From 733d24b50b63cef38c9d228e127c9d09865afc16 Mon Sep 17 00:00:00 2001 From: Walter Franzini Date: Fri, 23 Aug 2019 10:47:39 +0200 Subject: [PATCH] add stackprotector support on musl32 In order to support stackprotector on musl32, this change import a couple of patches from alpinelinux: 1. libssp_nonshared.a is built alongside musl's libc 2. the above library is automatically linked when compiling with gcc6 or gcc7 --- pkgs/development/compilers/gcc/6/default.nix | 6 +++++- pkgs/development/compilers/gcc/7/default.nix | 4 ++++ pkgs/os-specific/linux/musl/default.nix | 22 ++++++++++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/pkgs/development/compilers/gcc/6/default.nix b/pkgs/development/compilers/gcc/6/default.nix index fa7881e398a8..93c9dde61fc3 100644 --- a/pkgs/development/compilers/gcc/6/default.nix +++ b/pkgs/development/compilers/gcc/6/default.nix @@ -78,7 +78,11 @@ let majorVersion = "6"; ++ optional (targetPlatform.libc == "musl") ../libgomp-dont-force-initial-exec.patch # Obtain latest patch with ../update-mcfgthread-patches.sh - ++ optional (!crossStageStatic && targetPlatform.isMinGW) ./Added-mcf-thread-model-support-from-mcfgthread.patch; + ++ optional (!crossStageStatic && targetPlatform.isMinGW) ./Added-mcf-thread-model-support-from-mcfgthread.patch + ++ optional (targetPlatform.libc == "musl" && targetPlatform.isx86_32) (fetchpatch { + url = "https://git.alpinelinux.org/aports/plain/main/gcc/gcc-6.1-musl-libssp.patch?id=5e4b96e23871ee28ef593b439f8c07ca7c7eb5bb"; + sha256 = "1jf1ciz4gr49lwyh8knfhw6l5gvfkwzjy90m7qiwkcbsf4a3fqn2"; + }); javaEcj = fetchurl { # The `$(top_srcdir)/ecj.jar' file is automatically picked up at diff --git a/pkgs/development/compilers/gcc/7/default.nix b/pkgs/development/compilers/gcc/7/default.nix index 2ea9033ba63a..75d519c3107b 100644 --- a/pkgs/development/compilers/gcc/7/default.nix +++ b/pkgs/development/compilers/gcc/7/default.nix @@ -72,6 +72,10 @@ let majorVersion = "7"; }) ++ optional langFortran ../gfortran-driving.patch ++ optional (targetPlatform.libc == "musl" && targetPlatform.isPower) ../ppc-musl.patch + ++ optional (targetPlatform.libc == "musl" && targetPlatform.isx86_32) (fetchpatch { + url = "https://git.alpinelinux.org/aports/plain/main/gcc/gcc-6.1-musl-libssp.patch"; + sha256 = "1jf1ciz4gr49lwyh8knfhw6l5gvfkwzjy90m7qiwkcbsf4a3fqn2"; + }) ++ optional (targetPlatform.libc == "musl") ../libgomp-dont-force-initial-exec.patch # Obtain latest patch with ../update-mcfgthread-patches.sh diff --git a/pkgs/os-specific/linux/musl/default.nix b/pkgs/os-specific/linux/musl/default.nix index 63d8114ac77a..3310692b31dc 100644 --- a/pkgs/os-specific/linux/musl/default.nix +++ b/pkgs/os-specific/linux/musl/default.nix @@ -16,6 +16,11 @@ let sha256 = "14igk6k00bnpfw660qhswagyhvr0gfqg4q55dxvaaq7ikfkrir71"; }; + stack_chk_fail_local_c = fetchurl { + url = "https://git.alpinelinux.org/aports/plain/main/musl/__stack_chk_fail_local.c?h=3.10-stable"; + sha256 = "1nhkzzy9pklgjcq2yg89d3l18jif331srd3z3vhy5qwxl1spv6i9"; + }; + # iconv tool, implemented by musl author. # Original: http://git.etalabs.net/cgit/noxcuse/plain/src/iconv.c?id=02d288d89683e99fd18fe9f54d4e731a6c474a4f # We use copy from Alpine which fixes error messages, see: @@ -87,6 +92,16 @@ stdenv.mkDerivation rec { NIX_DONT_SET_RPATH = true; + preBuild = '' + ${if (stdenv.targetPlatform.libc == "musl" && stdenv.targetPlatform.isx86_32) then + "# the -x c flag is required since the file extension confuses gcc + # that detect the file as a linker script. + $CC -x c -c ${stack_chk_fail_local_c} -o __stack_chk_fail_local.o + $AR r libssp_nonshared.a __stack_chk_fail_local.o" + else "" + } + ''; + postInstall = '' # Not sure why, but link in all but scsi directory as that's what uclibc/glibc do. # Apparently glibc provides scsi itself? @@ -96,6 +111,13 @@ stdenv.mkDerivation rec { $STRIP -S $out/lib/libc.a mkdir -p $out/bin + + ${if (stdenv.targetPlatform.libc == "musl" && stdenv.targetPlatform.isx86_32) then + "install -D libssp_nonshared.a $out/lib/libssp_nonshared.a + $STRIP -S $out/lib/libssp_nonshared.a" + else "" + } + # Create 'ldd' symlink, builtin ln -rs $out/lib/libc.so $out/bin/ldd