|
Revision tags: v6.15, v6.15-rc7, v6.15-rc6, v6.15-rc5, v6.15-rc4, v6.15-rc3, v6.15-rc2, v6.15-rc1, v6.14, v6.14-rc7, v6.14-rc6, v6.14-rc5, v6.14-rc4, v6.14-rc3, v6.14-rc2, v6.14-rc1 |
|
| #
0de64754 |
| 23-Jan-2025 |
Thomas Weißschuh <[email protected]> |
tools/nolibc: add prototypes for non-static functions
With -Wmissing-prototypes the compiler will warn about non-static
functions which don't have a prototype defined.
This warning doesn't make much
tools/nolibc: add prototypes for non-static functions
With -Wmissing-prototypes the compiler will warn about non-static
functions which don't have a prototype defined.
This warning doesn't make much sense for nolibc itself but for user code
it is still useful.
To pacify the compiler add prototypes next to the function definitions,
similar to how it is handled elsewhere in the kernel.
Acked-by: Willy Tarreau <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Thomas Weißschuh <[email protected]>
show more ...
|
|
Revision tags: v6.13, v6.13-rc7, v6.13-rc6, v6.13-rc5, v6.13-rc4, v6.13-rc3, v6.13-rc2, v6.13-rc1, v6.12, v6.12-rc7, v6.12-rc6, v6.12-rc5, v6.12-rc4, v6.12-rc3, v6.12-rc2, v6.12-rc1, v6.11, v6.11-rc7, v6.11-rc6, v6.11-rc5, v6.11-rc4 |
|
| #
ff7b9abb |
| 12-Aug-2024 |
Thomas Weißschuh <[email protected]> |
tools/nolibc: stackprotector: mark implicitly used symbols as used
During LTO the references from the compiler-generated prologue and
epilogues to the stack protector symbols are not visible and the
tools/nolibc: stackprotector: mark implicitly used symbols as used
During LTO the references from the compiler-generated prologue and
epilogues to the stack protector symbols are not visible and the symbols
are removed.
This will then lead to errors during linking.
As those symbols are already #ifdeffed-out if unused mark them as "used"
to prevent their removal.
Acked-by: Willy Tarreau <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Thomas Weißschuh <[email protected]>
show more ...
|
|
Revision tags: v6.11-rc3, v6.11-rc2, v6.11-rc1, v6.10, v6.10-rc7, v6.10-rc6, v6.10-rc5, v6.10-rc4, v6.10-rc3, v6.10-rc2, v6.10-rc1, v6.9, v6.9-rc7, v6.9-rc6, v6.9-rc5, v6.9-rc4, v6.9-rc3, v6.9-rc2, v6.9-rc1, v6.8, v6.8-rc7, v6.8-rc6, v6.8-rc5, v6.8-rc4, v6.8-rc3, v6.8-rc2, v6.8-rc1, v6.7, v6.7-rc8, v6.7-rc7, v6.7-rc6, v6.7-rc5, v6.7-rc4, v6.7-rc3, v6.7-rc2, v6.7-rc1, v6.6, v6.6-rc7, v6.6-rc6, v6.6-rc5, v6.6-rc4, v6.6-rc3, v6.6-rc2, v6.6-rc1, v6.5, v6.5-rc7, v6.5-rc6, v6.5-rc5 |
|
| #
dcb677c3 |
| 05-Aug-2023 |
Zhangjin Wu <[email protected]> |
tools/nolibc: stackprotector.h: make __stack_chk_init static
This allows to generate smaller text/data/dec size.
As the _start_c() function added by crt.h, __stack_chk_init() is called
from _start_
tools/nolibc: stackprotector.h: make __stack_chk_init static
This allows to generate smaller text/data/dec size.
As the _start_c() function added by crt.h, __stack_chk_init() is called
from _start_c() instead of the assembly _start. So, it is able to mark
it with static now.
Reviewed-by: Thomas Weißschuh <[email protected]>
Signed-off-by: Zhangjin Wu <[email protected]>
Signed-off-by: Willy Tarreau <[email protected]>
show more ...
|
|
Revision tags: v6.5-rc4, v6.5-rc3, v6.5-rc2 |
|
| #
d7f16723 |
| 15-Jul-2023 |
Zhangjin Wu <[email protected]> |
tools/nolibc: stackprotector.h: add empty __stack_chk_init for !_NOLIBC_STACKPROTECTOR
Let's define an empty __stack_chk_init for the !_NOLIBC_STACKPROTECTOR
branch.
This allows to remove #ifdef ar
tools/nolibc: stackprotector.h: add empty __stack_chk_init for !_NOLIBC_STACKPROTECTOR
Let's define an empty __stack_chk_init for the !_NOLIBC_STACKPROTECTOR
branch.
This allows to remove #ifdef around every call of __stack_chk_init().
