r926 - trunk

archaic at linuxfromscratch.org archaic at linuxfromscratch.org
Sun Jan 16 20:44:09 PST 2005


Author: archaic
Date: 2005-01-16 21:44:09 -0700 (Sun, 16 Jan 2005)
New Revision: 926

Modified:
   trunk/ssp.txt
Log:
Updated ssp.txt

Modified: trunk/ssp.txt
===================================================================
--- trunk/ssp.txt	2005-01-08 07:08:12 UTC (rev 925)
+++ trunk/ssp.txt	2005-01-17 04:44:09 UTC (rev 926)
@@ -1,6 +1,6 @@
 AUTHOR:		Robert Connolly <robert at linuxfromscratch dot org> (ashes)
 
-DATE:		2004-12-06
+DATE:		2005-01-16
 
 LICENSE:	Public Domain
 
@@ -52,9 +52,7 @@
 =======
 
 	Introduction
-	Extras
-		Extra security patches
-		Libsafe
+	Libsafe
 	Installation
 	Testing
 	Feedback
@@ -70,9 +68,11 @@
 -fno-stack-protector to GCC extensions for C and C++; and
 __guard_setup and __stack_smash_handler are defined in libgcc2.c. This code is
 supplied by IBM, I have changed one definition to enable libc functions, and
-added "ssp" to the version string. The gcc2 patch is only needed if you plan to
-use gcc2 to build the kernel, and want stack protection in the kernel.
+added "ssp" to the version string.
 
+There have been reports of problems with SSP and 'gcc -O3' with Python. It
+may or may not cause problems in other packages with -O3.
+
 If any of these links are broken look for a newer version.
 
 *** All of these patches are in:
@@ -84,7 +84,7 @@
 
 http://www.linuxfromscratch.org/patches/downloads/gcc/\
         gcc-3.3-ssp-4.patch
-	gcc-3.4-ssp-2.patch
+	gcc-3.4-ssp-3.patch
         gcc-2.95.3-ssp-4.patch
 
 The Glibc patch will define __guard_setup and __stack_smash_handler in libc.so
@@ -98,29 +98,17 @@
         glibc-2.3.2-ssp-frandom-7.patch
 	glibc-2.3.4-ssp_frandom-6.patch # This works for glibc-2.3.3 too.
 
-This GCC Specs patch adds -fstack-protector-all to GCC's default compiler flags.
-Filters prevent libraries and the kernel from being built with unnessesary
-smash symbols. This patch will build all main executables with stack protection.
-This patch makes using stack protector almost transparent. This gcc2 patch is
-not nessesary for anyone using gcc3 as their main compiler, it is provided for
-legacy.
+Optionally if you would like to build some of Glibc's libraries and utilities
+with -fstack-protector-all then use this patch:
 
-http://www.linuxfromscratch.org/patches/downloads/gcc/\
-	gcc-3.3-sspspecs-4.patch
-	gcc-3.4-sspspecs-3.patch
-	gcc-2.95.3-sspspecs-3.patch
+http://www.linuxfromscratch.org/patches/downloads/glibc/\
+	glibc-2.3.4-fstack_protector-1.patch
 
-The Linux kernel patch adds support to the Linux kernel for smash symbols. It
-can only build with -fstack-protector, not -fstack-protector-all, and is
-therefore excluded from the default specs in the sspspecs patch.
+The sspspecs patch is depreciated. Use the Perl commands below.
 
-http://www.linuxfromscratch.org/patches/downloads/linux/\
-        linux-2.4.27-ssp-1.patch # or
-        linux-2.6.5-ssp-1.patch # This still works on newer 2.6 kernels.
+The Linux kernel patch for SSP is depreciated. The kernel has its own overflow
+detection.
 
