[LinuxBIOS] Possible stack protect solutions
Jordan Crouse
jordan.crouse at amd.com
Wed Dec 19 18:53:44 CET 2007
I need a community vote. There is an lingering stack protect issue
in LinuxBIOS, and it hits us when we port new platforms. The problem is
that not all of the lines in the various Config.lb files that compile
code also include the $(CPU_OPT) variable that we use to pass in the
-fno-stack-protector from buildrom.
So I offer these two possible solutions. One is a patch to buildrom that
changes how we pass in the -fno-stack-protect flag (thanks to Marc for
the patch). The other is a patch to LinuxBIOS itself to fix the actual
problem and pass $(CPU_OPT) where appropriate in the mainboard Config.lb
files.
So I leave it to the community - which solution do we prefer? One one
hand, the buildrom solution only affects targets when built by buildrom,
so abuild and other tools aren't affected, though it glosses over the real
problem.
On the other hand, any tools who may find CPU_OPT useful for their own
uses will hit this too, but it is far more likely to break things.
Thoughts?
--
Jordan Crouse
Systems Software Development Engineer
Advanced Micro Devices, Inc.
-------------- next part --------------
Another possible solution for the stackprotect problem - fixing the
problem at its source.
Not signed off yet
Index: LinuxBIOSv2/src/mainboard/agami/aruma/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/agami/aruma/Config.lb 2007-12-19 10:34:37.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/agami/aruma/Config.lb 2007-12-19 10:34:46.000000000 -0700
@@ -113,7 +113,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/amd/db800/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/amd/db800/Config.lb 2007-12-19 10:33:35.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/amd/db800/Config.lb 2007-12-19 10:33:41.000000000 -0700
@@ -54,7 +54,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/amd/norwich/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/amd/norwich/Config.lb 2007-12-19 10:33:50.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/amd/norwich/Config.lb 2007-12-19 10:33:56.000000000 -0700
@@ -56,7 +56,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/amd/serengeti_cheetah/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/amd/serengeti_cheetah/Config.lb 2007-12-19 10:34:09.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/amd/serengeti_cheetah/Config.lb 2007-12-19 10:34:16.000000000 -0700
@@ -135,7 +135,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/amd/serengeti_cheetah_fam10/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/amd/serengeti_cheetah_fam10/Config.lb 2007-12-19 10:27:40.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/amd/serengeti_cheetah_fam10/Config.lb 2007-12-19 10:27:50.000000000 -0700
@@ -143,7 +143,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/$(CACHE_AS_RAM_AUTO_C) option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/$(CACHE_AS_RAM_AUTO_C) -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/$(CACHE_AS_RAM_AUTO_C) -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/artecgroup/dbe61/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/artecgroup/dbe61/Config.lb 2007-12-19 10:33:07.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/artecgroup/dbe61/Config.lb 2007-12-19 10:33:14.000000000 -0700
@@ -52,7 +52,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/asus/a8v-e_se/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/asus/a8v-e_se/Config.lb 2007-12-19 10:32:44.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/asus/a8v-e_se/Config.lb 2007-12-19 10:32:54.000000000 -0700
@@ -88,7 +88,7 @@
else
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/broadcom/blast/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/broadcom/blast/Config.lb 2007-12-19 10:32:23.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/broadcom/blast/Config.lb 2007-12-19 10:32:31.000000000 -0700
@@ -63,7 +63,7 @@
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/digitallogic/msm800sev/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/digitallogic/msm800sev/Config.lb 2007-12-19 10:31:57.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/digitallogic/msm800sev/Config.lb 2007-12-19 10:32:06.000000000 -0700
@@ -52,7 +52,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/gigabyte/m57sli/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/gigabyte/m57sli/Config.lb 2007-12-19 10:31:09.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/gigabyte/m57sli/Config.lb 2007-12-19 10:31:43.000000000 -0700
@@ -90,7 +90,7 @@
else
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/iwill/dk8_htx/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/iwill/dk8_htx/Config.lb 2007-12-19 10:30:13.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/iwill/dk8_htx/Config.lb 2007-12-19 10:30:39.000000000 -0700
@@ -142,7 +142,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/msi/ms7260/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/msi/ms7260/Config.lb 2007-12-19 10:29:25.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/msi/ms7260/Config.lb 2007-12-19 10:29:36.000000000 -0700
@@ -63,7 +63,7 @@
else
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/msi/ms9185/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/msi/ms9185/Config.lb 2007-12-19 10:29:49.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/msi/ms9185/Config.lb 2007-12-19 10:29:56.000000000 -0700
@@ -90,7 +90,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/nvidia/l1_2pvv/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/nvidia/l1_2pvv/Config.lb 2007-12-19 10:29:08.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/nvidia/l1_2pvv/Config.lb 2007-12-19 10:29:14.000000000 -0700
@@ -121,7 +121,7 @@
else
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/pcengines/alix1c/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/pcengines/alix1c/Config.lb 2007-12-19 10:28:31.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/pcengines/alix1c/Config.lb 2007-12-19 10:28:40.000000000 -0700
@@ -72,7 +72,7 @@
#compile cache_as_ram.c to auto.inc
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/sis/sis761/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/sis/sis761/Config.lb 2007-12-19 10:28:15.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/sis/sis761/Config.lb 2007-12-19 10:28:22.000000000 -0700
@@ -92,7 +92,7 @@
else
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
Index: LinuxBIOSv2/src/mainboard/tyan/s2912/Config.lb
===================================================================
--- LinuxBIOSv2.orig/src/mainboard/tyan/s2912/Config.lb 2007-12-19 10:27:56.000000000 -0700
+++ LinuxBIOSv2/src/mainboard/tyan/s2912/Config.lb 2007-12-19 10:28:05.000000000 -0700
@@ -91,7 +91,7 @@
else
makerule ./cache_as_ram_auto.inc
depends "$(MAINBOARD)/cache_as_ram_auto.c option_table.h"
- action "$(CC) -I$(TOP)/src -I. $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
+ action "$(CC) -I$(TOP)/src -I. $(CPU_OPT) $(CPPFLAGS) $(MAINBOARD)/cache_as_ram_auto.c -Os -nostdinc -nostdlib -fno-builtin -Wall -c -S -o $@"
action "perl -e 's/.rodata/.rom.data/g' -pi $@"
action "perl -e 's/.text/.section .rom.text/g' -pi $@"
end
-------------- next part --------------
Possible global solution for stack protect problems with LinuxBIOS
Not signed off yet
Index: buildrom-devel/packages/linuxbios/linuxbios.inc
===================================================================
--- buildrom-devel.orig/packages/linuxbios/linuxbios.inc 2007-12-19 10:42:20.000000000 -0700
+++ buildrom-devel/packages/linuxbios/linuxbios.inc 2007-12-19 10:45:25.000000000 -0700
@@ -96,8 +96,7 @@
$(LINUXBIOS_OUTPUT): $(LINUXBIOS_STAMP_DIR) $(LINUXBIOS_LOG_DIR) $(LINUXBIOS_DIR_TARGET) $(LINUXBIOS_PAYLOAD_TARGET)
@ echo "Building linuxbios..."
- @ (export CPU_OPT="$(STACKPROTECT)"; \
- make -C $(LINUXBIOS_BUILD_DIR) > $(LINUXBIOS_BUILD_LOG) 2>&1)
+ @ make CC="$(CC) -m32 $(STACKPROTECT)" -C $(LINUXBIOS_BUILD_DIR) > $(LINUXBIOS_BUILD_LOG) 2>&1
generic-linuxbios-clean:
@ echo "Cleaning linuxbios..."
More information about the coreboot
mailing list