Signed-off-by: Zhangjin Wu <[email protected]>
Signed-off-by: Willy Tarreau <[email protected]>
show more ...
|
|
Revision tags: v6.5-rc1, v6.4, v6.4-rc7, v6.4-rc6, v6.4-rc5, v6.4-rc4 |
|
| #
e76b70de |
| 24-May-2023 |
Thomas Weißschuh <[email protected]> |
tools/nolibc: fix segfaults on compilers without attribute no_stack_protector
Not all compilers, notably GCC < 10, have support for
__attribute__((no_stack_protector)).
Fall back to a mechanism that
tools/nolibc: fix segfaults on compilers without attribute no_stack_protector
Not all compilers, notably GCC < 10, have support for
__attribute__((no_stack_protector)).
Fall back to a mechanism that also works there.
Tested with GCC 9.5.0 from kernel.org crosstools.
Signed-off-by: Thomas Weißschuh <[email protected]>
Signed-off-by: Willy Tarreau <[email protected]>
Signed-off-by: Paul E. McKenney <[email protected]>
show more ...
|
|
Revision tags: v6.4-rc3 |
|
| #
818924d1 |
| 21-May-2023 |
Thomas Weißschuh <[email protected]> |
tools/nolibc: add autodetection for stackprotector support
The stackprotector support in nolibc should be enabled iff it is also
enabled in the compiler.
Use the preprocessor defines added by gcc an
tools/nolibc: add autodetection for stackprotector support
The stackprotector support in nolibc should be enabled iff it is also
enabled in the compiler.
Use the preprocessor defines added by gcc and clang if stackprotector
support is enable to automatically do so in nolibc.
This completely removes the need for any user-visible API.
To avoid inlining the lengthy preprocessor check into every user
introduce a new header compiler.h that abstracts the logic away.
As the define NOLIBC_STACKPROTECTOR is now not user-relevant anymore
prefix it with an underscore.
Suggested-by: Willy Tarreau <[email protected]>
Link: https://lore.kernel.org/lkml/[email protected]/
Signed-off-by: Thomas Weißschuh <[email protected]>
Signed-off-by: Willy Tarreau <[email protected]>
Signed-off-by: Paul E. McKenney <[email protected]>
show more ...
|
| #
88fc7eb5 |
| 21-May-2023 |
Thomas Weißschuh <[email protected]> |
tools/nolibc: ensure stack protector guard is never zero
The all-zero pattern is one of the more probable out-of-bound writes so
add a special case to not accidentally accept it.
Also it enables th
tools/nolibc: ensure stack protector guard is never zero
The all-zero pattern is one of the more probable out-of-bound writes so
add a special case to not accidentally accept it.
Also it enables the reliable detection of stack protector initialization
during testing.
Signed-off-by: Thomas Weißschuh <[email protected]>
Signed-off-by: Willy Tarreau <[email protected]>
Signed-off-by: Paul E. McKenney <[email protected]>
show more ...
|
|
Revision tags: v6.4-rc2, v6.4-rc1, v6.3, v6.3-rc7, v6.3-rc6 |
|
| #
fddc8f81 |
| 06-Apr-2023 |
Thomas Weißschuh <[email protected]> |
tools/nolibc: use C89 comment syntax
Most of nolibc is already using C89 comments.
Signed-off-by: Thomas Weißschuh <[email protected]>
Signed-off-by: Willy Tarreau <[email protected]>
Signed-off-by: Paul
tools/nolibc: use C89 comment syntax
Most of nolibc is already using C89 comments.
Signed-off-by: Thomas Weißschuh <[email protected]>
Signed-off-by: Willy Tarreau <[email protected]>
Signed-off-by: Paul E. McKenney <[email protected]>
show more ...
|
|
Revision tags: v6.3-rc5, v6.3-rc4 |
|
| #
7188d463 |
| 25-Mar-2023 |
Thomas Weißschuh <[email protected]> |
tools/nolibc: add support for stack protector
This is useful when using nolibc for security-critical tools.
Using nolibc has the advantage that the code is easily auditable and
sandboxable with secc
tools/nolibc: add support for stack protector
This is useful when using nolibc for security-critical tools.
Using nolibc has the advantage that the code is easily auditable and
sandboxable with seccomp as no unexpected syscalls are used.
Using compiler-assistent stack protection provides another security
mechanism.
For this to work the compiler and libc have to collaborate.
This patch adds the following parts to nolibc that are required by the
compiler:
* __stack_chk_guard: random sentinel value
* __stack_chk_fail: handler for detected stack smashes
In addition an initialization function is added that randomizes the
sentinel value.
Only support for global guards is implemented.
Register guards are useful in multi-threaded context which nolibc does
not provide support for.
Link: https://lwn.net/Articles/584225/
Signed-off-by: Thomas Weißschuh <[email protected]>
Signed-off-by: Willy Tarreau <[email protected]>
Signed-off-by: Paul E. McKenney <[email protected]>
show more ...
|