Skip to content

make-bootstrap-tools: add libssp to allow stack protector to work #80497

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 7, 2020
Merged

make-bootstrap-tools: add libssp to allow stack protector to work #80497

merged 1 commit into from
Mar 7, 2020
+2 −0

Conversation

lopsided98
Copy link
Contributor

Motivation for this change

The bootstrap tools lack libssp.a and libssp_nonshared.a, which causes linker errors when attempting to use stack protection, at least on 32-bit ARM. This PR is related to #79793 and needs to be merged first so that Hydra can build working bootstrap tarballs.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

cc @samueldr @thefloweringash

Sorry, something went wrong.

@ofborg ofborg bot added 6.topic: stdenv Standard environment 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux labels Feb 19, 2020
@lopsided98 lopsided98 mentioned this pull request Feb 19, 2020
Merged
10 tasks
@dguibert dguibert mentioned this pull request Mar 5, 2020
Closed
@grahamc grahamc requested review from dtzWill, LnL7 and vcunat March 5, 2020 18:54
LnL7
LnL7 approved these changes Mar 5, 2020
View reviewed changes
Copy link
Member

@LnL7 LnL7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not very familiar with linux bootstrapping, but looks good to me otherwise.

@grahamc
Copy link
Member

grahamc commented Mar 5, 2020

(vcunat said he'd take a look soon)

@grahamc grahamc merged commit 47a7741 into NixOS:master Mar 7, 2020
vcunat
vcunat reviewed Mar 8, 2020
View reviewed changes
Copy link
Member

@vcunat vcunat left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm a bit late, but anyway...

👍 though I trust you on this change being sufficient to fix those 32-bit ARMs. These libs are tiny (27k together on x86_64) and adding them seems very unlikely to break anything.

I still have no idea why platforms differ in needing this stack-protector stuff during bootstrap, but that doesn't seem important. Also it's unclear to me how to choose between *.a and *.so for bootGCC libs; static ones seem safer if they work, with respect to the risk of retaining references when using the resulting boodstrap tools... so 👍 for choosing that here.

@lopsided98
Copy link
Contributor Author

Also it's unclear to me how to choose between *.a and *.so for bootGCC libs; static ones seem safer if they work, with respect to the risk of retaining references when using the resulting boodstrap tools... so +1 for choosing that here.

I originally tried adding the .so, and it resulted in a reference to the bootstrap tools. From what I can tell, GCC normally prefers the static library anyway, even if both are available.

@lopsided98 lopsided98 deleted the bootstrap-libssp branch March 8, 2020 16:10
grahamc added a commit that referenced this pull request Mar 8, 2020
@grahamc
armv{5tel,6l,7l}: update bootstrap tools after #80497

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode
7232895
@vcunat vcunat mentioned this pull request Mar 8, 2020
Merged
10 tasks
grahamc added a commit that referenced this pull request Mar 16, 2020
@grahamc
armv{5tel,6l,7l}: update bootstrap tools after #80497
11b54ad
arthurl pushed a commit to arthurl/nixpkgs that referenced this pull request Apr 4, 2020
@grahamc @arthurl
[backport] armv{5tel,6l,7l}: update bootstrap tools after NixOS#80497
50cd995
cript0nauta pushed a commit to cript0nauta/nixpkgs that referenced this pull request Apr 4, 2020
@grahamc @cript0nauta
armv{5tel,6l,7l}: update bootstrap tools after NixOS#80497
7fe028b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vcunat vcunat

@LnL7 LnL7

@dtzWill dtzWill

Assignees
No one assigned
Labels
6.topic: stdenv Standard environment 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@lopsided98 @grahamc @LnL7 @vcunat