diff options
Diffstat (limited to 'sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch')
-rw-r--r-- | sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch | 168 |
1 files changed, 168 insertions, 0 deletions
diff --git a/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch new file mode 100644 index 0000000..a1c9eef --- /dev/null +++ b/sys-libs/glibc/files/2.10/glibc-2.10-hardened-ssp-compat.patch @@ -0,0 +1,168 @@ +Add backwards compat support for gcc-3.x ssp ... older ssp versions +used __guard and __stack_smash_handler symbols while gcc-4.1 and newer +uses __stack_chk_guard and __stack_chk_fail. + +--- config.h.in ++++ config.h.in +@@ -42,6 +42,9 @@ + assembler instructions per line. Default is `;' */ + #undef ASM_LINE_SEP + ++/* Define if we want to enable support for old ssp symbols */ ++#undef ENABLE_OLD_SSP_COMPAT ++ + /* Define if not using ELF, but `.init' and `.fini' sections are available. */ + #undef HAVE_INITFINI + +--- configure ++++ configure +@@ -1378,6 +1378,9 @@ Optional Features: + --enable-kernel=VERSION compile for compatibility with kernel not older than + VERSION + --enable-all-warnings enable all useful warnings gcc can issue ++ --disable-old-ssp-compat ++ enable support for older ssp symbols ++ [default=no] + --enable-multi-arch enable single DSO with optimizations for multiple + architectures + --enable-experimental-malloc +@@ -6462,6 +6465,20 @@ fi + $as_echo "$libc_cv_ssp" >&6; } + + ++# Check whether --enable-old-ssp-compat or --disable-old-ssp-compat was given. ++if test "${enable_old_ssp_compat+set}" = set; then ++ enableval="$enable_old_ssp_compat" ++ enable_old_ssp_compat=$enableval ++else ++ enable_old_ssp_compat=no ++fi; ++if test "x$enable_old_ssp_compat" = "xyes"; then ++ cat >>confdefs.h <<\_ACEOF ++#define ENABLE_OLD_SSP_COMPAT 1 ++_ACEOF ++ ++fi ++ + { $as_echo "$as_me:$LINENO: checking for -fgnu89-inline" >&5 + $as_echo_n "checking for -fgnu89-inline... " >&6; } + if test "${libc_cv_gnu89_inline+set}" = set; then +--- configure.in ++++ configure.in +@@ -1641,6 +1641,15 @@ fi + rm -f conftest*]) + AC_SUBST(libc_cv_ssp) + ++AC_ARG_ENABLE([old-ssp-compat], ++ AC_HELP_STRING([--enable-old-ssp-compat], ++ [enable support for older ssp symbols @<:@default=no@:>@]), ++ [enable_old_ssp_compat=$enableval], ++ [enable_old_ssp_compat=no]) ++if test "x$enable_old_ssp_compat" = "xyes"; then ++ AC_DEFINE(ENABLE_OLD_SSP_COMPAT) ++fi ++ + AC_CACHE_CHECK(for -fgnu89-inline, libc_cv_gnu89_inline, [dnl + cat > conftest.c <<EOF + int foo; +--- csu/libc-start.c ++++ csu/libc-start.c +@@ -37,6 +37,9 @@ extern void __pthread_initialize_minimal + uintptr_t __stack_chk_guard attribute_relro; + # endif + #endif ++#ifdef ENABLE_OLD_SSP_COMPAT ++uintptr_t __guard attribute_relro; ++#endif + + #ifdef HAVE_PTR_NTHREADS + /* We need atomic operations. */ +@@ -141,6 +145,9 @@ LIBC_START_MAIN (int (*main) (int, char + + /* Set up the stack checker's canary. */ + uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); ++#ifdef ENABLE_OLD_SSP_COMPAT ++ __guard = stack_chk_guard; ++#endif + # ifdef THREAD_SET_STACK_GUARD + THREAD_SET_STACK_GUARD (stack_chk_guard); + # else +--- csu/Versions ++++ csu/Versions +@@ -17,6 +17,12 @@ libc { + # New special glibc functions. + gnu_get_libc_release; gnu_get_libc_version; + } ++ GLIBC_2.3.2 { ++%ifdef ENABLE_OLD_SSP_COMPAT ++ # global objects and functions for the old propolice patch in gcc ++ __guard; ++%endif ++ } + GLIBC_PRIVATE { + %if HAVE___THREAD + # This version is for the TLS symbol, GLIBC_2.0 is the old object symbol. +--- debug/Versions ++++ debug/Versions +@@ -10,6 +10,12 @@ libc { + # These are to support some gcc features. + __cyg_profile_func_enter; __cyg_profile_func_exit; + } ++%ifdef ENABLE_OLD_SSP_COMPAT ++ GLIBC_2.3.2 { ++ # backwards ssp compat support; alias to __stack_chk_fail ++ __stack_smash_handler; ++ } ++%endif + GLIBC_2.3.4 { + __chk_fail; + __memcpy_chk; __memmove_chk; __mempcpy_chk; __memset_chk; __stpcpy_chk; +--- elf/rtld.c ++++ elf/rtld.c +@@ -89,6 +89,9 @@ INTDEF(_dl_argv) + in thread local area. */ + uintptr_t __stack_chk_guard attribute_relro; + #endif ++#ifdef ENABLE_OLD_SSP_COMPAT ++uintptr_t __guard attribute_relro; ++#endif + + /* Only exported for architectures that don't store the pointer guard + value in thread local area. */ +@@ -1817,6 +1821,9 @@ ERROR: ld.so: object '%s' cannot be load + + /* Set up the stack checker's canary. */ + uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); ++#ifdef ENABLE_OLD_SSP_COMPAT ++ __guard = stack_chk_guard; ++#endif + #ifdef THREAD_SET_STACK_GUARD + THREAD_SET_STACK_GUARD (stack_chk_guard); + #else +--- elf/Versions ++++ elf/Versions +@@ -43,6 +43,12 @@ ld { + # runtime interface to TLS + __tls_get_addr; + } ++%ifdef ENABLE_OLD_SSP_COMPAT ++ GLIBC_2.3.2 { ++ # backwards ssp compat support ++ __guard; ++ } ++%endif + GLIBC_2.4 { + # stack canary + __stack_chk_guard; +--- Versions.def ++++ Versions.def +@@ -109,6 +109,9 @@ ld { + GLIBC_2.0 + GLIBC_2.1 + GLIBC_2.3 ++%ifdef ENABLE_OLD_SSP_COMPAT ++ GLIBC_2.3.2 ++%endif + GLIBC_2.4 + GLIBC_PRIVATE + } |