From patchwork Tue Jun 20 18:18:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Frederic Berat X-Patchwork-Id: 1797502 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=Oa4jy2yj; dkim-atps=neutral Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Qlw085LcHz20XZ for ; Wed, 21 Jun 2023 04:19:52 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id D4D16385841B for ; Tue, 20 Jun 2023 18:19:49 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org D4D16385841B DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1687285189; bh=NhFPA+24vw9BkNS3vAGwSGFDNNUKnd1GR49eKB5qvWw=; h=To:Cc:Subject:Date:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=Oa4jy2yjaSRwoC9qJHGZjeOtop+EZ8IXJ3jHroLcSeRxeB0vPJkWzhtb4WQmb0jZH HLcRUqQc07MYmJUWyjpnsNqsxfbzEdNcs+alpqrVvqfhV/7QlmatSHcedNmXASXAMA QrVqzQ/KpF6TeEiCnxzthIf+C8m8NMAYRL203K4Q= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 7427A3858D28 for ; Tue, 20 Jun 2023 18:19:32 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7427A3858D28 Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-379-dD3BYUnmMP-FVi_-M-yRhA-1; Tue, 20 Jun 2023 14:19:27 -0400 X-MC-Unique: dD3BYUnmMP-FVi_-M-yRhA-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 321BD90A90C; Tue, 20 Jun 2023 18:19:26 +0000 (UTC) Received: from Nymeria-redhat.redhat.com (unknown [10.39.193.72]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E25AC112132C; Tue, 20 Jun 2023 18:19:24 +0000 (UTC) To: libc-alpha@sourceware.org Cc: siddhesh@gotplt.org, fberat@redhat.com Subject: [PATCH 00/21] Allow glibc to be built with _FORTIFY_SOURCE Date: Tue, 20 Jun 2023 20:18:48 +0200 Message-ID: <20230620181910.1506893-1-fberat@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-6.2 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: =?utf-8?q?Fr=C3=A9d=C3=A9ric_B=C3=A9rat_via_Libc-alpha?= From: Frederic Berat Reply-To: =?utf-8?b?RnLDqWTDqXJpYyBCw6lyYXQ=?= Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org Sender: "Libc-alpha" Hello, This patch series introduces a new "--enable-fortify-source" option to glibc build. This option may either be set to a value between 1 and 3, or left empty to let configure select the highest value available for the build system. The first patch adds the new configure option, the second excludes the routines that can't be built with the option enabled. The next patches are fixing test and compilation errors that arose with fortification enabled. I couldn't test the patch series in all configuration possible on all arches possible but I ran the following: - build-many-glibcs was executed on x86_64, for all arches/variants. This was mainly done to ensure that installed headers were not broken (as some patches are modifying system headers) - The new "enable-fortify-source" variant for BMG got executed on x86_64 - make check and benchtests were executed on x86_64, i686, ppc64le, aarch64, s390x, with and without fortification enabled. Fred. --- Frédéric Bérat (21): Add --enable-fortify-source option Configure: regenerate for autoconf 2.71 Exclude routines from fortification sysdeps/{i386,x86_64}/mempcpy_chk.S: fix linknamespace for __mempcpy_chk stdio-common: tests: Incorrect maxlen parameter for swprintf sysdeps: Ensure ieee128*_chk routines to be properly named string: Ensure *_chk routines have their hidden builtin definition available stdio: Ensure *_chk routines have their hidden builtin definition available asprintf_chk: Ensure compatibility for both s390x and ppc64le misc/sys/cdefs.h: Create FORTIFY redirects for internal calls wcsmbs/bits/wchar2{,-decl}.h: Clearly separate declaration from definitions wcsmbs/bits/wchar2{,-decl}.h: Avoid PLT entries with _FORTIFY_SOURCE posix/bits/unistd.h: Clearly separate declaration from definitions posix/bits/unistd{,-decl}.h: Avoid PLT entries with _FORTIFY_SOURCE debug/readlink{,at}_chk.c: Harmonize declaration and definition misc/bits/select2.h: Clearly separate declaration from definitions misc/bits/syslog.h: Clearly separate declaration from definition rt/tst-mqueue4.c: Fix wrong number of argument for mq_open sysdeps/ieee754/ldbl-128ibm-compat: Fix warn unused result sysdeps/powerpc/fpu/tst-setcontext-fpscr.c: Fix warn unused