diff options
-rw-r--r-- | hardened/toolchain/branches/pieworld/pieworld.README | 216 |
1 files changed, 116 insertions, 100 deletions
diff --git a/hardened/toolchain/branches/pieworld/pieworld.README b/hardened/toolchain/branches/pieworld/pieworld.README index 079656e..cb2f639 100644 --- a/hardened/toolchain/branches/pieworld/pieworld.README +++ b/hardened/toolchain/branches/pieworld/pieworld.README @@ -39,6 +39,10 @@ From hardened gcc-3/glibc-2.3: 7) emerge --oneshot =sys-devel/gcc-4.1.1-r3 8) emerge -e world :) +There maybe quicker/shorter ways - but the above should always work. Care has to be taken +because the specs handling has changed a little from gcc-3, and may cause odd breakages +along the way. + Things that can trip up in pieworld ----------------------------------- @@ -46,8 +50,8 @@ Things that can trip up in pieworld * non-PIC assembler. Common in x86 media applications; occurs also in x86 media libraries although the latter should really be PIC. -* local-exec thread-local storage (TLS). On x86, causes textrels - most arches don't allow - textrels so don't permit local-exec at all in PIC (including PIE). +* local-exec thread-local storage (TLS). On x86, causes textrels with PIC - most arches + don't allow textrels so don't permit local-exec at all in PIC (including PIE). @@ -61,55 +65,55 @@ Investigations lib*.a from gcc-4.1.1 are: - libgcc.a built -fPIC - libgcc_eh.a built -fPIC - libffi.a .so equivalent exists - libgcj.a .so equivalent exists - libgcjwt.a .so equivalent exists - libgcov.a built -fPIC - libgfortran.a .so equivalent exists - libgfortranbegin.a Contains fmain.o - looks like only used for executables, so should be ok -fPIE - libgij.a .so equivalent exists - libstdc++.a .so equivalent exists + libgcc.a built -fPIC + libgcc_eh.a built -fPIC + libffi.a .so equivalent exists + libgcj.a .so equivalent exists + libgcjwt.a .so equivalent exists + libgcov.a built -fPIC + libgfortran.a .so equivalent exists + libgfortranbegin.a Contains fmain.o - looks like only used for executables, so should be ok -fPIE + libgij.a .so equivalent exists + libstdc++.a .so equivalent exists lib*.a from glibc-2.5 are: - libieee.a shared library (just named '.a') - libmcheck.a shared library (just named '.a') - libc_stubs.a shared library (just named '.a') - libBrokenLocale.a .so equivalent exists - libutil.a .so equivalent exists - librpcsvc.a Built -fPIC (http://sourceware.org/ml/glibc-bugs/2005-07/msg00157.html) - libdl.a .so equivalent exists - librt.a .so equivalent exists - libbsd-compat.a contains only an empty object 'dummy.o' - doesn't matter how it's built - libpthread.a .so equivalent exists - libc.a .so equivalent exists - libg.a contains only an empty object 'dummy.o' - doesn't matter how it's built - libm.a .so equivalent exists - libcrypt.a .so equivalent exists - libanl.a .so equivalent exists - libresolv.a .so equivalent exists - libnsl.a .so equivalent exists + libieee.a shared library (just named '.a') + libmcheck.a shared library (just named '.a') + libc_stubs.a shared library (just named '.a') + libBrokenLocale.a .so equivalent exists + libutil.a .so equivalent exists + librpcsvc.a Built -fPIC (http://sourceware.org/ml/glibc-bugs/2005-07/msg00157.html) + libdl.a .so equivalent exists + librt.a .so equivalent exists + libbsd-compat.a contains only an empty object 'dummy.o' - doesn't matter how it's built + libpthread.a .so equivalent exists + libc.a .so equivalent exists + libg.a contains only an empty object 'dummy.o' - doesn't matter how it's built + libm.a .so equivalent exists + libcrypt.a .so equivalent exists + libanl.a .so equivalent exists + libresolv.a .so equivalent exists + libnsl.a .so equivalent exists So looks like it's all ok, both in gcc and glibc. -2) glibc-2.5 failures: +2) glibc-2.5 failures (sandbox always disabled): For reference, on vanilla x86 the following fail (both in and out of a chroot): linuxthreads/posix/annexc Expected (ignored) http://sourceware.org/ml/libc-hacker/1998-11/msg00207.html linuxthreads/linuxthreads/tst-clock1 - Time between threads is too short - expected 1 sec, got a fraction. + Time between threads is too short - expected 1 sec, got a fraction (why?). linuxthreads/rt/tst-aio9 Limitation of linuxthreads? (ok on nptl) Hints to that effect http://sourceware.org/ml/libc-ports/2006-08/msg00016.html linuxthreads/rt/tst-aio10 Limitation of linuxthreads? (ok on nptl) http://sourceware.org/ml/libc-ports/2006-08/msg00016.html linuxthreads/elf/check-localplt - bunch of stuff appears, mostly from libpthread.so, that isn't expected + bunch of stuff appears, mostly from libpthread.so, that isn't expected (why?). linuxthreads/c++-types-check - pthread_attr_t and pthread_rwlock_t are different from expected. + pthread_attr_t and pthread_rwlock_t are different from expected (why?). ok nptl/posix/annexc Expected (ignored) http://sourceware.org/ml/libc-hacker/1998-11/msg00207.html @@ -133,79 +137,91 @@ Note also - ppc64 and sparc64 can't have linuxthreads as it doesn't compile (some changes that are in for nptl have not been back-ported). - ... is HhV where H: hardened on hardened kernel, h: hardened on vanilla kernel, V: vanilla on vanilla kernel -Arch -> x86 ppc x86_64 sparc ppc64 +Arch -> x86 ppc x86_64 sparc ppc64 NPTL Test v -iconvdata/iconv-test -.. -.. ..X .-. .-. (? segfault) -libio/tst-wmemstream1 -.. -.. .X- .-. .-. (? segfault) -libio/tst-wmemstream2 -.. -.. .X- .-. .-. (? segfault) -libio/bug-wmemstream1 -.. -.. .X- .-. .-. (? segfault) -malloc/tst-mtrace -.. -.. .-X .-. .-. -grp/tst_fgetgrent -.. -.. .-X .-. .-. -math/test-fenv -.. -.. .-- .X. .-. (?) -dlfcn/default X.. X.. .X- .X. .X. (?) -posix/globtest -.. -.. .-X .-. .-. -posix/annexc X.. X.. .XX .X. .X. (expected) -io/ftwtest -.. -.. .-X .-. .-. -misc/tst-pselect -.. -.. .-- .-. .-. (?) -nptl/tst-mutexpi4 X.. -.. .-- .-. .-. -nptl/tst-mutexpi5 X.. -.. .-- .-. .-. -nptl/tst-mutexpi5a X.. -.. .-- .-. .-. -nptl/tst-mutexpi6 X.. -.. .-- .-. .-. -nptl/tst-mutexpi9 X.. -.. .-- .-. .-. -nptl/tst-robust1 X.. -.. .-- .-. .-. -nptl/tst-robust2 X.. -.. .-- .-. .-. -nptl/tst-robust3 X.. -.. .-- .-. .-. -nptl/tst-robust4 X.. -.. .-- .-. .-. -nptl/tst-robust5 X.. -.. .-- .-. .-. -nptl/tst-robust6 X.. -.. .-- .-. .-. -nptl/tst-robust7 X.. -.. .-- .-. .-. -nptl/tst-robust8 X.. -.. .-- .-. .-. -nptl/tst-robustpi1 X.. -.. .-- .-. .-. -nptl/tst-robustpi2 X.. -.. .-- .-. .-. -nptl/tst-robustpi3 X.. -.. .-- .-. .-. -nptl/tst-robustpi4 X.. -.. .-- .-. .-. -nptl/tst-robustpi5 X.. -.. .-- .-. .-. -nptl/tst-robustpi6 X.. -.. .-- .-. .-. -nptl/tst-robustpi7 X.. -.. .-- .-. .-. -nptl/tst-tls2 X.. -.. -X- .-. .-. -nptl/tst-cancel1 X.. -.. .XX .-. .-. (expected on x86/x86_64) -nptl/tst-cancelx4 X.. -.. .-- .-. .-. -nptl/tst-cancelx5 X.. -.. .-- .-. .-. -nptl/tst-cancelx10 X.. -.. .-- .-. .-. -nptl/tst-cancelx18 X.. -.. .-- .-. .-. -nptl/tst-execstack -.. X.. .-- .-. .