Page MenuHomeFreeBSD

Prepare the system for _FORTIFY_SOURCE
Needs RevisionPublic

Authored by kevans on Oct 5 2021, 3:48 AM.

Details

Reviewers
ngie
imp
Summary

Notably:

  • libc needs to #undef some of the macros from ssp/* for underlying implementations
  • ssp/* wants a __RENAME() macro (snatched more or less from NetBSD)

There's some extra hinkiness included for read(), since libc spells it
as "_read" while the rest of the world spells it "read."

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 41979
Build 38867: arc lint + arc unit

Event Timeline

kevans requested review of this revision.Oct 5 2021, 3:48 AM

Re _read, I thought all system calls had three functions foo, _foo and sys_foo depending on which layer of indirection you were trying to bypass... I know that's why libc uses things like _read and _write.

In D32307#729071, @imp wrote:

Re _read, I thought all system calls had three functions foo, _foo and sys_foo depending on which layer of indirection you were trying to bypass... I know that's why libc uses things like _read and _write.

Right, sorry, I need to update that comment.

In D32307#729071, @imp wrote:

Re _read, I thought all system calls had three functions foo, _foo and sys_foo depending on which layer of indirection you were trying to bypass... I know that's why libc uses things like _read and _write.

Right, sorry, I need to update that comment.

You've likely already thought of this, but if not... do we need to _FORTIFY_SOURCE system calls that FreeBSD has that are 'read like' that aren't in NetBSD?

arichardson added inline comments.
lib/libc/amd64/string/bcopy.c
11

(bcopy) will prevent function macro expansion, no need for #undef. Same for the other files.

kib added inline comments.
lib/libc/Makefile
24

I am not sure about all current and future uses of this define, but I dislike it being taken from the user namespace.

Usually we use something like _IN_LIBC

lib/libc/Makefile
24

It also wouldn't be used much, but I wonder if it'd be better to just -D_FORTIFY_SOURCE_read=_read and default _FORTIFY_SOURCE_read to read in the header.

Just prevent macro expansion, and use -D_FORTIFY_SOURCE_read instead of defining
some indicator for "in libc" to be misused later.

imp requested changes to this revision.Sep 25 2022, 4:57 AM
imp added inline comments.
lib/libc/sys/read.c
39

you only changed an include...
and nothing else...
So what does this accomplish?

sys/sys/cdefs.h
637–638

I'm torn on this #else...
It means that no compilers that don't define PCC nor GNUC will be an automatic error
EVEN IF THEY DONT USE __RENAME()

So that's bad, right? I'd be tempted to either leave it undefined or # it like you do for kernel standalone....

This revision now requires changes to proceed.Sep 25 2022, 4:57 AM