r926 - trunk

archaic at linuxfromscratch.org archaic at linuxfromscratch.org
Sun Jan 16 20:44:09 PST 2005

Author: archaic
Date: 2005-01-16 21:44:09 -0700 (Sun, 16 Jan 2005)
New Revision: 926

Updated ssp.txt

Modified: trunk/ssp.txt
--- trunk/ssp.txt	2005-01-08 07:08:12 UTC (rev 925)
+++ trunk/ssp.txt	2005-01-17 04:44:09 UTC (rev 926)
@@ -1,6 +1,6 @@
 AUTHOR:		Robert Connolly <robert at linuxfromscratch dot org> (ashes)
-DATE:		2004-12-06
+DATE:		2005-01-16
 LICENSE:	Public Domain
@@ -52,9 +52,7 @@
-	Extras
-		Extra security patches
-		Libsafe
+	Libsafe
@@ -70,9 +68,11 @@
 -fno-stack-protector to GCC extensions for C and C++; and
 __guard_setup and __stack_smash_handler are defined in libgcc2.c. This code is
 supplied by IBM, I have changed one definition to enable libc functions, and
-added "ssp" to the version string. The gcc2 patch is only needed if you plan to
-use gcc2 to build the kernel, and want stack protection in the kernel.
+added "ssp" to the version string.
+There have been reports of problems with SSP and 'gcc -O3' with Python. It
+may or may not cause problems in other packages with -O3.
 If any of these links are broken look for a newer version.
 *** All of these patches are in:
@@ -84,7 +84,7 @@
-	gcc-3.4-ssp-2.patch
+	gcc-3.4-ssp-3.patch
 The Glibc patch will define __guard_setup and __stack_smash_handler in libc.so
@@ -98,29 +98,17 @@
 	glibc-2.3.4-ssp_frandom-6.patch # This works for glibc-2.3.3 too.
-This GCC Specs patch adds -fstack-protector-all to GCC's default compiler flags.
-Filters prevent libraries and the kernel from being built with unnessesary
-smash symbols. This patch will build all main executables with stack protection.
-This patch makes using stack protector almost transparent. This gcc2 patch is
-not nessesary for anyone using gcc3 as their main compiler, it is provided for
+Optionally if you would like to build some of Glibc's libraries and utilities
+with -fstack-protector-all then use this patch:
-	gcc-3.3-sspspecs-4.patch
-	gcc-3.4-sspspecs-3.patch
-	gcc-2.95.3-sspspecs-3.patch
+	glibc-2.3.4-fstack_protector-1.patch
-The Linux kernel patch adds support to the Linux kernel for smash symbols. It
-can only build with -fstack-protector, not -fstack-protector-all, and is
-therefore excluded from the default specs in the sspspecs patch.
+The sspspecs patch is depreciated. Use the Perl commands below.
-        linux-2.4.27-ssp-1.patch # or
-        linux-2.6.5-ssp-1.patch # This still works on newer 2.6 kernels.
+The Linux kernel patch for SSP is depreciated. The kernel has its own overflow
-Do not use older versions than these patches, a new define was added. These
-patches should apply to old kernels if you are using an older version.
         linux-2.4.27-frandom-2.patch # or
@@ -130,9 +118,6 @@
 this patch.
-In the entropy.txt hint there is a libarc3library using frandom, which
-has a patch for Mktemp. See entropy.txt for more details.
 The XFree86 patch disables stack protection for some modules. This patch
 works for Xorg and XFree86-4.4 too.
@@ -143,30 +128,10 @@
-Extra security patches
-This patch fixes a bug in both glibc-2.3.2 and glibc-2.3.3. This bug can be
-reproduced by bind9's testsuite.
-	glibc-2.3.3-got-fix-1.diff
-This patch adds a sanity check to malloc. Backported from the Owl project.
-Note: This patch was integrated in the latest glibc-2.3.4 (cvs) package.
-	glibc-2.3.3-owl-malloc-unlink-sanity-check-1.patch
 Official site:
@@ -202,21 +167,35 @@
 Chapter 5
-Kernel headers
-(See under PREREQUISITES above)
-patch -Np1 -i ../linux-2.4.27-frandom-2.patch
  - GCC pass 1
-If the host system has SSP in Glibc already, then you can patch gcc
-here. Otherwise do not. If in doubt, wait until pass two.
+No patches.
+- Libc-linux-headers headers
+patch -Np1 -i ../linux-libc-headers-2.6-frandom-2.patch
  - Glibc
 patch -Np1 -i ../glibc-2.3.4-ssp_frandom-6.patch # or 2.3.2's patch
  - GCC pass 2
-If you use sspspecs patch then a `make bootstrap` is a good idea too.
