From eee78a9e435997d89af01554dfe029540596a71c Mon Sep 17 00:00:00 2001 From: CN_SZTL Date: Tue, 20 Aug 2019 15:12:05 +0800 Subject: [PATCH] musl: Fix CVE-2019-14697 --- toolchain/musl/Makefile | 0 toolchain/musl/common.mk | 13 +- toolchain/musl/include/bits/wordsize.h | 0 toolchain/musl/include/features.h | 0 toolchain/musl/include/sgidefs.h | 0 toolchain/musl/include/sys/cdefs.h | 0 toolchain/musl/include/sys/glibc-types.h | 0 toolchain/musl/include/sys/queue.h | 0 ...ocket.h-fix-SO_PEERSEC-value-on-MIPS.patch | 59 ++++++ ...e-symbol-lookup-and-dlsym-consistent.patch | 139 ++++++++++++++ ...balance-in-corner-cases-of-i386-math.patch | 179 ++++++++++++++++++ ...ression-in-i386-asm-for-atan2-atan2f.patch | 28 +++ .../musl/patches/100-add_glob_onlydir.patch | 0 .../patches/110-read_timezone_from_fs.patch | 0 .../patches/200-add_libssp_nonshared.patch | 37 ++-- toolchain/musl/patches/300-relative.patch | 2 +- ...ribute-to-some-function-declarations.patch | 8 +- .../musl/patches/900-iconv_size_hack.patch | 6 +- .../musl/patches/901-crypt_size_hack.patch | 0 19 files changed, 435 insertions(+), 36 deletions(-) mode change 100755 => 100644 toolchain/musl/Makefile mode change 100755 => 100644 toolchain/musl/common.mk mode change 100755 => 100644 toolchain/musl/include/bits/wordsize.h mode change 100755 => 100644 toolchain/musl/include/features.h mode change 100755 => 100644 toolchain/musl/include/sgidefs.h mode change 100755 => 100644 toolchain/musl/include/sys/cdefs.h mode change 100755 => 100644 toolchain/musl/include/sys/glibc-types.h mode change 100755 => 100644 toolchain/musl/include/sys/queue.h create mode 100644 toolchain/musl/patches/010-sys-socket.h-fix-SO_PEERSEC-value-on-MIPS.patch create mode 100644 toolchain/musl/patches/020-make-relocation-time-symbol-lookup-and-dlsym-consistent.patch create mode 100644 toolchain/musl/patches/030-fix-x87-stack-imbalance-in-corner-cases-of-i386-math.patch create mode 100644 toolchain/musl/patches/031-fix-build-regression-in-i386-asm-for-atan2-atan2f.patch mode change 100755 => 100644 toolchain/musl/patches/100-add_glob_onlydir.patch mode change 100755 => 100644 toolchain/musl/patches/110-read_timezone_from_fs.patch mode change 100755 => 100644 toolchain/musl/patches/200-add_libssp_nonshared.patch mode change 100755 => 100644 toolchain/musl/patches/300-relative.patch mode change 100755 => 100644 toolchain/musl/patches/400-Add-format-attribute-to-some-function-declarations.patch mode change 100755 => 100644 toolchain/musl/patches/900-iconv_size_hack.patch mode change 100755 => 100644 toolchain/musl/patches/901-crypt_size_hack.patch diff --git a/toolchain/musl/Makefile b/toolchain/musl/Makefile old mode 100755 new mode 100644 diff --git a/toolchain/musl/common.mk b/toolchain/musl/common.mk old mode 100755 new mode 100644 index 234709103c..2cd2c65ffb --- a/toolchain/musl/common.mk +++ b/toolchain/musl/common.mk @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/target.mk PKG_NAME:=musl -PKG_VERSION:=1.1.20 -PKG_RELEASE:=2 +PKG_VERSION:=1.1.19 +PKG_RELEASE=3 PKG_SOURCE_PROTO:=git PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE_VERSION:=0fa1e638e87cf257e9f96b4019b2076afd674a19 -PKG_MIRROR_HASH:=0a49559e845f51aaf006539176a36d6527957affd2838e71fd43275b737e90fe +PKG_SOURCE_VERSION:=55df09bfccbfe21fc9dd7d8f94550c0ff25ace04 +PKG_MIRROR_HASH:=eb94e4e7e94221dd8890afd9b29e2562c36cf5585649035349ca1c6c1c354f2b PKG_SOURCE_URL:=git://git.musl-libc.org/musl PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz @@ -28,8 +28,6 @@ HOST_BUILD_DIR:=$(BUILD_DIR_TOOLCHAIN)/$(PKG_NAME)-$(PKG_VERSION) include $(INCLUDE_DIR)/host-build.mk include $(INCLUDE_DIR)/hardening.mk -TARGET_CFLAGS:= $(filter-out -O%,$(TARGET_CFLAGS)) - MUSL_CONFIGURE:= \ $(TARGET_CONFIGURE_OPTS) \ CFLAGS="$(TARGET_CFLAGS)" \ @@ -39,8 +37,7 @@ MUSL_CONFIGURE:= \ --host=$(GNU_HOST_NAME) \ --target=$(REAL_GNU_TARGET_NAME) \ --disable-gcc-wrapper \ - --enable-debug \ - --enable-optimize + --enable-debug define Host/Configure ln -snf $(PKG_NAME)-$(PKG_VERSION) $(BUILD_DIR_TOOLCHAIN)/$(PKG_NAME) diff --git a/toolchain/musl/include/bits/wordsize.h b/toolchain/musl/include/bits/wordsize.h old mode 100755 new mode 100644 diff --git a/toolchain/musl/include/features.h b/toolchain/musl/include/features.h old mode 100755 new mode 100644 diff --git a/toolchain/musl/include/sgidefs.h b/toolchain/musl/include/sgidefs.h old mode 100755 new mode 100644 diff --git a/toolchain/musl/include/sys/cdefs.h b/toolchain/musl/include/sys/cdefs.h old mode 100755 new mode 100644 diff --git a/toolchain/musl/include/sys/glibc-types.h b/toolchain/musl/include/sys/glibc-types.h old mode 100755 new mode 100644 diff --git a/toolchain/musl/include/sys/queue.h b/toolchain/musl/include/sys/queue.h old mode 100755 new mode 100644 diff --git a/toolchain/musl/patches/010-sys-socket.h-fix-SO_PEERSEC-value-on-MIPS.patch b/toolchain/musl/patches/010-sys-socket.h-fix-SO_PEERSEC-value-on-MIPS.patch new file mode 100644 index 0000000000..2319d9cb68 --- /dev/null +++ b/toolchain/musl/patches/010-sys-socket.h-fix-SO_PEERSEC-value-on-MIPS.patch @@ -0,0 +1,59 @@ +From 4e0877a604bad684be020f68e96a05156131fd44 Mon Sep 17 00:00:00 2001 +From: Matthias Schiffer +Date: Sun, 24 Jun 2018 17:05:31 +0200 +Subject: [PATCH] sys/socket.h: fix SO_PEERSEC value on MIPS + +Differing from all other archs supported by musl, MIPS defines SO_PEERSEC +to 30 instead of 31. + +Reported-by: Andrey Jr. Mlenikov +--- + arch/mips/bits/socket.h | 2 ++ + arch/mips64/bits/socket.h | 2 ++ + arch/mipsn32/bits/socket.h | 2 ++ + include/sys/socket.h | 3 +++ + 4 files changed, 9 insertions(+) + +--- a/arch/mips/bits/socket.h ++++ b/arch/mips/bits/socket.h +@@ -48,5 +48,7 @@ struct cmsghdr { + #define SO_SNDBUFFORCE 31 + #define SO_RCVBUFFORCE 33 + ++#define SO_PEERSEC 30 ++ + #define SOCK_NONBLOCK 0200 + #define SOCK_CLOEXEC 02000000 +--- a/arch/mips64/bits/socket.h ++++ b/arch/mips64/bits/socket.h +@@ -64,5 +64,7 @@ struct