-Do not use older versions than these patches, a new define was added. These
-patches should apply to old kernels if you are using an older version.
-
 http://www.linuxfromscratch.org/patches/downloads/linux/\
         linux-2.4.27-frandom-2.patch # or
 	linux-2.6.9-frandom-2.patch
@@ -130,9 +118,6 @@
 this patch.
 	linux-2.6.7-frandom-2.patch
 
-In the entropy.txt hint there is a libarc3library using frandom, which
-has a patch for Mktemp. See entropy.txt for more details.
-
 The XFree86 patch disables stack protection for some modules. This patch
 works for Xorg and XFree86-4.4 too.
 
@@ -143,30 +128,10 @@
 
 http://www.linuxfromscratch.org/patches/downloads/\
         linux-libc-headers/linux-libc-headers-2.6-frandom-2.patch
-ftp://twocents.mooo.com/pub/hlfs-patches/linux-libc-headers-2.6-frandom-2.patch
 
-======
-Extras
-======
-----------------------
-Extra security patches
-----------------------
-This patch fixes a bug in both glibc-2.3.2 and glibc-2.3.3. This bug can be
-reproduced by bind9's testsuite.
-http://www.linuxfromscratch.org/patches/downloads/glibc/\
-	glibc-2.3.3-got-fix-1.diff
-
-This patch adds a sanity check to malloc. Backported from the Owl project.
-(http://www.openwall.com/Owl/)
-
-Note: This patch was integrated in the latest glibc-2.3.4 (cvs) package.
-
-http://www.linuxfromscratch.org/patches/downloads/glibc/\
-	glibc-2.3.3-owl-malloc-unlink-sanity-check-1.patch
-
---------
+=======
 Libsafe
---------
+=======
 Official site:
 http://www.research.avayalabs.com/project/libsafe/src/libsafe-2.0-16.tgz
 
@@ -202,21 +167,35 @@
 ---------
 Chapter 5
 ---------
-Kernel headers
-(See under PREREQUISITES above)
-patch -Np1 -i ../linux-2.4.27-frandom-2.patch
-
  - GCC pass 1
-If the host system has SSP in Glibc already, then you can patch gcc
-here. Otherwise do not. If in doubt, wait until pass two.
+No patches.
+
+- Libc-linux-headers headers
+patch -Np1 -i ../linux-libc-headers-2.6-frandom-2.patch
+
  - Glibc
 patch -Np1 -i ../glibc-2.3.4-ssp_frandom-6.patch # or 2.3.2's patch
 
  - GCC pass 2
-If you use sspspecs patch then a `make bootstrap` is a good idea too.
-patch -Np1 -i ../gcc-3.3-ssp-3.patch
-patch -Np1 -i ../gcc-3.3-sspspecs-4.patch
+patch -Np1 -i ../gcc-3.4-ssp-3.patch &&
+sed -e 's at gcc.gnu.org/bugs.html at bugs.linuxfromscratch.org/@' \
+        -e 's/3.4.3/3.4.3 (ssp)/' -i gcc/version.c
 
+After make install do this. This will add -fstack-protector-all for C and C++:
+
+cat > hardened-specs.sh << "EOF"
+#!/bin/sh
+perl -pi -e 's@\*cc1:\n@$_%(cc1_ssp) @;' \
+        $(gcc --print-file specs) &&
+perl -pi -e 's@\*cc1plus:\n@$_%(cc1_ssp) @;' \
+        $(gcc --print-file specs) &&
+echo '*cc1_ssp:
+%{!fno-stack-protector*: -fstack-protector-all}
+' >> $(gcc --print-file specs)
+EOF
+install hardened-specs.sh /tools/bin &&
+/tools/bin/hardened-specs.sh
+
  - Binutils pass 2
 Just for the testsuite.
 make CFLAGS="-fno-stack-protector" check
@@ -224,24 +203,31 @@
 ---------
 Chapter 6
 ---------
-Make sure the frandom header get installed again.
+- Libc-linux-headers headers
+patch -Np1 -i ../linux-libc-headers-2.6-frandom-2.patch
 
