|

uClibc and SSP

View: New views

5 Messages — Rating Filter: Alert me

	uClibc and SSP by Mwanguhya Daniel Murungi :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hello, Am building a system using HLFS (hardened Linux from scratch) and uClibc. I would like to use uClibc's SSP feature but whenever I enable it, any program compiled with -fstack-protector and -fstack-protector-all seg faults. The seg faults do not occur when I disable uClibc's SSP and use libssp from GCC. The reason I no longer want to link against libssp is because binary size increases by about 8k. Patching GCC with the gcc-fstack-protector patch (from Robert Connolly) doesnot help either. How do i get uClibc's SSP to work? Am using GCC 4.2.4 and uClibc 0.9.30.1 -- Mwanguhya Daniel Murungi Makerere University [ DICTS ] P.O.Box 7062, Wandegeya Kampala Uganda MYTH: Knowledge is power TRUTH: APPLIED Knowledge is power _______________________________________________ uClibc mailing list uClibc@... http://lists.busybox.net/mailman/listinfo/uclibc
	Re: uClibc and SSP by Bernhard Reutner-Fischer :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I think this was fixed on the 0_9_30 branch already (which will shortly become 0.9.30.2). Please verify. On Nov 8, 2009 11:32 AM, "Mwanguhya Daniel Murungi" < dmurungi@...> wrote: Hello, Am building a system using HLFS (hardened Linux from scratch) and uClibc. I would like to use uClibc's SSP feature but whenever I enable it, any program compiled with -fstack-protector and -fstack-protector-all seg faults. The seg faults do not occur when I disable uClibc's SSP and use libssp from GCC. The reason I no longer want to link against libssp is because binary size increases by about 8k. Patching GCC with the gcc-fstack-protector patch (from Robert Connolly) doesnot help either. How do i get uClibc's SSP to work? Am using GCC 4.2.4 and uClibc 0.9.30.1 -- Mwanguhya Daniel Murungi Makerere University [ DICTS ] P.O.Box 7062, Wandegeya Kampala Uganda MYTH: Knowledge is power TRUTH: APPLIED Knowledge is power _______________________________________________ uClibc mailing list uClibc@... http://lists.busybox.net/mailman/listinfo/uclibc _______________________________________________ uClibc mailing list uClibc@... http://lists.busybox.net/mailman/listinfo/uclibc
	Re: uClibc and SSP by Mwanguhya Daniel Murungi :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hello, I have tried with the uClibc git master and 0_9_30 branches but with no luck. Compiling with '-fstack-protector' is ok but '-fstack-protector-all' generates a seg fault. I can attach the strace output if that will help. On Sunday 08 November 2009 16:41:59 Bernhard Reutner-Fischer wrote: > I think this was fixed on the 0_9_30 branch already (which will shortly > become 0.9.30.2). Please verify. > > On Nov 8, 2009 11:32 AM, "Mwanguhya Daniel Murungi" < > dmurungi@...> wrote: > > Hello, > > Am building a system using HLFS (hardened Linux from scratch) and uClibc. I > would like to use uClibc's SSP feature but whenever I enable it, any > program compiled with -fstack-protector and -fstack-protector-all seg > faults. > > The seg faults do not occur when I disable uClibc's SSP and use libssp from > GCC. The reason I no longer want to link against libssp is because binary > size increases by about 8k. > > Patching GCC with the gcc-fstack-protector patch (from Robert Connolly) > doesnot help either. > > How do i get uClibc's SSP to work? Am using GCC 4.2.4 and uClibc 0.9.30.1 > > -- > Mwanguhya Daniel Murungi > Makerere University [ DICTS ] > P.O.Box 7062, Wandegeya > Kampala > Uganda > > MYTH: Knowledge is power > TRUTH: APPLIED Knowledge is power > _______________________________________________ > uClibc mailing list > uClibc@... > http://lists.busybox.net/mailman/listinfo/uclibc _______________________________________________ uClibc mailing list uClibc@... http://lists.busybox.net/mailman/listinfo/uclibc
	Re: uClibc and SSP by Natanael Copa-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Nov 8, 2009 11:32 AM, "Mwanguhya Daniel Murungi" < > dmurungi@...> wrote: > Am building a system using HLFS (hardened Linux from scratch) and uClibc. I > would like to use uClibc's SSP feature but whenever I enable it, any program > compiled with -fstack-protector and -fstack-protector-all seg faults. On Sun, 2009-11-08 at 14:41 +0100, Bernhard Reutner-Fischer wrote: > I think this was fixed on the 0_9_30 branch already (which will shortly > become 0.9.30.2). Please verify. works for me. uclibc-0.9.30.1 with gcc-4.4.1 on x86 -nc _______________________________________________ uClibc mailing list uClibc@... http://lists.busybox.net/mailman/listinfo/uclibc
	Re: uClibc and SSP by Peter S. Mazinger :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hello, please provide info which patches you applied to GCC and which version of uClibc you are testing and which arch is the tested one. Minimal requirements: 1. GCC needs to be patched to not use TLS for the guard 2. GCC needs to be patched to recognize uClibc as a valid SSP supporting library 3. uClibc should be trunk (not nptl), haven´t checked lately if any stable version would behave properly 4. uClibc might need some patch for ssp[-local].c to use inlined syscalls where possible 5. binutils needs support for AS_NEEDED Static compiles might fail, first check that dynamic ones work. Check your final binaries, that they make use of ld-uClibc.so.0 (readelf -d <...> \| grep DT_NEEDED. Try to test binaries, that do not use threads, since those might produce unreliable results. Peter -------- Original-Nachricht -------- > Datum: Sun, 8 Nov 2009 13:25:47 +0300 > Von: Mwanguhya Daniel Murungi <dmurungi@...> > An: uclibc@... > Betreff: uClibc and SSP > Hello, > > Am building a system using HLFS (hardened Linux from scratch) and uClibc. > I > would like to use uClibc's SSP feature but whenever I enable it, any > program > compiled with -fstack-protector and -fstack-protector-all seg faults. > > The seg faults do not occur when I disable uClibc's SSP and use libssp > from > GCC. The reason I no longer want to link against libssp is because binary > size increases by about 8k. > > Patching GCC with the gcc-fstack-protector patch (from Robert Connolly) > doesnot help either. > > How do i get uClibc's SSP to work? Am using GCC 4.2.4 and uClibc 0.9.30.1 > > -- > Mwanguhya Daniel Murungi > Makerere University [ DICTS ] > P.O.Box 7062, Wandegeya > Kampala > Uganda > > MYTH: Knowledge is power > TRUTH: APPLIED Knowledge is power > _______________________________________________ > uClibc mailing list > uClibc@... > http://lists.busybox.net/mailman/listinfo/uclibc -- Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3.5 - sicherer, schneller und einfacher! http://portal.gmx.net/de/go/chbrowser _______________________________________________ uClibc mailing list uClibc@... http://lists.busybox.net/mailman/listinfo/uclibc