From owner-svn-src-all@FreeBSD.ORG  Tue Jul 14 21:19:13 2009
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DE7A61065675;
	Tue, 14 Jul 2009 21:19:13 +0000 (UTC) (envelope-from kan@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id C52798FC18;
	Tue, 14 Jul 2009 21:19:13 +0000 (UTC) (envelope-from kan@FreeBSD.org)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n6ELJDgV071511;
	Tue, 14 Jul 2009 21:19:13 GMT (envelope-from kan@svn.freebsd.org)
Received: (from kan@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id n6ELJDG1071501;
	Tue, 14 Jul 2009 21:19:13 GMT (envelope-from kan@svn.freebsd.org)
Message-Id: <200907142119.n6ELJDG1071501@svn.freebsd.org>
From: Alexander Kabaev <kan@FreeBSD.org>
Date: Tue, 14 Jul 2009 21:19:13 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
	svn-src-head@freebsd.org
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r195697 - in head: . contrib/gcc/config gnu/lib/libgcc
	gnu/lib/libssp/libssp_nonshared lib/libc lib/libc/sys
	libexec/rtld-elf share/mk
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
	user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
	<mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
	<mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jul 2009 21:19:14 -0000

Author: kan
Date: Tue Jul 14 21:19:13 2009
New Revision: 195697
URL: http://svn.freebsd.org/changeset/base/195697

Log:
  Second attempt at eliminating .text relocations in shared libraries
  compiled with stack protector.
  
  Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
  each library that needs it instead of pulling it from libc. GCC
  generates local calls to this function which result in absolute
  relocations put into position-independent code segment, making dynamic
  loader do extra work every time given shared library is being relocated
  and making affected text pages non-shareable.
  
  Reviewed by:        kib
  Approved by:        re (kib)

Modified:
  head/Makefile.inc1
  head/contrib/gcc/config/freebsd-spec.h
  head/gnu/lib/libgcc/Makefile
  head/gnu/lib/libssp/libssp_nonshared/Makefile
  head/lib/libc/Makefile
  head/lib/libc/sys/Symbol.map
  head/lib/libc/sys/stack_protector.c
  head/libexec/rtld-elf/Makefile
  head/share/mk/bsd.lib.mk

Modified: head/Makefile.inc1
==============================================================================
--- head/Makefile.inc1	Tue Jul 14 20:46:19 2009	(r195696)
+++ head/Makefile.inc1	Tue Jul 14 21:19:13 2009	(r195697)
@@ -1069,7 +1069,7 @@ libraries:
 #
 # static libgcc.a prerequisite for shared libc
 #
-_prereq_libs= gnu/lib/libgcc
+_prereq_libs= gnu/lib/libssp/libssp_nonshared gnu/lib/libgcc
 
 # These dependencies are not automatically generated:
 #

Modified: head/contrib/gcc/config/freebsd-spec.h
==============================================================================
--- head/contrib/gcc/config/freebsd-spec.h	Tue Jul 14 20:46:19 2009	(r195696)
+++ head/contrib/gcc/config/freebsd-spec.h	Tue Jul 14 21:19:13 2009	(r195697)
@@ -168,6 +168,7 @@ is built with the --enable-threads confi
     %{pg:  %{pthread:-lpthread_p} -lc_p}}				\
   %{shared:								\
     %{pthread:-lpthread} -lc}						\
+  %{fstack-protector|fstack-protector-all:-lssp_nonshared}		\
   "
 #endif
 #endif

Modified: head/gnu/lib/libgcc/Makefile
==============================================================================
--- head/gnu/lib/libgcc/Makefile	Tue Jul 14 20:46:19 2009	(r195696)
+++ head/gnu/lib/libgcc/Makefile	Tue Jul 14 21:19:13 2009	(r195697)
@@ -7,6 +7,12 @@ SHLIB_NAME=	libgcc_s.so.1
 SHLIBDIR?=	/lib
 
 .include <bsd.own.mk>
+#
+# libgcc is linked in last and thus cannot depend on ssp symbols coming
+# from earlier libraries. Disable stack protection for this library.
+#
+MK_SSP=	no
+
 .include "${.CURDIR}/../../usr.bin/cc/Makefile.tgt"
 
 .PATH: ${GCCDIR}/config/${GCC_CPU} ${GCCDIR}/config ${GCCDIR}

Modified: head/gnu/lib/libssp/libssp_nonshared/Makefile
==============================================================================
--- head/gnu/lib/libssp/libssp_nonshared/Makefile	Tue Jul 14 20:46:19 2009	(r195696)
+++ head/gnu/lib/libssp/libssp_nonshared/Makefile	Tue Jul 14 21:19:13 2009	(r195697)
@@ -13,6 +13,6 @@ SRCS=	ssp-local.c
 
