lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20090211105729.GO20518@elte.hu>
Date:	Wed, 11 Feb 2009 11:57:29 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	Tejun Heo <tj@...nel.org>
Cc:	hpa@...or.com, jeremy@...p.org, tglx@...utronix.de,
	linux-kernel@...r.kernel.org, x86@...nel.org, rusty@...tcorp.com.au
Subject: Re: [PATCHSET x86/master] add stack protector support for x86_32


* Tejun Heo <tj@...nel.org> wrote:

> Ingo Molnar wrote:
> >>> I'll try other compilers but which version are you using?  The
> >>> difference is that before the patchset, -fno-stack-protector was
> >>> always added whether stackprotector was enabled or not so this problem
> >>> wasn't visible (at the cost of bogus stackprotector of course).  We'll
> >>> probably need to add __stack_chk_guard or disable if gcc generates
> >>> such symbol.  I'll play with different gccs.
> >> Can't reproduce with gcc-4.1 or 4.2.  Any chance you're using distcc
> >> w/ a build machine w/ glibc < 2.4?  __stack_chk_guard is the symbol
> >> gcc fetches stack canary from if TLS is not supported, so somehow gcc
> >> thought that TLS wasn't available while building head64.
> > 
> > yeah - i also used distcc. Maybe the nostackp makefile magic gets confused
> > about that?
> 
> It seems that even with the same gcc versions, gcc built against libc
> w/o TLS support generates __stack_chk_guard, so if you mix the two
> flavors, the has-stack-protector check can be compiled on machines w/
> TLS while some other files end up being built on machines w/o TLS
> support thus circumventing the support check.  Can you please see
> whether non-distcc build fails too?

That build succeeds:

rhea:~/tip> make -j30 bzImage ARCH=x86_64 CROSS_COMPILE='/opt/crosstool/gcc-4.2.3-glibc-2.3.6/x86_64-unknown-linux-gnu/bin/x86_64-unknown-linux-gnu-'
/home/mingo/tip/arch/x86/Makefile:82: stack protector enabled but no compiler support
  CHK     include/linux/version.h
[...]
BFD: arch/x86/boot/compressed/vmlinux.bin: warning: allocated section `.bss' not in segment
[...]
Root device is (8, 3)
Setup is 11996 bytes (padded to 12288 bytes).
System is 5690 kB
CRC be1b2e21
Kernel: arch/x86/boot/bzImage is ready  (#3)

Some shell variable expansion bug? If CROSS_COMPILE is not a single word
we fail to detect the compiler borkage at arch/x86/Makefile line 82?

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