cmsghdr { + #define SO_SNDBUFFORCE 31 + #define SO_RCVBUFFORCE 33 + ++#define SO_PEERSEC 30 ++ + #define SOCK_NONBLOCK 0200 + #define SOCK_CLOEXEC 02000000 +--- a/arch/mipsn32/bits/socket.h ++++ b/arch/mipsn32/bits/socket.h +@@ -48,5 +48,7 @@ struct cmsghdr { + #define SO_SNDBUFFORCE 31 + #define SO_RCVBUFFORCE 33 + ++#define SO_PEERSEC 30 ++ + #define SOCK_NONBLOCK 0200 + #define SOCK_CLOEXEC 02000000 +--- a/include/sys/socket.h ++++ b/include/sys/socket.h +@@ -201,7 +201,10 @@ struct linger { + #define SO_TIMESTAMP 29 + #define SCM_TIMESTAMP SO_TIMESTAMP + ++#ifndef SO_PEERSEC + #define SO_PEERSEC 31 ++#endif ++ + #define SO_PASSSEC 34 + #define SO_TIMESTAMPNS 35 + #define SCM_TIMESTAMPNS SO_TIMESTAMPNS diff --git a/toolchain/musl/patches/020-make-relocation-time-symbol-lookup-and-dlsym-consistent.patch b/toolchain/musl/patches/020-make-relocation-time-symbol-lookup-and-dlsym-consistent.patch new file mode 100644 index 0000000000..05e2af02e7 --- /dev/null +++ b/toolchain/musl/patches/020-make-relocation-time-symbol-lookup-and-dlsym-consistent.patch @@ -0,0 +1,139 @@ +>From a57cd35acf26ba6202ed6534a57f496464f431a1 Mon Sep 17 00:00:00 2001 +From: Szabolcs Nagy +Date: Sat, 10 Aug 2019 23:14:40 +0000 +Subject: [PATCH] make relocation time symbol lookup and dlsym consistent + +Using common code path for all symbol lookups fixes three dlsym issues: + +- st_shndx of STT_TLS symbols were not checked and thus an undefined + tls symbol reference could be incorrectly treated as a definition + (the sysv hash lookup returns undefined symbols, gnu does not, so should + be rare in practice). + +- symbol binding was not checked so a hidden symbol may be returned + (in principle STB_LOCAL symbols may appear in the dynamic symbol table + for hidden symbols, but linkers most likely don't produce it). + +- mips specific behaviour was not applied (ARCH_SYM_REJECT_UND) so + undefined symbols may be returned on mips. + +always_inline is used to avoid relocation performance regression, the +code generation for find_sym should not be affected. + +BAckported to 1.1.19 + +--- + ldso/dynlink.c | 84 +++++++++++++++++++------------------------------- + 1 file changed, 31 insertions(+), 53 deletions(-) + +--- a/ldso/dynlink.c ++++ b/ldso/dynlink.c +@@ -257,12 +257,16 @@ static Sym *gnu_lookup_filtered(uint32_t + #define ARCH_SYM_REJECT_UND(s) 0 + #endif + +-static struct symdef find_sym(struct dso *dso, const char *s, int need_def) ++#if defined(__GNUC__) ++__attribute__((always_inline)) ++#endif ++static inline struct symdef find_sym2(struct dso *dso, const char *s, int need_def, int use_deps) + { + uint32_t h = 0, gh = gnu_hash(s), gho = gh / (8*sizeof(size_t)), *ght; + size_t ghm = 1ul << gh % (8*sizeof(size_t)); + struct symdef def = {0}; +- for (; dso; dso=dso->syms_next) { ++ struct dso **deps = use_deps ? dso->deps : 0; ++ for (; dso; dso=use_deps ? *deps++ : dso->syms_next) { + Sym *sym; + if ((ght = dso->ghashtab)) { + sym = gnu_lookup_filtered(gh, ght, dso, s, gho, ghm); +@@ -290,6 +294,11 @@ static struct symdef find_sym(struct dso + __attribute__((__visibility__("hidden"))) + ptrdiff_t __tlsdesc_static(), __tlsdesc_dynamic(); + ++static struct symdef find_sym(struct dso *dso, const char *s, int need_def) ++{ ++ return find_sym2(dso, s, need_def, 0); ++} ++ + static void do_relocs(struct dso *dso, size_t *rel, size_t rel_size, size_t stride) + { + unsigned char *base = dso->base; +@@ -1872,58 +1881,27 @@ void *__tls_get_addr(tls_mod_off_t *); + + static void *do_dlsym(struct dso *p, const char *s, void *ra) + { +- size_t i; +- uint32_t h = 0, gh = 0, *ght; +- Sym *sym; +- if (p == head || p == RTLD_DEFAULT || p == RTLD_NEXT) { +- if (p == RTLD_DEFAULT) { +- p = head; +- } else if (p == RTLD_NEXT) { +- p = addr2dso((size_t)ra); +- if (!p) p=head; +- p = p->next; +- } +- struct symdef def = find_sym(p, s, 0); +- if (!def.sym) goto failed; +- if ((def.sym->st_info&0xf) == STT_TLS) +- return __tls_get_addr((tls_mod_off_t []){def.dso->tls_id, def.sym->st_value}); +- if (DL_FDPIC && (def.sym->st_info&0xf) == STT_FUNC) +- return def.dso->funcdescs + (def.sym - def.dso->syms); +- return laddr(def.dso, def.sym->st_value); +- } +- if (__dl_invalid_handle(p)) ++ int use_deps = 0; ++ if (p == head || p == RTLD_DEFAULT) { ++ p = head; ++ } else if (p == RTLD_NEXT) { ++ p = addr2dso((size_t)ra); ++ if (!p) p=head; ++ p = p->next; ++ } else if (__dl_invalid_handle(p)) { ++ return 0; ++ } else ++ use_deps = 1; ++ struct symdef def = find_sym2(p, s, 0, use_deps); ++ if (!def.sym) { ++ error("Symbol not found: %s", s); + return 0; +- if ((ght = p->ghashtab)) { +- gh = gnu_hash(s); +- sym = gnu_lookup(gh, ght, p, s); +- } else { +- h = sysv_hash(s); +- sym = sysv_lookup(s, h, p); + } +- if (sym && (sym->st_info&0xf) == STT_TLS) +- return __tls_get_addr((tls_mod_off_t []){p->tls_id, sym->st_value}); +- if (DL_FDPIC && sym && sym->st_shndx && (sym->st_info&0xf) == STT_FUNC) +- return p->funcdescs + (sym - p->syms); +- if (sym && sym->st_value && (1<<(sym->st_info&0xf) & OK_TYPES)) +- return laddr(p, sym->st_value); +- for (i=0; p->deps[i]; i++) { +- if ((ght = p->deps[i]->ghashtab)) { +- if (!gh) gh = gnu_hash(s); +- sym = gnu_lookup(gh, ght, p->deps[i], s); +- } else { +- if (!h) h = sysv_hash(s); +- sym = sysv_lookup(s, h, p->deps[i]); +- } +- if (sym && (sym->st_info&0xf) == STT_TLS) +- return __tls_get_addr((tls_mod_off_t []){p->deps[i]->tls_id, sym->st_value}); +- if (DL_FDPIC && sym && sym->st_shndx && (sym->st_info&0xf) == STT_FUNC) +- return p->deps[i]->funcdescs + (sym - p->deps[i]->syms); +- if (sym && sym->st_value && (1<<(sym->st_info&0xf) & OK_TYPES)) +- return laddr(p->deps[i], sym->st_value); +- } +-failed: +- error("Symbol not found: %s", s); +- return 0; ++ if ((def.sym->st_info&0xf) == STT_TLS) ++ return __tls_get_addr((tls_mod_off_t []){def.dso->tls_id, def.sym->st_value-DTP_OFFSET}); ++ if (DL_FDPIC && (def.sym->st_info&0xf) == STT_FUNC) ++ return def.dso->funcdescs + (def.sym - def.dso->syms); ++ return laddr(def.dso, def.sym->st_value); + } + + int dladdr(const void *addr, Dl_info *info) diff --git a/toolchain/musl/patches/030-fix-x87-stack-imbalance-in-corner-cases-of-i386-math.patch b/toolchain/musl/patches/030-fix-x87-stack-imbalance-in-corner-cases-of-i386-math.patch new file mode 100644 index 0000000000..a709330079 --- /dev/null +++ b/toolchain/musl/patches/030-fix-x87-stack-imbalance-in-corner-cases-of-i386-math.patch @@ -0,0 +1,179 @@ +From f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441 Mon Sep 17 00:00:00 2001 +From: Rich Felker +Date: Mon, 5 Aug 2019 18:41:47 -0400 +Subject: fix x87 stack imbalance in corner cases of i386 math asm + +commit 31c5fb80b9eae86f801be4f46025bc6532a554c5 introduced underflow +code paths for the i386 math asm, along with checks on the fpu status +word to skip the underflow-generation instructions if the underflow +flag was already raised. unfortunately, at least one such path, in +log1p, returned with 2 items on the x87 stack rather than just 1 item +for the return value. this is a violation of the ABI's calling +convention, and could cause subsequent floating point code to produce +NANs due to x87 stack overflow. if floating point results are used in +flow control, this can lead to runaway wrong code execution. + +rather than reviewing each "underflow already raised" code path for +correctness, remove them all. they're likely slower than just +performing the underflow code unconditionally, and significantly more +complex. + +all of this code should be ripped out and replaced by C source files +with inline asm. doing so would preclude this kind of error by having +the compiler perform all x87 stack register allocation and stack +manipulation, and would produce comparable or better code. however +such a change is a much larger project. +--- + src/math/i386/asin.s | 10 ++-------- + src/math/i386/atan.s | 7 ++----- + src/math/i386/atan2.s | 5 +---- + src/math/i386/atan2f.s | 5 +---- + src/math/i386/atanf.s | 7 ++----- + src/math/i386/exp.s | 10 ++-------- + src/math/i386/log1p.s | 7 ++----- + src/math/i386/log1pf.s | 7 ++----- + 8 files changed, 14 insertions(+), 44 deletions(-) + +--- a/src/math/i386/asin.s ++++ b/src/math/i386/asin.s +@@ -7,13 +7,10 @@ asinf: + cmp $0x01000000,%eax + jae 1f + # subnormal x, return x with underflow +- fnstsw %ax +- and $16,%ax +- jnz 2f + fld %st(0) + fmul %st(1) + fstps 4(%esp) +-2: ret ++ ret + + .global asinl + .type asinl,@function +@@ -30,11 +27,8 @@ asin: + cmp $0x00200000,%eax + jae 1f + # subnormal x, return x with underflow +- fnstsw %ax +- and $16,%ax +- jnz 2f + fsts 4(%esp) +-2: ret ++ ret + 1: fld %st(0) + fld1 + fsub %st(0),%st(1) +--- a/src/math/i386/atan.s ++++ b/src/math/i386/atan.s +@@ -10,8 +10,5 @@ atan: + fpatan + ret + # subnormal x, return x with underflow +-1: fnstsw %ax +- and $16,%ax +- jnz 2f +- fsts 4(%esp) +-2: ret ++1: fsts 4(%esp) ++ ret +--- a/src/math/i386/atan2.s ++++ b/src/math/i386/atan2.s +@@ -10,8 +10,5 @@ atan2: + cmp $0x00200000,%eax + jae 1f + # subnormal x, return x with underflow +- fnstsw %ax +- and $16,%ax +- jnz 1f + fsts 4(%esp) +-1: ret ++ ret +--- a/src/math/i386/atan2f.s ++++ b/src/math/i386/atan2f.s +@@ -10,10 +10,7 @@ atan2f: + cmp $0x01000000,%eax + jae 1f + # subnormal x, return x with underflow +- fnstsw %ax +- and $16,%ax +- jnz 1f + fld %st(0) + fmul %st(1) + fstps 4(%esp) +-1: ret ++ ret +--- a/src/math/i386/atanf.s ++++ b/src/math/i386/atanf.s +@@ -10,10 +10,7 @@ atanf: + fpatan + ret + # subnormal x, return x with underflow +-1: fnstsw %ax +- and $16,%ax +- jnz 2f +- fld %st(0) ++1: fld %st(0) + fmul %st(1) + fstps 4(%esp) +-2: ret ++ ret +--- a/src/math/i386/exp.s ++++ b/src/math/i386/exp.s +@@ -7,13 +7,10 @@ expm1f: + cmp $0x01000000,%eax + jae 1f + # subnormal x, return x with underflow +- fnstsw %ax +- and $16,%ax +- jnz 2f + fld %st(0) + fmul %st(1) + fstps 4(%esp) +-2: ret ++ ret + + .global expm1l + .type expm1l,@function +@@ -30,11 +27,8 @@ expm1: + cmp $0x00200000,%eax + jae 1f + # subnormal x, return x with underflow +- fnstsw %ax +- and $16,%ax +- jnz 2f + fsts 4(%esp) +-2: ret ++ ret + 1: fldl2e + fmulp + mov $0xc2820000,%eax +--- a/src/math/i386/log1p.s ++++ b/src/math/i386/log1p.s +@@ -16,9 +16,6 @@ log1p: + fyl2x + ret + # subnormal x, return x with underflow +-2: fnstsw %ax +- and $16,%ax +- jnz 1f +- fsts 4(%esp) ++2: fsts 4(%esp) + fstp %st(1) +-1: ret ++ ret +--- a/src/math/i386/log1pf.s ++++ b/src/math/i386/log1pf.s +@@ -16,10 +16,7 @@ log1pf: + fyl2x + ret + # subnormal x, return x with underflow +-2: fnstsw %ax +- and $16,%ax +- jnz 1f +- fxch ++2: fxch + fmul %st(1) + fstps 4(%esp) +-1: ret ++ ret diff --git a/toolchain/musl/patches/031-fix-build-regression-in-i386-asm-for-atan2-atan2f.patch b/toolchain/musl/patches/031-fix-build-regression-in-i386-asm-for-atan2-atan2f.patch new file mode 100644 index 0000000000..8c5161b52c --- /dev/null +++ b/toolchain/musl/patches/031-fix-build-regression-in-i386-asm-for-atan2-atan2f.patch @@ -0,0 +1,28 @@ +From 6818c31c9bc4bbad5357f1de14bedf781e5b349e Mon Sep 17 00:00:00 2001 +From: Rich Felker +Date: Mon, 5 Aug 2019 19:57:07 -0400 +Subject: fix build regression in i386 asm for atan2, atan2f + +commit f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441 inadvertently removed +labels that were still needed. +--- + src/math/i386/atan2.s | 2 +- + src/math/i386/atan2f.s | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +--- a/src/math/i386/atan2.s ++++ b/src/math/i386/atan2.s +@@ -11,4 +11,4 @@ atan2: + jae 1f + # subnormal x, return x with underflow + fsts 4(%esp) +- ret ++1: ret +--- a/src/math/i386/atan2f.s ++++ b/src/math/i386/atan2f.s +@@ -13,4 +13,4 @@ atan2f: + fld %st(0) + fmul %st(1) + fstps 4(%esp) +- ret ++1: ret diff --git a/toolchain/musl/patches/100-add_glob_onlydir.patch b/toolchain/musl/patches/100-add_glob_onlydir.patch old mode 100755 new mode 100644 diff --git