result benchtests: fix warn unused result Makeconfig | 33 +- aclocal.m4 | 2 +- benchtests/bench-strcoll.c | 6 +- config.make.in | 3 +- configure | 4208 +++++++++++------ configure.ac | 70 +- debug/Makefile | 12 +- debug/asprintf_chk.c | 16 +- debug/fdelt_chk.c | 2 + debug/fgets_u_chk.c | 1 + debug/fprintf_chk.c | 1 + debug/getdomainname_chk.c | 1 + debug/memcpy_chk.c | 1 + debug/memmove_chk.c | 1 + debug/mempcpy_chk.c | 1 + debug/memset_chk.c | 1 + debug/read_chk.c | 1 + debug/readlink_chk.c | 3 +- debug/readlinkat_chk.c | 3 +- debug/sprintf_chk.c | 1 + debug/stpcpy_chk.c | 1 + debug/wcrtomb_chk.c | 1 + debug/wmemset_chk.c | 1 + elf/rtld-Rules | 2 +- include/bits/select-decl.h | 1 + include/bits/syslog-decl.h | 1 + include/bits/unistd-decl.h | 1 + include/stdio.h | 13 +- include/string.h | 7 + include/sys/cdefs.h | 14 + include/sys/select.h | 4 + include/sys/syslog.h | 4 + include/unistd.h | 5 + include/wchar.h | 16 + io/Makefile | 16 + libio/Makefile | 21 +- login/Makefile | 6 + login/getlogin_r_chk.c | 1 + misc/Makefile | 9 + misc/bits/select-decl.h | 31 + misc/bits/select2.h | 6 +- misc/bits/syslog-decl.h | 35 + misc/bits/syslog.h | 10 +- misc/sys/cdefs.h | 8 + misc/syslog.c | 4 +- posix/Makefile | 12 + posix/bits/unistd-decl.h | 198 + posix/bits/unistd.h | 154 +- rt/Makefile | 5 + rt/tst-mqueue4.c | 4 +- setjmp/Makefile | 5 + socket/Makefile | 6 + stdio-common/Makefile | 15 +- stdio-common/tst-printf-bz25691.c | 8 +- stdio-common/tst-vfprintf-mbs-prec.c | 15 +- stdlib/Makefile | 7 + string/Makefile | 17 + sysdeps/generic/libc-symver.h | 2 +- sysdeps/i386/i586/memcpy.S | 1 + sysdeps/i386/i586/memset.S | 1 + sysdeps/i386/i686/memcpy.S | 1 + sysdeps/i386/i686/memmove.S | 1 + sysdeps/i386/i686/mempcpy.S | 1 + sysdeps/i386/i686/memset.S | 1 + sysdeps/i386/i686/multiarch/memcpy_chk.c | 4 + sysdeps/i386/i686/multiarch/memmove_chk.c | 4 + sysdeps/i386/i686/multiarch/mempcpy_chk.c | 4 + sysdeps/i386/i686/multiarch/memset_chk.c | 5 +- sysdeps/i386/memcpy_chk.S | 1 + sysdeps/i386/memmove_chk.S | 1 + sysdeps/i386/mempcpy_chk.S | 3 +- sysdeps/i386/memset_chk.S | 1 + sysdeps/ieee754/ldbl-128ibm-compat/Makefile | 81 +- .../ldbl-128ibm-compat/ieee128-asprintf_chk.c | 5 +- .../ldbl-128ibm-compat/ieee128-dprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-fprintf_chk.c | 5 +- .../ldbl-128ibm-compat/ieee128-fwprintf_chk.c | 5 +- .../ldbl-128ibm-compat/ieee128-printf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-snprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-sprintf_chk.c | 5 +- .../ldbl-128ibm-compat/ieee128-swprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-syslog.c | 9 +- .../ieee128-vasprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vdprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vfprintf_chk.c | 4 +- .../ieee128-vfwprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vprintf_chk.c | 4 +- .../ieee128-vsnprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vsprintf_chk.c | 5 +- .../ieee128-vswprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-vwprintf_chk.c | 4 +- .../ldbl-128ibm-compat/ieee128-wprintf_chk.c | 4 +- .../test-printf-ldbl-compat.c | 10 +- .../test-scanf-ldbl-compat-template.c | 21 +- sysdeps/ieee754/ldbl-opt/Makefile | 29 + sysdeps/powerpc/fpu/tst-setcontext-fpscr.c | 4 +- sysdeps/pthread/Makefile | 4 + sysdeps/unix/sysv/linux/Makefile | 3 + .../sysv/linux/s390/tst-ptrace-singleblock.c | 3 +- sysdeps/x86_64/memcpy_chk.S | 1 + sysdeps/x86_64/memmove_chk.S | 1 + sysdeps/x86_64/mempcpy_chk.S | 3 +- sysdeps/x86_64/memset_chk.S | 1 + sysdeps/x86_64/multiarch/memcpy_chk.c | 4 + sysdeps/x86_64/multiarch/memmove_chk.c | 4 + sysdeps/x86_64/multiarch/mempcpy_chk.c | 4 + sysdeps/x86_64/multiarch/memset_chk.c | 4 + sysdeps/x86_64/multiarch/wmemset_chk.c | 4 + wcsmbs/Makefile | 23 +- wcsmbs/bits/wchar2-decl.h | 172 + wcsmbs/bits/wchar2.h | 192 - 111 files changed, 3765 insertions(+), 1951 deletions(-) create mode 100644 include/bits/select-decl.h create mode 100644 include/bits/syslog-decl.h create mode 100644 include/bits/unistd-decl.h create mode 100644 misc/bits/select-decl.h create mode 100644 misc/bits/syslog-decl.h create mode 100644 posix/bits/unistd-decl.h