[Buildroot] [PATCH v4] toolchain: improve SSP logic
Vicente Olivert Riera
Vincent.Riera at imgtec.com
Tue Mar 15 16:40:38 UTC 2016
Don't enable SSP support on external toolchains just because they use
glibc or musl. Instead of that, make the external toolchains explictily
declare if they support SSP or not. And also add a check to detect SSP
support when using custom external toolchains.
For internal toolchains we always enable SSP support for glibc and musl.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera at imgtec.com>
---
Changes v3 -> v4:
- uclibc/Config.in already had the logic for SSP. Patch v3 was
duplicating that logic by mistake.
- Redirect the output of the compile test for checking SSP support to a
temporary file instead of /dev/null since some old toolchains may add
a ".gdb" to the output filename and that could end up with something
like "> /dev/null.gdb". See 375bc18850f0f8fec90e1e478c0e9d2159377a64
for details.
- Well known external toolchains should select BR2_TOOLCHAIN_HAS_SSP
and not BR2_TOOLCHAIN_EXTERNAL_HAS_SSP, since the last one is only
when using custom external toolchains.
- Split the "default y" condition for BR2_TOOLCHAIN_EXTERNAL_HAS_SSP in
two parts for cosmetic purposes.
(All highlighted by Thomas Petazzoni)
Changes v2 -> v3:
- uclibc.mk already had the logic for SSP. Patch v2 was duplicating
that logic by mistake. (Highlighted by Ricardo Martincoski)
Changes v1 -> v2:
- Patch was incomplete. It was lacking the handling for internal
toolchain. (Highlighted by Thomas Petazzoni)
package/glibc/Config.in | 1 +
package/musl/Config.in | 1 +
toolchain/Config.in | 2 --
toolchain/helpers.mk | 18 ++++++++++++++++
toolchain/toolchain-external/Config.in | 24 ++++++++++++++++++++--
toolchain/toolchain-external/toolchain-external.mk | 1 +
6 files changed, 43 insertions(+), 4 deletions(-)
diff --git a/package/glibc/Config.in b/package/glibc/Config.in
index 0565162..a2d5c1a 100644
--- a/package/glibc/Config.in
+++ b/package/glibc/Config.in
@@ -29,6 +29,7 @@ config BR2_PACKAGE_GLIBC
bool
default y
select BR2_PACKAGE_LINUX_HEADERS
+ select BR2_TOOLCHAIN_HAS_SSP
choice
prompt "glibc version"
diff --git a/package/musl/Config.in b/package/musl/Config.in
index f1a3150..c263006 100644
--- a/package/musl/Config.in
+++ b/package/musl/Config.in
@@ -4,3 +4,4 @@ config BR2_PACKAGE_MUSL
default y
select BR2_PACKAGE_LINUX_HEADERS
select BR2_PACKAGE_NETBSD_QUEUE
+ select BR2_TOOLCHAIN_HAS_SSP
diff --git a/toolchain/Config.in b/toolchain/Config.in
index fc30c6e..e0044c1 100644
--- a/toolchain/Config.in
+++ b/toolchain/Config.in
@@ -15,7 +15,6 @@ config BR2_TOOLCHAIN_USES_GLIBC
select BR2_TOOLCHAIN_HAS_THREADS_DEBUG
select BR2_TOOLCHAIN_HAS_THREADS_NPTL
select BR2_TOOLCHAIN_HAS_SHADOW_PASSWORDS
- select BR2_TOOLCHAIN_HAS_SSP
config BR2_TOOLCHAIN_USES_UCLIBC
bool
@@ -27,7 +26,6 @@ config BR2_TOOLCHAIN_USES_MUSL
select BR2_TOOLCHAIN_HAS_THREADS
select BR2_TOOLCHAIN_HAS_THREADS_DEBUG
select BR2_TOOLCHAIN_HAS_THREADS_NPTL
- select BR2_TOOLCHAIN_HAS_SSP
choice
prompt "Toolchain type"
diff --git a/toolchain/helpers.mk b/toolchain/helpers.mk
index ee878e8..d8276ab 100644
--- a/toolchain/helpers.mk
+++ b/toolchain/helpers.mk
@@ -421,6 +421,24 @@ check_unusable_toolchain = \
fi
#
+# Check if the toolchain has SSP (stack smashing protector) support
+#
+# $1: cross-gcc path
+#
+check_toolchain_ssp = \
+ __CROSS_CC=$(strip $1) ; \
+ __HAS_SSP=`echo 'void main(){}' | $${__CROSS_CC} -fstack-protector -x c - -o $(BUILD_DIR)/.br-toolchain-test.tmp && echo y` ; \
+ if [ "$(BR2_TOOLCHAIN_HAS_SSP)" != "y" -a "$${__HAS_SSP}" = "y" ] ; then \
+ echo "SSP support available in this toolchain, please enable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP" ; \
+ exit 1 ; \
+ fi ; \
+ if [ "$(BR2_TOOLCHAIN_HAS_SSP)" = "y" -a "$${__HAS_SSP}" != "y" ] ; then \
+ echo "SSP support not available in this toolchain, please disable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP" ; \
+ exit 1 ; \
+ fi ; \
+ rm -f $(BUILD_DIR)/.br-toolchain-test.tmp*
+
+#
# Generate gdbinit file for use with Buildroot
#
gen_gdbinit_file = \
diff --git a/toolchain/toolchain-external/Config.in b/toolchain/toolchain-external/Config.in
index ff759a0..0b3cff3 100644
--- a/toolchain/toolchain-external/Config.in
+++ b/toolchain/toolchain-external/Config.in
@@ -22,6 +22,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM
depends on BR2_ARM_EABIHF
