Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

make-bootstrap-tools: add libssp to allow stack protector to work #80497

Merged
merged 1 commit into from Mar 7, 2020

Conversation

lopsided98
Copy link
Contributor

Motivation for this change

The bootstrap tools lack libssp.a and libssp_nonshared.a, which causes linker errors when attempting to use stack protection, at least on 32-bit ARM. This PR is related to #79793 and needs to be merged first so that Hydra can build working bootstrap tarballs.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

cc @samueldr @thefloweringash

Copy link
Member

@LnL7 LnL7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not very familiar with linux bootstrapping, but looks good to me otherwise.

@grahamc
Copy link
Member

grahamc commented Mar 5, 2020

(vcunat said he'd take a look soon)

@grahamc grahamc merged commit 47a7741 into NixOS:master Mar 7, 2020
Copy link
Member

@vcunat vcunat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm a bit late, but anyway...

👍 though I trust you on this change being sufficient to fix those 32-bit ARMs. These libs are tiny (27k together on x86_64) and adding them seems very unlikely to break anything.


I still have no idea why platforms differ in needing this stack-protector stuff during bootstrap, but that doesn't seem important. Also it's unclear to me how to choose between *.a and *.so for bootGCC libs; static ones seem safer if they work, with respect to the risk of retaining references when using the resulting boodstrap tools... so 👍 for choosing that here.

@lopsided98
Copy link
Contributor Author

Also it's unclear to me how to choose between *.a and *.so for bootGCC libs; static ones seem safer if they work, with respect to the risk of retaining references when using the resulting boodstrap tools... so +1 for choosing that here.

I originally tried adding the .so, and it resulted in a reference to the bootstrap tools. From what I can tell, GCC normally prefers the static library anyway, even if both are available.

@lopsided98 lopsided98 deleted the bootstrap-libssp branch March 8, 2020 16:10
@vcunat vcunat mentioned this pull request Mar 8, 2020
10 tasks
arthurl pushed a commit to arthurl/nixpkgs that referenced this pull request Apr 4, 2020
cript0nauta pushed a commit to cript0nauta/nixpkgs that referenced this pull request Apr 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants