diff --git a/config/Config-build.in b/config/Config-build.in index 61a9265ad7..ac1e05d2ff 100644 --- a/config/Config-build.in +++ b/config/Config-build.in @@ -249,7 +249,6 @@ menu "Global build settings" choice prompt "User space Stack-Smashing Protection" - depends on USE_MUSL default PKG_CC_STACKPROTECTOR_REGULAR help Enable GCC Stack Smashing Protection (SSP) for userspace applications @@ -257,18 +256,15 @@ menu "Global build settings" bool "None" config PKG_CC_STACKPROTECTOR_REGULAR bool "Regular" - select GCC_LIBSSP if !USE_MUSL depends on KERNEL_CC_STACKPROTECTOR_REGULAR config PKG_CC_STACKPROTECTOR_STRONG bool "Strong" - select GCC_LIBSSP if !USE_MUSL depends on KERNEL_CC_STACKPROTECTOR_STRONG endchoice choice prompt "Kernel space Stack-Smashing Protection" default KERNEL_CC_STACKPROTECTOR_REGULAR - depends on USE_MUSL || !(x86_64 || i386) help Enable GCC Stack-Smashing Protection (SSP) for the kernel config KERNEL_CC_STACKPROTECTOR_NONE diff --git a/include/package-defaults.mk b/include/package-defaults.mk index 31e331b2d5..2fed72b1a4 100644 --- a/include/package-defaults.mk +++ b/include/package-defaults.mk @@ -5,7 +5,7 @@ # See /LICENSE for more information. # -PKG_DEFAULT_DEPENDS = +libc +GCC_LIBSSP:libssp +USE_GLIBC:librt +USE_GLIBC:libpthread +PKG_DEFAULT_DEPENDS = +libc +USE_GLIBC:librt +USE_GLIBC:libpthread ifneq ($(PKG_NAME),toolchain) PKG_FIXUP_DEPENDS = $(if $(filter kmod-%,$(1)),$(2),$(PKG_DEFAULT_DEPENDS) $(filter-out $(PKG_DEFAULT_DEPENDS),$(2))) diff --git a/package/libs/toolchain/Makefile b/package/libs/toolchain/Makefile index c13e9e4928..f92a1779da 100644 --- a/package/libs/toolchain/Makefile +++ b/package/libs/toolchain/Makefile @@ -83,33 +83,6 @@ define Package/libatomic/config endmenu endef -define Package/libssp -$(call Package/gcc/Default) - DEPENDS+=@GCC_LIBSSP - TITLE:=GCC support library -endef - -define Package/libssp/config - menu "Configuration" - depends on EXTERNAL_TOOLCHAIN && PACKAGE_libssp - - config LIBSSP_ROOT_DIR - string - prompt "libssp shared library base directory" - depends on EXTERNAL_TOOLCHAIN && PACKAGE_libssp - default TOOLCHAIN_ROOT if !NATIVE_TOOLCHAIN - default "/" if NATIVE_TOOLCHAIN - - config LIBSSP_FILE_SPEC - string - prompt "libssp shared library files (use wildcards)" - depends on EXTERNAL_TOOLCHAIN && PACKAGE_libssp - default "./lib/libssp.so.*" - - endmenu -endef - - define Package/libstdcpp $(call Package/gcc/Default) NAME:=libstdc++ @@ -519,11 +492,6 @@ ifeq ($(CONFIG_EXTERNAL_TOOLCHAIN),) $(CP) $(TOOLCHAIN_DIR)/lib/libgfortran.so.* $(1)/usr/lib/ endef - define Package/libssp/install - $(INSTALL_DIR) $(1)/lib - $(CP) $(TOOLCHAIN_DIR)/lib/libssp.so.* $(1)/lib/ - endef - define Package/libstdcpp/install $(INSTALL_DIR) $(1)/usr/lib $(CP) $(TOOLCHAIN_DIR)/lib/libstdc++.so.* $(1)/usr/lib/ @@ -670,14 +638,6 @@ else done endef - define Package/libssp/install - for file in $(call qstrip,$(CONFIG_LIBSSP_FILE_SPEC)); do \ - $(INSTALL_DIR) $(1)/lib ; \ - $(CP) $(call qstrip,$(CONFIG_LIBSSP_ROOT_DIR))/$$$$file $(1)/lib/ ; \ - done ; \ - exit 0 - endef - define Package/libstdcpp/install for file in $(call qstrip,$(CONFIG_LIBSTDCPP_FILE_SPEC)); do \ $(INSTALL_DIR) $(1)/lib ; \ @@ -789,7 +749,6 @@ endif $(eval $(call BuildPackage,libc)) $(eval $(call BuildPackage,libgcc)) $(eval $(call BuildPackage,libatomic)) -$(eval $(call BuildPackage,libssp)) $(eval $(call BuildPackage,libstdcpp)) $(eval $(call BuildPackage,libasan)) $(eval $(call BuildPackage,libtsan)) diff --git a/toolchain/Config.in b/toolchain/Config.in index 762f4e10d7..cb557d4ad3 100644 --- a/toolchain/Config.in +++ b/toolchain/Config.in @@ -284,7 +284,7 @@ config USE_MUSL bool config SSP_SUPPORT - default y if USE_MUSL || GCC_LIBSSP + default y if !PKG_CC_STACKPROTECTOR_NONE bool config USE_EXTERNAL_LIBC diff --git a/toolchain/gcc/Config.in b/toolchain/gcc/Config.in index 7d7f34210a..4b2ba7aaae 100644 --- a/toolchain/gcc/Config.in +++ b/toolchain/gcc/Config.in @@ -47,14 +47,6 @@ config GCC_DEFAULT_SSP help Use gcc configure option --enable-default-ssp to turn on -fstack-protector-strong by default. -config GCC_LIBSSP - bool - prompt "Build gcc libssp" if TOOLCHAINOPTS - depends on !USE_MUSL - default y if !USE_MUSL - help - Enable Stack-Smashing Protection support - config SJLJ_EXCEPTIONS bool prompt "Use setjump()/longjump() exceptions" if TOOLCHAINOPTS diff --git a/toolchain/gcc/common.mk b/toolchain/gcc/common.mk index 7fb30285aa..ec3ea8fff1 100644 --- a/toolchain/gcc/common.mk +++ b/toolchain/gcc/common.mk @@ -104,6 +104,7 @@ GCC_CONFIGURE:= \ --disable-multilib \ --disable-libmpx \ --disable-nls \ + --disable-libssp \ $(GRAPHITE_CONFIGURE) \ --with-host-libstdcxx=-lstdc++ \ $(SOFT_FLOAT_CONFIG_OPTION) \ @@ -131,14 +132,6 @@ ifneq ($(CONFIG_GCC_DEFAULT_SSP),) --enable-default-ssp endif -ifneq ($(CONFIG_GCC_LIBSSP),) - GCC_CONFIGURE+= \ - --enable-libssp -else - GCC_CONFIGURE+= \ - --disable-libssp -endif - ifneq ($(CONFIG_EXTRA_TARGET_ARCH),) GCC_CONFIGURE+= \ --enable-biarch \ diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk index db4f0fcc0e..f0b95d3cc7 100644 --- a/toolchain/glibc/common.mk +++ b/toolchain/glibc/common.mk @@ -39,7 +39,6 @@ ifeq ($(ARCH),mips64) endif endif - # -Os miscompiles w. 2.24 gcc5/gcc6 # only -O2 tested by upstream changeset # "Optimize i386 syscall inlining for GCC 5" @@ -61,6 +60,8 @@ GLIBC_CONFIGURE:= \ --without-cvs \ --enable-add-ons \ --$(if $(CONFIG_SOFT_FLOAT),without,with)-fp \ + $(if $(CONFIG_PKG_CC_STACKPROTECTOR_REGULAR),--enable-stack-protector=yes) \ + $(if $(CONFIG_PKG_CC_STACKPROTECTOR_STRONG),--enable-stack-protector=strong) \ --enable-kernel=4.14.0 export libc_cv_ssp=no