From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Subject: Re: A running list of questions from "porting" Slackware to musl
Date: Tue, 30 Sep 2014 11:50:23 -0400 [thread overview]
Message-ID: <20140930155023.GC23797@brightrain.aerifal.cx> (raw)
In-Reply-To: <20140930153216.GA1785@newbook>
On Tue, Sep 30, 2014 at 08:32:16AM -0700, Isaac Dunham wrote:
> On Tue, Sep 30, 2014 at 06:13:37PM +0530, Weldon Goree wrote:
> > Hi all,
> >
> > I added the quotation marks of shame because it's not a "port" in a real
> > sense. But still: I've had this side project[1] for a while of porting
> > Slackware to use Musl and it's Nearly There (tm), but I was hoping for some
> > advice on some persistent irritations I have. (Sorry for the length.)
> <snip>
> > 6. Stack protection. This one really puzzles me. Stack protection is as
> > alien to glibc as it is to musl, but I keep running into this. 90% of the
> > problems can be avoided with adding -fno-stack-protector appropriately, but
> > libtool is very "helpful" on matters like this and seems to find a way to
> > put it back. I've actually not found an unworkable problem yet (though
> > several very annoying ones); I guess I'm just curious what the real state of
> > ssp on musl is (I'm not a fan of the concept, personally, but I know a lot
> > of people are), and whether there's a general solution to just telling
> > software to trust the ****ing stack.
>
> You need a "libssp_nonshared.a" containing a function named
> __stack_chk_fail_local, which need only call __stack_chk_fail.
> No idea why, but this cannot be in a shared libary.
When gcc generates the canary-check code, on failure it normally
calls/jumps to __stack_chk_fail. But for shared libraries, that call
would go to a thunk in the library's PLT, which depends on the GOT
register being initialized (actually this varies by arch; x86_64
doesn't need it). In order to avoid (expensive) loading of the GOT
register in every function just as a contingency in case
__stack_chk_fail needs to be called, for position-independent code GCC
generates a call to __stack_chk_fail_local instead. This is a hidden
function (and necessarily exists within the same .so) so the call
doesn't have to go through the PLT; it's just a straight relative
call/jump instruction. __stack_chk_fail_local is then responsible for
loading the GOT register and calling __stack_chk_fail.
Rich
next prev parent reply other threads:[~2014-09-30 15:50 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-30 12:43 Weldon Goree
2014-09-30 14:59 ` stephen Turner
2014-09-30 16:20 ` Weldon Goree
2014-09-30 15:32 ` Isaac Dunham
2014-09-30 15:50 ` Rich Felker [this message]
2014-09-30 23:50 ` Andy Lutomirski
2014-10-01 0:05 ` Rich Felker
2014-10-01 5:49 ` Andy Lutomirski
2014-10-01 13:29 ` Rich Felker
2014-10-01 15:00 ` Andy Lutomirski
2014-10-01 7:48 ` Szabolcs Nagy
2014-10-01 8:19 ` u-wsnj
2014-10-01 13:30 ` Rich Felker
2014-09-30 15:46 ` Rich Felker
2014-09-30 16:05 ` Weldon Goree
2014-10-01 6:29 ` Timo Teras
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140930155023.GC23797@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).