 CFLAGS+= -DHAVE_CONFIG_H
 CFLAGS+= -I${.CURDIR}/..  -I${GCCLIB}/libssp  -I${GCCLIB}/include
-CFLAGS+= -fPIC -DPIC
+CFLAGS+= -fPIC -DPIC -fvisibility=hidden
 
 .include <bsd.lib.mk>

Modified: head/lib/libc/Makefile
==============================================================================
--- head/lib/libc/Makefile	Tue Jul 14 20:46:19 2009	(r195696)
+++ head/lib/libc/Makefile	Tue Jul 14 21:19:13 2009	(r195697)
@@ -26,7 +26,7 @@ PRECIOUSLIB=
 #
 DPADD+=	${LIBGCC}
 LDFLAGS+= -nodefaultlibs
-LDADD+= -lgcc
+LDADD+= -lgcc -lssp_nonshared
 
 # Define (empty) variables so that make doesn't give substitution
 # errors if the included makefiles don't change these:

Modified: head/lib/libc/sys/Symbol.map
==============================================================================
--- head/lib/libc/sys/Symbol.map	Tue Jul 14 20:46:19 2009	(r195696)
+++ head/lib/libc/sys/Symbol.map	Tue Jul 14 21:19:13 2009	(r195697)
@@ -282,7 +282,6 @@ FBSD_1.0 {
 	socket;
 	socketpair;
 	__stack_chk_fail;
-	__stack_chk_fail_local;
 	__stack_chk_guard;
 	stat;
 	statfs;

Modified: head/lib/libc/sys/stack_protector.c
==============================================================================
--- head/lib/libc/sys/stack_protector.c	Tue Jul 14 20:46:19 2009	(r195696)
+++ head/lib/libc/sys/stack_protector.c	Tue Jul 14 21:19:13 2009	(r195697)
@@ -47,7 +47,6 @@ static void __guard_setup(void) __attrib
 static void __fail(const char *);
 void __stack_chk_fail(void);
 void __chk_fail(void);
-void __stack_chk_fail_local(void);
 
 /*LINTED used*/
 static void
@@ -109,8 +108,4 @@ __chk_fail(void)
 	__fail("buffer overflow detected; terminated");
 }
 
-void
-__stack_chk_fail_local(void)
-{
-	__stack_chk_fail();
-}
+__sym_compat(__stack_chk_fail_local, __stack_chk_fail, FBSD_1.0);

Modified: head/libexec/rtld-elf/Makefile
==============================================================================
--- head/libexec/rtld-elf/Makefile	Tue Jul 14 20:46:19 2009	(r195696)
+++ head/libexec/rtld-elf/Makefile	Tue Jul 14 21:19:13 2009	(r195697)
@@ -22,7 +22,7 @@ MLINKS=		rtld.1 ld-elf.so.1.1 \
 CFLAGS+=	-fpic -DPIC
 LDFLAGS+=	-shared -Wl,-Bsymbolic
 DPADD=		${LIBC_PIC}
-LDADD=		-lc_pic
+LDADD=		-lc_pic -lssp_nonshared
 
 .if ${MACHINE_ARCH} != "ia64"
 .if ${MK_SYMVER} == "yes"

Modified: head/share/mk/bsd.lib.mk
==============================================================================
--- head/share/mk/bsd.lib.mk	Tue Jul 14 20:46:19 2009	(r195696)
+++ head/share/mk/bsd.lib.mk	Tue Jul 14 21:19:13 2009	(r195697)
@@ -200,11 +200,11 @@ ${SHLIB_NAME}: ${SOBJS}
 	@ln -fs ${.TARGET} ${SHLIB_LINK}
 .endif
 .if !defined(NM)
-	@${CC} ${LDFLAGS} -shared -Wl,-x \
+	@${CC} ${LDFLAGS} ${SSP_CFLAGS} -shared -Wl,-x \
 	    -o ${.TARGET} -Wl,-soname,${SONAME} \
 	    `lorder ${SOBJS} | tsort -q` ${LDADD}
 .else
-	@${CC} ${LDFLAGS} -shared -Wl,-x \
+	@${CC} ${LDFLAGS} ${SSP_CFLAGS} -shared -Wl,-x \
 	    -o ${.TARGET} -Wl,-soname,${SONAME} \
 	    `NM='${NM}' lorder ${SOBJS} | tsort -q` ${LDADD}
 .endif