-version-specific-runtime-libs --with-gxx-include-dir=/usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/include/g++-v3 --with-local-prefix=/usr/local --enable-shared --enable-nls --without-included-gettext --disable-multilib --enable-__cxa_atexit --enable-clocale=generic Thread model: posix gcc version 3.3.3 20040412 (Gentoo Hardened Linux 3.3.3-r5, ssp-3.3-7, pie-8.7.6) /usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/collect2 --eh-frame-hdr -m elf32_sparc -Y P,/usr/lib -shared -relax -z relro -z now -o libext2fs.so.2.4 /usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/../../../crti.o /usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/crtbeginS.o -L../.. -L/usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3 -L/usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/../../../../sparc-unknown-linux-gnu/lib -L/usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/../../.. -soname libext2fs.so.2 bb_compat.o cmp_bitmaps.o fileio.o inode_io.o namei.o write_bb_file.o rs_bitmap.o dupfs.o test_io.o imager.o ext2_err.o alloc.o alloc_sb.o alloc_stats.o alloc_tables.o badblocks.o bb_inode.o bitmaps.o bitops.o block.o bmap.o check_desc.o closefs.o dblist.o dblist_dir.o dirblock.o dirhash.o dir_iterate.o expanddir.o ext_attr.o finddev.o flushb.o freefs.o gen_bitmap.o get_pathname.o getsize.o getsectsize.o icount.o initialize.o inline.o inode.o ismounted.o link.o llseek.o lookup.o mkdir.o mkjournal.o native.o newdir.o openfs.o read_bb.o read_bb_file.o rw_bitmaps.o swapfs.o unix_io.o unlink.o valid_blk.o version.o -lcom_err -lgcc -lc -lgcc /usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/crtendS.o /usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/../../../crtn.o 11:40:14 [/space/pappy/chroots/chroot003:4485.pts-31.evildrop]evildrop /var/tmp/portage/e2fsprogs-1.35/work/e2fsprogs-1.35/lib/ext2fs/elfshared Anyway if you want the libssp stuff pappy please let me know. I'd make a few small changes to this .diff/.patch but don't want to keep attaching unless you are sure we need it. flags="${flags} -D__LIBSSP__ -Wl,-soname,libssp.so.${MY_PV}" 13:02:57 [/space/pappy/chroots/chroot004:2330.pts-3.evildrop]evildrop /usr/portage/sys-fs # readelf -s /lib/libext2fs.so.2.4 | grep guard 13:02:59 [/space/pappy/chroots/chroot004:2330.pts-3.evildrop]evildrop /usr/portage/sys-fs # gcc -v Reading specs from /usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/specs Configured with: /var/tmp/portage/gcc-3.3.3-r6/work/gcc-3.3.3/configure --prefix=/usr --bindir=/usr/sparc-unknown-linux-gnu/gcc-bin/3.3 --includedir=/usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/include --datadir=/usr/share/gcc-data/sparc-unknown-linux-gnu/3.3 --mandir=/usr/share/gcc-data/sparc-unknown-linux-gnu/3.3/man --infodir=/usr/share/gcc-data/sparc-unknown-linux-gnu/3.3/info --enable-shared --host=sparc-unknown-linux-gnu --target=sparc-unknown-linux-gnu --with-system-zlib --enable-languages=c,c++ --enable-threads=posix --enable-long-long --disable-checking --disable-libunwind-exceptions --enable-cstdio=stdio --enable-version-specific-runtime-libs --with-gxx-include-dir=/usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/include/g++-v3 --with-local-prefix=/usr/local --enable-shared --enable-nls --without-included-gettext --disable-multilib --enable-__cxa_atexit --enable-clocale=generic Thread model: posix gcc version 3.3.3 20040412 (Gentoo Hardened Linux 3.3.3-r6, ssp-3.3.2-2, pie-8.7.6) 13:03:02 [/space/pappy/chroots/chroot004:2330.pts-3.evildrop]evildrop /usr/portage/sys-fs with the e2fsprogs manipulated to insert -fno-stack-protector into the Makefiles and the -r6 version of gcc with the libgcc fixes from me, it works from e2fsprogs ebuild: src_compile() { local myconf use static \ && myconf="${myconf} --with-ldopts=-static" \ || myconf="${myconf} --enable-dynamic-e2fsck --enable-elf-shlibs" econf \ `use_enable nls` \ ${myconf} || die # massage the appropriate SSP suppression flags into the Makefiles # see bug 51386 find ${WORKDIR} -type f -name "Makefile" -exec sed -i "s/CC = gcc/CC = gcc -fno-stack-protector/g" {} \; # Parallel make sometimes fails emake -j1 || die } from gcc-3.3.3-r6 ebuild: ... # we apply only the needed parts of protectonly.dif sed -e 's|^CRTSTUFF_CFLAGS = |CRTSTUFF_CFLAGS = -fno-stack-protector -fno-stack-protector-all |' \ -i gcc/Makefile.in || die "Failed to update crtstuff!" sed -e 's|^\(LIBGCC2_CFLAGS.