Project

General

Profile

Feature #13274

enable -fstack-protector-strong by default in user land

Added by Robert Mustacchi 3 months ago. Updated 2 months ago.

Status:
Closed
Priority:
Normal
Category:
lib - userland libraries
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

It is long past time for -fstack-protector-strong to be enabled by default in user land in the build. This goes through and enables this across the entire user land stack with a few exceptions to deal with bootstrapping and other minor challenges. In particular, if this had been enabled, it would have at least caught #13242 (I explicitly tested that).

The current exceptions are as follows:
  • rtld (and as a side effect libc and libconv) due to bootstrapping issues around enabling the guard
  • kmdb as it needs its own implementation of the stack protector and can't really use the kernel's
  • The kmdb standalone versions of libdis, libctf, and libumem which are only used for kmdb.
  • DTrace's drti.o which would require other objects to need ssp_ns that wouldn't in and of itself know to

The above can all be dealt with other work over time, the highest value would be enabling libc; however, that's no reason to stop getting basically all of the rest of userland enabled.

As part of doing this work, I discovered a lot of bugs in the build system which will be linked as blockers on this ticket.


Related issues

Related to illumos gate - Bug #13324: struct dk_minfo_ext size differences trigger SSP in libfdiskClosed

Actions
Blocked by illumos gate - Feature #5788: Want support for GCC's stack protector in libcClosedRobert Mustacchi2015-04-03

Actions
Blocked by illumos gate - Bug #13260: librtld_db demo should be built separatelyClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13261: libdbus-1 deps missing libbsmClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13262: rcm_daemon missing library search pathsClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13263: startd needs to search $(ROOT)/usr/lib/fm for depsClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13264: perl Makefiles place object files after librariesClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13265: libmp.so.1 missing library search pathClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13266: mdb build tools should use native toolsClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13267: tools libld build picks up normal sgs libsClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13268: lp native build forgot CFLAGSClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13269: esc needs a native buildClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13270: cmd/spell native build incompleteClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13271: 64-bit crypto tests have wrong library search pathClosedRobert Mustacchi

Actions
Blocked by illumos gate - Bug #13272: 64-bit secflags test has wrong ldlibsClosedRobert Mustacchi

Actions
#1

Updated by Robert Mustacchi 3 months ago

  • Blocked by Feature #5788: Want support for GCC's stack protector in libc added
#2

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13260: librtld_db demo should be built separately added
#3

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13261: libdbus-1 deps missing libbsm added
#4

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13262: rcm_daemon missing library search paths added
#5

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13263: startd needs to search $(ROOT)/usr/lib/fm for deps added
#6

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13264: perl Makefiles place object files after libraries added
#7

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13265: libmp.so.1 missing library search path added
#8

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13266: mdb build tools should use native tools added
#9

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13267: tools libld build picks up normal sgs libs added
#10

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13268: lp native build forgot CFLAGS added
#11

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13269: esc needs a native build added
#12

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13270: cmd/spell native build incomplete added
#13

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13271: 64-bit crypto tests have wrong library search path added
#14

Updated by Robert Mustacchi 3 months ago

  • Blocked by Bug #13272: 64-bit secflags test has wrong ldlibs added
#15

Updated by Electric Monk 3 months ago

  • Gerrit CR set to 1041
#16

Updated by Robert Mustacchi 2 months ago

To test this I did the following:

  • Manually verified that we had emitted calls to the stack protector into most binaries and libraries.
  • Ran through the primary test suites: crypto, libc, elf, os, and util
  • Used bits semi-regularly

Then, I had a bunch of help from the broader community. In particular the following folks helped test their workloads:

  • Andy Fiddaman built OmniOS with these changes
  • Dan McDonald built SmartOS with these changes and uncovered a small issue with it
  • Alex Wilson built SmartOS and tested some of their workloads with this present
  • Peter Tribble verified that this built cleanly on SPARC

I also did builds of everything on ssp bits which is why we had all the linked changes.

#17

Updated by Electric Monk 2 months ago

  • Status changed from New to Closed
  • % Done changed from 80 to 100

git commit 5a0af8165ce9590e7a18f1ef4f9badc4dd72c6e6

commit  5a0af8165ce9590e7a18f1ef4f9badc4dd72c6e6
Author: Robert Mustacchi <rm@fingolfin.org>
Date:   2020-11-17T16:52:10.000Z

    13274 enable -fstack-protector-strong by default in user land
    Reviewed by: Andy Fiddaman <andy@omniosce.org>
    Reviewed by: Toomas Soome <tsoome@me.com>
    Approved by: Gordon Ross <gordon.w.ross@gmail.com>

#18

Updated by Joshua M. Clulow about 2 months ago

  • Related to Bug #13324: struct dk_minfo_ext size differences trigger SSP in libfdisk added

Also available in: Atom PDF