pygos/build
1
0
Fork 0
mirror of https://github.com/pygos/build.git synced 2024-11-22 02:59:47 +01:00
Code Issues Releases Wiki Activity

Replace gcc libssp with built musl builtins

Browse source 
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
This commit is contained in:
David Oberhollenzer 2018-10-20 12:52:06 +02:00
parent 8a7f8ea357
commit d6030cd898
6 changed files with 27 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
pkg/musl/__stack_chk_fail_local.c Normal file
View file

@ -0,0 +1,2 @@
extern void __stack_chk_fail(void);
void __attribute__((visibility ("hidden"))) __stack_chk_fail_local(void) { __stack_chk_fail(); }

7
pkg/musl/build
View file

@ -16,6 +16,9 @@ build() {
if [ "x$TC_HARDENING" = "xyes" ]; then if [ "x$TC_HARDENING" = "xyes" ]; then
cflags="-fPIE -fPIC -fstack-protector-all" cflags="-fPIE -fPIC -fstack-protector-all"
ldflags="-z noexecstack -z relro -z now" ldflags="-z noexecstack -z relro -z now"
${TARGET}-gcc -c "$SCRIPTDIR/pkg/$PKGNAME/__stack_chk_fail_local.c" -o __stack_chk_fail_local.o
${TARGET}-ar r libssp_nonshared.a __stack_chk_fail_local.o
fi fi
CFLAGS="$cflags" LDFLAGS="$ldflags" \ CFLAGS="$cflags" LDFLAGS="$ldflags" \
@ -57,6 +60,10 @@ deploy() {
find "$DEPLOY/etc" -exec stat {} --printf="%n m %a 0 0\\n" \; | \ find "$DEPLOY/etc" -exec stat {} --printf="%n m %a 0 0\\n" \; | \
sed "s#^$DEPLOY/##g" | tail -n +2 >> "$DEPLOY/rootfs_files.txt" sed "s#^$DEPLOY/##g" | tail -n +2 >> "$DEPLOY/rootfs_files.txt"
if [ "x$TC_HARDENING" = "xyes" ]; then
cp libssp_nonshared.a "$DEPLOY/lib"
fi
} }
check_update() { check_update() {

4
pkg/tc-binutils/build
View file

@ -12,10 +12,6 @@ prepare() {
build() { build() {
local extra="" local extra=""
if [ "x$TC_HARDENING" = "xyes" ]; then
extra="--enable-libssp"
fi
$1/configure --prefix="$TCDIR" --target="$TARGET" --disable-nls \ $1/configure --prefix="$TCDIR" --target="$TARGET" --disable-nls \
--with-sysroot="$TCDIR/$TARGET" --disable-multilib \ --with-sysroot="$TCDIR/$TARGET" --disable-multilib \
--with-lib-path="$TCDIR/$TARGET/lib" $extra --with-lib-path="$TCDIR/$TARGET/lib" $extra

14
pkg/tc-gcc1/0003.patch Normal file
View file

@ -0,0 +1,14 @@
diff --git a/gcc/gcc.c b/gcc/gcc.c
index a716f70..aca73c2 100644
--- a/gcc/gcc.c
+++ b/gcc/gcc.c
@@ -869,8 +869,7 @@ proper position among the other output files. */
#ifndef LINK_SSP_SPEC
#ifdef TARGET_LIBC_PROVIDES_SSP
-#define LINK_SSP_SPEC "%{fstack-protector|fstack-protector-all" \
- "|fstack-protector-strong|fstack-protector-explicit:}"
+#define LINK_SSP_SPEC "-lssp_nonshared"
#else
#define LINK_SSP_SPEC "%{fstack-protector|fstack-protector-all" \
"|fstack-protector-strong|fstack-protector-explicit" \

6
pkg/tc-gcc1/build
View file

@ -37,13 +37,11 @@ prepare() {
} }
build() { build() {
local extra="" local extra="--disable-libssp"
if [ "x$TC_HARDENING" = "xyes" ]; then if [ "x$TC_HARDENING" = "xyes" ]; then
extra="--enable-libssp --enable-default-pie" extra="$extra --enable-default-pie"
extra="$extra --enable-default-ssp" extra="$extra --enable-default-ssp"
else
extra="--disable-libssp"
fi fi
$1/configure --prefix="$TCDIR" --target="$TARGET" \ $1/configure --prefix="$TCDIR" --target="$TARGET" \

14
pkg/tc-gcc2/build
View file

@ -3,13 +3,11 @@ source "$SCRIPTDIR/pkg/tc-gcc1/build"
DEPENDS="tc-gcc1 musl linux_headers" DEPENDS="tc-gcc1 musl linux_headers"
build() { build() {
local extra="" local extra="--disable-libssp"
if [ "x$TC_HARDENING" = "xyes" ]; then if [ "x$TC_HARDENING" = "xyes" ]; then
extra="--enable-libssp --enable-default-pie" extra="$extra --enable-default-pie"
extra="$extra --enable-default-ssp" extra="$extra --enable-default-ssp"
else
extra="--disable-libssp"
fi fi
$1/configure --prefix="$TCDIR" --target="$TARGET" \ $1/configure --prefix="$TCDIR" --target="$TARGET" \
@ -53,12 +51,4 @@ deploy() {
mv ${TCDIR}/${TARGET}/{include,lib} "$DEPLOY" mv ${TCDIR}/${TARGET}/{include,lib} "$DEPLOY"
rm ${DEPLOY}/lib/*.la rm ${DEPLOY}/lib/*.la
cp "$SCRIPTDIR/pkg/$PKGNAME/rootfs_files.txt" "$DEPLOY" cp "$SCRIPTDIR/pkg/$PKGNAME/rootfs_files.txt" "$DEPLOY"
if [ "x$TC_HARDENING" = "xyes" ]; then
cat >> "$DEPLOY/rootfs_files.txt" <<_EOF
lib/libssp.so m 777 0 0
lib/libssp.so.0 m 777 0 0
lib/libssp.so.0.0.0 m 555 0 0
_EOF
fi
} }