  - Glibc
-patch -Np1 -i ../glibc-2.3.4-ssp_frandom-6.patch
+patch -Np1 -i ../glibc-2.3.4-ssp_frandom-6.patch &&
+patch -Np1 -i ../glibc-2.3.4-fstack_protector-1.patch
 
  - Binutils
 make CFLAGS="-fno-stack-protector" check
 
  - GCC
-patch -Np1 -i ../gcc-3.3-ssp-3.patch
-patch -Np1 -i ../gcc-3.3-sspspecs-4.patch
+patch -Np1 -i ../gcc-3.4-ssp-3.patch &&
+sed -e 's at gcc.gnu.org/bugs.html at bugs.linuxfromscratch.org/@' \
+        -e 's/3.4.3/3.4.3 (ssp)/' -i gcc/version.c
 
+After make install run the script again to put -fstack-protector-all back in
+the specs file:
+
+/tools/bin/hardened-specs.sh
+
  - Grub
 CFLAGS="-fno-stack-protector -O2" ./configure...
 
  - GCC 2.95.3
-If you are only using gcc2 to compile the kernel then don't bother applying
-the sspspecs patch to it.
+If you are still using gcc2:
  
 patch -Np1 -i ../gcc-2.95.3-ssp-4.patch
 
@@ -251,8 +237,7 @@
 Linux kernel
 
 make mrproper &&
-patch -Np1 -i ../linux-2.4.27-ssp-1.patch
-patch -Np1 -i ../linux-2.4.27-frandom-2.patch
+linux-2.6.9-frandom-2.patch
 
 make menuconfig
 
@@ -267,40 +252,35 @@
 http://pax.grsecurity.net/paxtest-0.9.5.tar.gz
 There are also tests in the libsafe source.
 
-This will test -fstack-protector-all
+This will test -fstack-protector-all and will display the __guard value.
 
-cat > fail.c << "EOF"
+cat > test.c << "EOF"
 #include <stdio.h>
 #include <unistd.h>
-
-int foo(char *blah) {
-  char buffer[7];
-  sprintf(buffer, "12345678901234567890123456789012345678901234567890");
-  return(1234);
+extern long __guard[];
+int overflow(char *test) {
+        char buffer[7];
+        sprintf(buffer, "12345678901234567890123456789012345678901234567890");
+        return(1234);
 }
-
 int main(int argc, char **argv) {
-  printf("before foo()\n");
-  foo("blah");
-  printf("after foo()\n");
+        printf("__guard\t=\t0x%08x;\n", __guard[0]);
+        overflow("test");
+        printf("This line should never get printed.\n");
 }
 EOF
 
-gcc -fstack-protector-all -o fail fail.c &&
-./fail
+gcc -o fail fail.c &&
+./fail &&
+g++ -o fail++ fail.c &&
+./fail++
 
-This will display the __guard value. It should change each runtime. This will
-test erandom/urandom/gettimeofday is working. Test urandom by booting a
-vanilla kernel, test gettimeofday by removing /dev/urandom with a vanilla
-kernel, or compile this statically linked and `chroot . ./guard-test`.
+This should display abort signals for each. The __guard value should change
+for each runtime. The system syslog daemon should also log each of these.
 
-cat > guard-test.c << "EOF"
-extern unsigned long __guard[];
-int main () {
-        printf("__guard\t=\t0x%08x;\n", __guard[0]);
-        return 0;
-}
-EOF
+Should a program on your system ever have a stack overflow you should get
+similiar messages in your logs and perhaps in the console controling the
+program.
 
 ACKNOWLEDGMENTS:
 
@@ -420,3 +400,10 @@
 * XFree86 patch works with Xorg too.
 * -O3 optimizations are fine.
 * Added -O2 to Grub's CFLAGS.
+[2005-01-16]
+* Updated for LFS-6.0.
+* Removed sspspecs patches, replaced with Perl command/script.
+* Removed obsolete kernel patch.
+* Added sed command for version.c.
+* Added fstack_protector patch to Glibc in chapter 6.
+* Add note for -O3 and Python.




More information about the hints mailing list