-patch -Np1 -i ../gcc-3.3-ssp-3.patch
-patch -Np1 -i ../gcc-3.3-sspspecs-4.patch
+patch -Np1 -i ../gcc-3.4-ssp-3.patch &&
+sed -e 's at gcc.gnu.org/bugs.html at bugs.linuxfromscratch.org/@' \
+        -e 's/3.4.3/3.4.3 (ssp)/' -i gcc/version.c
+After make install do this. This will add -fstack-protector-all for C and C++:
+cat > hardened-specs.sh << "EOF"
+perl -pi -e 's@\*cc1:\n@$_%(cc1_ssp) @;' \
+        $(gcc --print-file specs) &&
+perl -pi -e 's@\*cc1plus:\n@$_%(cc1_ssp) @;' \
+        $(gcc --print-file specs) &&
+echo '*cc1_ssp:
+%{!fno-stack-protector*: -fstack-protector-all}
+' >> $(gcc --print-file specs)
+install hardened-specs.sh /tools/bin &&
  - Binutils pass 2
 Just for the testsuite.
 make CFLAGS="-fno-stack-protector" check
@@ -224,24 +203,31 @@
 Chapter 6
-Make sure the frandom header get installed again.
+- Libc-linux-headers headers
+patch -Np1 -i ../linux-libc-headers-2.6-frandom-2.patch
  - Glibc
-patch -Np1 -i ../glibc-2.3.4-ssp_frandom-6.patch
+patch -Np1 -i ../glibc-2.3.4-ssp_frandom-6.patch &&
+patch -Np1 -i ../glibc-2.3.4-fstack_protector-1.patch
  - Binutils
 make CFLAGS="-fno-stack-protector" check
  - GCC
-patch -Np1 -i ../gcc-3.3-ssp-3.patch
-patch -Np1 -i ../gcc-3.3-sspspecs-4.patch
+patch -Np1 -i ../gcc-3.4-ssp-3.patch &&
+sed -e 's at gcc.gnu.org/bugs.html at bugs.linuxfromscratch.org/@' \
+        -e 's/3.4.3/3.4.3 (ssp)/' -i gcc/version.c
+After make install run the script again to put -fstack-protector-all back in
+the specs file:
  - Grub
 CFLAGS="-fno-stack-protector -O2" ./configure...
  - GCC 2.95.3
-If you are only using gcc2 to compile the kernel then don't bother applying
-the sspspecs patch to it.
+If you are still using gcc2:
 patch -Np1 -i ../gcc-2.95.3-ssp-4.patch
@@ -251,8 +237,7 @@
 Linux kernel
 make mrproper &&
-patch -Np1 -i ../linux-2.4.27-ssp-1.patch
-patch -Np1 -i ../linux-2.4.27-frandom-2.patch
 make menuconfig
@@ -267,40 +252,35 @@
 There are also tests in the libsafe source.
-This will test -fstack-protector-all
+This will test -fstack-protector-all and will display the __guard value.
-cat > fail.c << "EOF"
+cat > test.c << "EOF"
 #include <stdio.h>
 #include <unistd.h>
-int foo(char *blah) {
-  char buffer[7];
-  sprintf(buffer, "12345678901234567890123456789012345678901234567890");
-  return(1234);
+extern long __guard[];
+int overflow(char *test) {
+        char buffer[7];
+        sprintf(buffer, "12345678901234567890123456789012345678901234567890");
+        return(1234);
 int main(int argc, char **argv) {
-  printf("before foo()\n");
-  foo("blah");
-  printf("after foo()\n");
+        printf("__guard\t=\t0x%08x;\n", __guard[0]);
+        overflow("test");
+        printf("This line should never get printed.\n");
-gcc -fstack-protector-all -o fail fail.c &&
+gcc -o fail fail.c &&
+./fail &&
+g++ -o fail++ fail.c &&
-This will display the __guard value. It should change each runtime. This will
-test erandom/urandom/gettimeofday is working. Test urandom by booting a
-vanilla kernel, test gettimeofday by removing /dev/urandom with a vanilla
-kernel, or compile this statically linked and `chroot . ./guard-test`.
+This should display abort signals for each. The __guard value should change
+for each runtime. The system syslog daemon should also log each of these.
-cat > guard-test.c << "EOF"
-extern unsigned long __guard[];
-int main () {
-        printf("__guard\t=\t0x%08x;\n", __guard[0]);
-        return 0;
+Should a program on your system ever have a stack overflow you should get
+similiar messages in your logs and perhaps in the console controling the
@@ -420,3 +400,10 @@
 * XFree86 patch works with Xorg too.
 * -O3 optimizations are fine.
 * Added -O2 to Grub's CFLAGS.
+* Updated for LFS-6.0.
+* Removed sspspecs patches, replaced with Perl command/script.
+* Removed obsolete kernel patch.
+* Added sed command for version.c.
+* Added fstack_protector patch to Glibc in chapter 6.
+* Add note for -O3 and Python.

More information about the hints mailing list