unrandomize issue with glibc 2.36.9000 and _FORTIFY

gcl-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

unrandomize issue with glibc 2.36.9000 and _FORTIFY_SOURCE

From:	Jerry James
Subject:	unrandomize issue with glibc 2.36.9000 and _FORTIFY_SOURCE
Date:	Tue, 17 Jan 2023 20:19:41 -0700

A new snapshot of the upcoming glibc 2.37 (called 2.36.9000) has
landed in Fedora, and now gcl 2.6.14 does this while running
configure:

checking for personality(ADDR_NO_RANDOMIZE) support... no
checking that sbrk is (now) non-random... no
Cannot build with randomized sbrk. Your options:
 - upgrade to a kernel/libc that knows about personality(ADDR_NO_RANDOMIZE)
 - recompile your kernel with CONFIG_COMPAT_BRK (if it has that option)
 - run sysctl kernel.randomize_va_space=0 before using gcl
configure: error: exiting

And config.log is full of errors:

configure:8097: checking for personality(ADDR_NO_RANDOMIZE) support
configure:8117: gcc -o conftest -O2 -fexceptions -g
-grecord-gcc-switches -pipe -Wall -Werror=format-security
-Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS
-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic
-fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection
-fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -fsigned-char
-pipe -fcommon -fno-builtin-malloc -fno-builtin-free -fno-PIE -fno-pie
-fno-PIC -fno-pic -Wall -Wno-empty-body -Wno-unused-but-set-variable
-I/usr/include/tirpc  -Wl,-z,relro -Wl,--as-needed
-specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -Wl,--build-id=sha1
-no-pie conftest.c  >&5
In file included from /usr/include/unistd.h:1214,
                 from h/unrandomize.h:4,
                 from conftest.c:64:
/usr/include/bits/unistd.h: In function 'main':
/usr/include/bits/unistd.h:36:1: error: nested function 'read' declared 'extern'
   36 | read (int __fd, void *__buf, size_t __nbytes)
      | ^~~~
/usr/include/bits/unistd.h:36:1: error: static declaration of 'read'
follows non-static declaration
/usr/include/unistd.h:371:16: note: previous declaration of 'read'
with type 'ssize_t(int,  void *, size_t)' {aka 'long int(int,  void *,
long unsigned int)'}
  371 | extern ssize_t read (int __fd, void *__buf, size_t __nbytes) __wur
      |                ^~~~
/usr/include/bits/unistd.h:72:1: error: nested function 'pread'
declared 'extern'
   72 | pread (int __fd, void *__buf, size_t __nbytes, __off_t __offset)
      | ^~~~~
/usr/include/bits/unistd.h:72:1: error: static declaration of 'pread'
follows non-static declaration
/usr/include/unistd.h:389:16: note: previous declaration of 'pread'
with type 'ssize_t(int,  void *, size_t,  __off_t)' {aka 'long
int(int,  void *, long unsigned int,  long int)'}
  389 | extern ssize_t pread (int __fd, void *__buf, size_t __nbytes,
      |                ^~~~~
/usr/include/bits/unistd.h:90:1: error: nested function 'pread64'
declared 'extern'
   90 | pread64 (int __fd, void *__buf, size_t __nbytes, __off64_t __offset)
      | ^~~~~~~
/usr/include/bits/unistd.h:90:1: error: static declaration of
'pread64' follows non-static declaration
/usr/include/unistd.h:422:16: note: previous declaration of 'pread64'
with type 'ssize_t(int,  void *, size_t,  __off64_t)' {aka 'long
int(int,  void *, long unsigned int,  long int)'}
  422 | extern ssize_t pread64 (int __fd, void *__buf, size_t __nbytes,
      |                ^~~~~~~
In file included from /usr/include/features.h:490,
                 from /usr/include/bits/libc-header-start.h:33,
                 from /usr/include/stdio.h:27,
                 from conftest.c:61:
/usr/include/bits/unistd.h:116:1: error: nested function 'readlink'
declared 'extern'
  116 | __NTH (readlink (const char *__restrict __path, char *__restrict __buf,
      | ^~~~~
/usr/include/bits/unistd.h:116:1: error: static declaration of
'readlink' follows non-static declaration
/usr/include/unistd.h:838:16: note: previous declaration of 'readlink'
with type 'ssize_t(const char * restrict,  char * restrict,  size_t)'
{aka 'long int(const char * restrict,  char * restrict,  long unsigned
int)'}
  838 | extern ssize_t readlink (const char *__restrict __path,


and so on.  The problem is h/unrandomize.h, which starts with #include
directives, then has code meant to be embedded in a function.
Apparently the combination of that with -O2 and
-Wp,-D_FORTIFY_SOURCE=3 (or 2) leads to the errors above.  Here is the
definition of read from /usr/include/bits/unistd.h, for example:

__fortify_function __wur ssize_t
read (int __fd, void *__buf, size_t __nbytes)
{
  return __glibc_fortify (read, __nbytes, sizeof (char),
              __glibc_objsize0 (__buf),
              __fd, __buf, __nbytes);
}

I don't know offhand where or how __fortify_function or
__glibc_fortify are defined, but note the "nested function" parts of
the errors above.  That read() function is a full definition, so when
it appears inside a function body, that makes it a nested function,
which makes it fail to match the unfortified function declaration.

The attached patch may not be optimal, but seems to solve this
problem.  Then the GCC 13 prerelease version we are using seems to be
causing another problem that I haven't had time to diagnose yet.  More
on that later.
-- 
Jerry James
http://www.jamezone.org/

gcl-2.6.14-unrandomize.patch
Description: Text Data

[Prev in Thread]

Current Thread

[Next in Thread]

unrandomize issue with glibc 2.36.9000 and _FORTIFY_SOURCE, Jerry James <=
- Re: unrandomize issue with glibc 2.36.9000 and _FORTIFY_SOURCE, Camm Maguire, 2023/01/18

Prev by Date: Re: gcl-2.6.14 released [stable]
Next by Date: Re: gcl-2.6.14 released [stable]
Previous by thread: Re: [Maxima-discuss] gcl-2.6.13 released [stable]
Next by thread: Re: unrandomize issue with glibc 2.36.9000 and _FORTIFY_SOURCE
Index(es):
- Date
- Thread