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_1
@@ -44,6 +45,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM
depends on BR2_ARM_EABIHF
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_0
@@ -66,6 +68,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARMEB
depends on BR2_ARM_EABIHF
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_1
@@ -88,6 +91,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_ARMEB
depends on BR2_ARM_EABIHF
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_0
@@ -108,6 +112,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_ARM
depends on BR2_ARM_EABI
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -143,6 +148,7 @@ config BR2_TOOLCHAIN_EXTERNAL_ARAGO_ARMV7A
depends on BR2_ARM_CPU_HAS_VFPV3
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -166,6 +172,7 @@ config BR2_TOOLCHAIN_EXTERNAL_ARAGO_ARMV5TE
depends on BR2_ARM_EABI
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -185,6 +192,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_MIPS
depends on !BR2_MIPS_NABI32
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -408,6 +416,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_NIOSII
depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -425,6 +434,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_POWERPC_E500V2
depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -443,6 +453,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_POWERPC
depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -476,6 +487,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_SH
depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -502,6 +514,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_AMD64
depends on !BR2_STATIC_LIBS
depends on BR2_x86_jaguar || BR2_x86_steamroller
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -527,6 +540,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_X86
depends on !BR2_x86_jaguar
depends on !BR2_x86_steamroller
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
@@ -572,6 +586,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_AARCH64
depends on BR2_HOSTARCH = "x86"
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_INSTALL_LIBSTDCPP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_7
@@ -587,6 +602,7 @@ config BR2_TOOLCHAIN_EXTERNAL_LINARO_AARCH64
depends on BR2_HOSTARCH = "x86_64"
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_INSTALL_LIBSTDCPP
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
select BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_0
@@ -601,6 +617,7 @@ config BR2_TOOLCHAIN_EXTERNAL_CODESOURCERY_AARCH64
depends on BR2_HOSTARCH = "x86_64" || BR2_HOSTARCH = "x86"
depends on !BR2_STATIC_LIBS
select BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
@@ -625,6 +642,7 @@ config BR2_TOOLCHAIN_EXTERNAL_MUSL_CROSS
# Unsupported for MIPS R6
depends on !BR2_mips_32r6 && !BR2_mips_64r6
select BR2_TOOLCHAIN_EXTERNAL_MUSL
+ select BR2_TOOLCHAIN_HAS_SSP
select BR2_INSTALL_LIBSTDCPP
select BR2_HOSTARCH_NEEDS_IA32_LIBS
select BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_12
@@ -1018,17 +1036,19 @@ config BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_NPTL
endif # BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS
+endif # BR2_TOOLCHAIN_EXTERNAL_CUSTOM_UCLIBC
+
config BR2_TOOLCHAIN_EXTERNAL_HAS_SSP
bool "Toolchain has SSP support?"
select BR2_TOOLCHAIN_HAS_SSP
+ default y if BR2_TOOLCHAIN_EXTERNAL_GLIBC
+ default y if BR2_TOOLCHAIN_EXTERNAL_MUSL
help
Selection this option if your external toolchain has Stack
Smashing Protection support enabled. If you don't know,
leave the default value, Buildroot will tell you if it's
correct or not.
-endif # BR2_TOOLCHAIN_EXTERNAL_CUSTOM_UCLIBC
-
config BR2_TOOLCHAIN_EXTERNAL_INET_RPC
bool "Toolchain has RPC support?"
select BR2_TOOLCHAIN_HAS_NATIVE_RPC
diff --git a/toolchain/toolchain-external/toolchain-external.mk b/toolchain/toolchain-external/toolchain-external.mk
index 37e1a2e..00fa572 100644
--- a/toolchain/toolchain-external/toolchain-external.mk
+++ b/toolchain/toolchain-external/toolchain-external.mk
@@ -502,6 +502,7 @@ define TOOLCHAIN_EXTERNAL_CONFIGURE_CMDS
else \
$(call check_glibc,$${SYSROOT_DIR}) ; \
fi
+ $(Q)$(call check_toolchain_ssp,$(TOOLCHAIN_EXTERNAL_CC))
endef
# With the musl C library, the libc.so library directly plays the role
--
2.4.10
More information about the buildroot
mailing list