a/toolchain/musl/patches/110-read_timezone_from_fs.patch b/toolchain/musl/patches/110-read_timezone_from_fs.patch old mode 100755 new mode 100644 diff --git a/toolchain/musl/patches/200-add_libssp_nonshared.patch b/toolchain/musl/patches/200-add_libssp_nonshared.patch old mode 100755 new mode 100644 index b8fa7b4b4f..7a2909461b --- a/toolchain/musl/patches/200-add_libssp_nonshared.patch +++ b/toolchain/musl/patches/200-add_libssp_nonshared.patch @@ -4,6 +4,11 @@ Date: Mon, 22 Jun 2015 11:01:56 +0200 Subject: [PATCH] Add libssp_nonshared.a so GCC's is not needed Signed-off-by: Steven Barth +--- + Makefile | 10 ++++++++-- + libssp_nonshared/__stack_chk_fail_local.c | 2 ++ + 2 files changed, 10 insertions(+), 2 deletions(-) + create mode 100644 libssp_nonshared/__stack_chk_fail_local.c --- a/Makefile +++ b/Makefile @@ -16,29 +21,21 @@ Signed-off-by: Steven Barth ALL_TOOLS = obj/musl-gcc WRAPCC_GCC = gcc -@@ -86,7 +86,7 @@ else +@@ -125,7 +125,8 @@ NOSSP_SRCS = $(wildcard crt/*.c) \ + src/thread/__set_thread_area.c src/thread/$(ARCH)/__set_thread_area.c \ + src/string/memset.c src/string/$(ARCH)/memset.c \ + src/string/memcpy.c src/string/$(ARCH)/memcpy.c \ +- ldso/dlstart.c ldso/dynlink.c ++ ldso/dlstart.c ldso/dynlink.c \ ++ src/libssp_nonshared/__stack_chk_fail_local.c + $(NOSSP_SRCS:%.c=obj/%.o) $(NOSSP_SRCS:%.c=obj/%.lo): CFLAGS_ALL += $(CFLAGS_NOSSP) - all: $(ALL_LIBS) $(ALL_TOOLS) - --OBJ_DIRS = $(sort $(patsubst %/,%,$(dir $(ALL_LIBS) $(ALL_TOOLS) $(ALL_OBJS) $(GENH) $(GENH_INT))) obj/include) -+OBJ_DIRS = $(sort $(patsubst %/,%,$(dir $(ALL_LIBS) $(ALL_TOOLS) $(ALL_OBJS) $(GENH) $(GENH_INT))) obj/include obj/libssp_nonshared) - - $(ALL_LIBS) $(ALL_TOOLS) $(ALL_OBJS) $(ALL_OBJS:%.o=%.lo) $(GENH) $(GENH_INT): | $(OBJ_DIRS) - -@@ -113,6 +113,8 @@ obj/crt/rcrt1.o: $(srcdir)/ldso/dlstart. - - obj/crt/Scrt1.o obj/crt/rcrt1.o: CFLAGS_ALL += -fPIC - -+obj/libssp_nonshared/__stack_chk_fail_local.o: CFLAGS_ALL += $(CFLAGS_NOSSP) -+ - OPTIMIZE_SRCS = $(wildcard $(OPTIMIZE_GLOBS:%=$(srcdir)/src/%)) - $(OPTIMIZE_SRCS:$(srcdir)/%.c=obj/%.o) $(OPTIMIZE_SRCS:$(srcdir)/%.c=obj/%.lo): CFLAGS += -O3 - -@@ -165,6 +166,11 @@ lib/libc.a: $(AOBJS) + $(CRT_OBJS): CFLAGS_ALL += -DCRT +@@ -168,6 +169,11 @@ lib/libc.a: $(AOBJS) $(AR) rc $@ $(AOBJS) $(RANLIB) $@ -+lib/libssp_nonshared.a: obj/libssp_nonshared/__stack_chk_fail_local.o ++lib/libssp_nonshared.a: obj/src/libssp_nonshared/__stack_chk_fail_local.o + rm -f $@ + $(AR) rc $@ $< + $(RANLIB) $@ @@ -47,7 +44,7 @@ Signed-off-by: Steven Barth rm -f $@ $(AR) rc $@ --- /dev/null -+++ b/libssp_nonshared/__stack_chk_fail_local.c ++++ b/src/libssp_nonshared/__stack_chk_fail_local.c @@ -0,0 +1,2 @@ +#include "atomic.h" +void __attribute__((visibility ("hidden"))) __stack_chk_fail_local(void) { a_crash(); } diff --git a/toolchain/musl/patches/300-relative.patch b/toolchain/musl/patches/300-relative.patch old mode 100755 new mode 100644 index e34e60a09d..7e1eb7d6bc --- a/toolchain/musl/patches/300-relative.patch +++ b/toolchain/musl/patches/300-relative.patch @@ -1,6 +1,6 @@ --- a/Makefile +++ b/Makefile -@@ -215,7 +215,7 @@ $(DESTDIR)$(includedir)/%: $(srcdir)/inc +@@ -217,7 +217,7 @@ $(DESTDIR)$(includedir)/%: $(srcdir)/inc $(INSTALL) -D -m 644 $< $@ $(DESTDIR)$(LDSO_PATHNAME): $(DESTDIR)$(libdir)/libc.so diff --git a/toolchain/musl/patches/400-Add-format-attribute-to-some-function-declarations.patch b/toolchain/musl/patches/400-Add-format-attribute-to-some-function-declarations.patch old mode 100755 new mode 100644 index f7eff9141f..915b0b7b47 --- a/toolchain/musl/patches/400-Add-format-attribute-to-some-function-declarations.patch +++ b/toolchain/musl/patches/400-Add-format-attribute-to-some-function-declarations.patch @@ -102,7 +102,7 @@ Signed-off-by: Hauke Mehrtens #ifdef __cplusplus #define NULL 0L #else -@@ -103,19 +111,19 @@ int puts(const char *); +@@ -102,19 +110,19 @@ int puts(const char *); int printf(const char *__restrict, ...); int fprintf(FILE *__restrict, const char *__restrict, ...); int sprintf(char *__restrict, const char *__restrict, ...); @@ -127,7 +127,7 @@ Signed-off-by: Hauke Mehrtens void perror(const char *); -@@ -136,8 +144,8 @@ int pclose(FILE *); +@@ -135,8 +143,8 @@ int pclose(FILE *); int fileno(FILE *); int fseeko(FILE *, off_t, int); off_t ftello(FILE *); @@ -138,7 +138,7 @@ Signed-off-by: Hauke Mehrtens void flockfile(FILE *); int ftrylockfile(FILE *); void funlockfile(FILE *); -@@ -176,8 +184,8 @@ int fileno_unlocked(FILE *); +@@ -175,8 +183,8 @@ int fileno_unlocked(FILE *); int getw(FILE *); int putw(int, FILE *); char *fgetln(FILE *, size_t *); @@ -149,7 +149,7 @@ Signed-off-by: Hauke Mehrtens #endif #ifdef _GNU_SOURCE -@@ -199,6 +207,9 @@ typedef struct _IO_cookie_io_functions_t +@@ -198,6 +206,9 @@ typedef struct _IO_cookie_io_functions_t FILE *fopencookie(void *, const char *, cookie_io_functions_t); #endif diff --git a/toolchain/musl/patches/900-iconv_size_hack.patch b/toolchain/musl/patches/900-iconv_size_hack.patch old mode 100755 new mode 100644 index 461a204a4c..6200262b1d --- a/toolchain/musl/patches/900-iconv_size_hack.patch +++ b/toolchain/musl/patches/900-iconv_size_hack.patch @@ -56,7 +56,7 @@ case SHIFT_JIS: if (c < 128) break; if (c-0xa1 <= 0xdf-0xa1) { -@@ -518,6 +525,7 @@ size_t iconv(iconv_t cd, char **restrict +@@ -510,6 +517,7 @@ size_t iconv(iconv_t cd, char **restrict c = ksc[c][d]; if (!c) goto ilseq; break; @@ -64,7 +64,7 @@ default: if (!c) break; c = legacy_map(map, c); -@@ -559,6 +567,7 @@ size_t iconv(iconv_t cd, char **restrict +@@ -550,6 +558,7 @@ size_t iconv(iconv_t cd, char **restrict } } goto subst; @@ -72,7 +72,7 @@ case SHIFT_JIS: if (c < 128) goto revout; if (c == 0xa5) { -@@ -632,6 +641,7 @@ size_t iconv(iconv_t cd, char **restrict +@@ -623,6 +632,7 @@ size_t iconv(iconv_t cd, char **restrict *(*out)++ = 'B'; *outb -= 8; break; diff --git a/toolchain/musl/patches/901-crypt_size_hack.patch b/toolchain/musl/patches/901-crypt_size_hack.patch old mode 100755 new mode 100644