@@ -48,9 +48,21 @@ routines = backtrace backtracesyms backtracesymsfd noophooks \
vdprintf_chk obprintf_chk \
longjmp_chk ____longjmp_chk \
fdelt_chk poll_chk ppoll_chk \
- stack_chk_fail fortify_fail \
+ stack_chk_fail fortify_fail libc-stack_chk_fail_local \
$(static-only-routines)
+
+# stack_chk_fail_local must be non-PIC, thus static-only, but we also
+# want an identical thunk hidden in libc.so to avoid going via the PLT.
+
static-only-routines := warning-nop stack_chk_fail_local
+shared-only-routines += libc-stack_chk_fail_local
+
+# Building the stack-protector failure routines with stack protection
+# makes no sense.
+
+CFLAGS-stack_chk_fail.c = $(no-stack-protector)
+CFLAGS-stack_chk_fail_local.c = $(no-stack-protector)
+CFLAGS-libc-stack_chk_fail_local.c = $(no-stack-protector)
CFLAGS-backtrace.c = -fno-omit-frame-pointer
CFLAGS-sprintf_chk.c = $(libio-mtsafe)
new file mode 100644
@@ -0,0 +1,3 @@
+/* This goes into the shared libc. */
+
+#include <stack_chk_fail_local.c>
From: Nick Alcock <nick.alcock@oracle.com> This is required by the next commit, which routes all __stack_chk_fail() calls in libc.so via this function to avoid the PLT. It has be duplicated in libc.so and libc_nonshared.a because its entire reason for existence is to be hidden and avoid the PLT, so the copy in libc.so is not visible from elsewhere. Also stop all the variants of __stack_chk_fail from being stack- protected: this makes no sense and risks recursion. v5: Better explanation. Add no-stack-protection of __stack_chk_fail_local etc. v6: Rework as suggested by Andreas: make a shared-only version of stack_chk_fail_local.c rather than linking libc_nonshared into libc. * debug/libc-stack_chk_fail_local.c: New file. * debug/Makefile (routines): Add it. (shared-only-routines): Likewise. (CFLAGS-stack_chk_fail.c): Use $(no-stack-protector). (CFLAGS-stack_chk_fail_local.c): Likewise. (CFLAGS-libc-stack_chk_fail_local.c): Likewise. --- debug/Makefile | 14 +++++++++++++- debug/libc-stack_chk_fail_local.c | 3 +++ 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 debug/libc-stack_chk_fail_local.c