*\)$|\1 -fno-stack-protector -fno-stack-protector-all|' \ -i ${S}/gcc/Makefile.in || die "Failed to update libgcc!" release_version="${release_version}, ssp-${PP_FVER}" update_gcc_for_libc_ssp ... 13:05:00 [/space/pappy/chroots/chroot004:2330.pts-3.evildrop]evildrop /usr/portage/sys-fs # readelf -s /usr/lib/gcc-lib/sparc-unknown-linux-gnu/3.3.3/libgcc_s.so.1 | grep guard 13:05:13 [/space/pappy/chroots/chroot004:2330.pts-3.evildrop]evildrop /usr/portage/sys-fs # et voila! # emerge -v silo with the modification for the Makefiles: src_compile() { make CC="${CC} -fno-stack-protector" ${MAKEOPTS} || die } src_install() { make CC="${CC} -fno-stack-protector" DESTDIR=${D} install || die dodoc COPYING ChangeLog first-isofs/README.SILO_ISOFS docs/README* ... this logic has to be mocked up like in the grub/lilo ebuilds: inherit the flag-o-matic eclass and test_flag for the flag to be accepted by gcc but the next error comes along: LARGE_RELOC=0x380000 -DTFTP -c -o mainnet.o main.c rm -f fs/libfs.a ar rc fs/libfs.a fs/iom.o fs/ext2.o fs/isofs.o fs/romfs.o fs/ufs.o ld -N -Ttext 0x280000 -Bstatic -o second crt0.o decomp.o ../common/console.o ../common/printf.o malloc.o ../common/jmp.o ../common/prom.o ../common/tree.o ../common/urem.o ../common/udiv.o ../common/stringops1.o ../common/ffs.o bmark.o main.o cmdline.o disk.o file.o misc.o cfg.o strtol.o ranges.o timer.o memory.o fs/libfs.a divdi3.o mul.o ../common/rem.o ../common/sdiv.o umul.o ../common/stringops2.o ls.o muldi3.o -lext2fs mark.o ld -N -Ttext 0x380000 -Bstatic -o second2 crt0.o decomp.o ../common/console.o ../common/printf.o malloc.o ../common/jmp.o ../common/prom.o ../common/tree.o ../common/urem.o ../common/udiv.o ../common/stringops1.o ../common/ffs.o bmark.o main.o cmdline.o disk.o file.o misc.o cfg.o strtol.o ranges.o timer.o memory.o fs/libfs.a divdi3.o mul.o ../common/rem.o ../common/sdiv.o umul.o ../common/stringops2.o ls.o muldi3.o -lext2fs mark.o nm second | grep -v '*ABS*' | sort > second.map elftoaout -o second.aout second PT 0 Entry: Loadable to 0x280000[0x2a0f8] from 0xa0[0x1c4f8] align 0x20 PT 1 Entry: unknown elftoaout -o second2.aout second2 PT 0 Entry: Loadable to 0x380000[0x2a0f8] from 0xa0[0x1c4f8] align 0x20 PT 1 Entry: unknown ./util second.map second.aout second2.aout second.b second.b2 Distance between two changes larger than 63K 3 112361 0 make[1]: *** [second.b] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory `/var/tmp/portage/silo-1.4.5/work/silo-1.4.5/second' make: *** [all] Error 1 !!! ERROR: sys-boot/silo-1.4.5 failed. !!! Function src_compile, Line 22, Exitcode 2 !!! (no error message) is this still related to SSP? I think this time it is the automatic PIE support. so we expand the exclude arguments src_compile() { make CC="${CC} -fno-stack-protector -fno-pic" ${MAKEOPTS} || die } src_install() { make CC="${CC} -fno-stack-protector -fno-pic" DESTDIR=${D} install || die With this modification, silo emerges [ebuild R ] sys-boot/silo-1.4.5 So, the following steps need to be taken: 1) manage these changes to get into the -r6 version of Peter Mazinger 2) edit e2fsprogs on sparc to use test_flags for SSP exclusion 3) edit silo on sparc to use test_flags for SSP and PIE exclusion sincerely, Alex Pappy, I have done some tests, and you do not need to add -fno-stack-protector (only -all) to CRTSTUFF_CFLAGS and LIBGCC2_CFLAGS Peter and my tests have shown that this is not enough. maybe you are using a different specs exclude filter? -Alex btw, i added -r6 with my logic to the cvs (still masked) and it works good on ~sparc and ~x86 so far if you feel better with it, i would be very happy to see you welcome this change bye again, Alex tackling that one again, putting that into e2fsprogs-1.35.ebuild src_compile() { local myconf # building e2fsprogs on sparc results in silo breaking [ "${ARCH}" = "sparc" ] && filter-flags "-fstack-protector" test please, its in CVS |