-. (PaX) -nptl/rt/tst-cpuclock2 -.. -.. .X- .-. .-. (?) -nptl/tst-eintr1 -.. -.. .-- .X. .-. (?) -nptl/tst-cancel20 -.. -.. .-- .X. .-. (?) -nptl/tst-cancelx20 -.. -.. .-- .X. .-. (?) -elf/tst-tls1 X.. X.. .X- .X. .X. (local-exec TLS) -elf/tst-tls2 X.. X.. .X- .X. .X. (local-exec TLS) -elf/tst-tls1-static -.. X.. .X- .X. .X. (local-exec TLS) -elf/tst-tls2-static -.. X.. .X- .X. .X. (local-exec TLS) -elf/resolvfail X.. X.. .X- .X. .X. (BIND_NOW) -elf/constload1 X.. X.. .X- .X. .X. (BIND_NOW) -elf/order X.. X.. .X- .X. .X. (BIND_NOW) -elf/lateglobal X.. X.. .X- .X. .X. (BIND_NOW) -elf/dblload X.. X.. .X- .X. .X. (BIND_NOW) -elf/dblunload X.. X.. .X- .X. .X. (BIND_NOW) -elf/reldep6 X.. X.. .X- .X. .X. (BIND_NOW) -elf/circleload1 X.. X.. .X- .X. .X. (BIND_NOW) -elf/tst-tls3 X.. X.. .X- .X. ... (?) -elf/tst-tls10 X.. X.. .X- .-. .X. (local-exec TLS) -elf/tst-tls14 X.. -.. .X- .-. ... (local-exec TLS) -elf/tst-execstack X.. X.. .-- .-. ... (PaX) -elf/tst-execstack-needed X.. X.. .-- .-. ... (PaX) -elf/tst-execstack-prog X.. X.. .-- .-. ... (PaX) -elf/tst-global1 X.. X.. .X- .X. .X. (BIND_NOW) -elf/tst-audit2 X.. X.. .X- .-. .X. (local-exec TLS) - +iconvdata/iconv-test --- -.. ..X .-. .-. (? segfault) +libio/tst-wmemstream1 --- -.. .X- .-. .-. (? segfault) +libio/tst-wmemstream2 --- -.. .X- .-. .-. (? segfault) +libio/bug-wmemstream1 --- -.. .X- .-. .-. (? segfault) +malloc/tst-mtrace --- -.. .-X .-. .-. (? x86_64-only) +grp/tst_fgetgrent --- -.. .-X .-. .-. (? x86_64-only) +math/test-fenv --- -.. .-- .X. .-. (?) +dlfcn/default XX- X.. .X- .X. .X. (? dladdr returns empty string) +posix/globtest --- -.. .-X .-. .-. (? x86_64-only) +posix/annexc XXX X.. .XX .X. .X. (expected) +io/ftwtest --- -.. .-X .-. .-. (? x86_64-only) +nptl/tst-mutex5 --X -.. .-- .-. .-. (? x86-only) +nptl/tst-mutexpi4 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-mutexpi5 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-mutexpi5a X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-mutexpi6 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-mutexpi9 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-cond10 --X -.. .-- .-. .-. (? x86-only) +nptl/tst-robust1 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robust2 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robust3 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robust4 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robust5 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robust6 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robust7 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robust8 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robustpi1 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robustpi2 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robustpi3 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robustpi4 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robustpi5 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robustpi6 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-robustpi7 X-- -.. .-- .-. .-. (? x86-only) +nptl/tst-tls2 X-- -.. .X- .-. .-. (local-exec TLS?) +nptl/tst-cancel1 XXX -.. .XX .-. .-. (expected on x86/x86_64) +nptl/tst-cancelx4 XX- -.. .-- .-. .-. (? x86-only) +nptl/tst-cancelx5 XX- -.. .-- .-. .-. (? x86-only) +nptl/tst-cancelx10 XX- -.. .-- .-. .-. (? x86-only) +nptl/tst-cancelx18 XX- -.. .-- .-. .-. (? x86-only) +nptl/tst-execstack --- X.. .-- .-. .-. (PaX) +nptl/rt/tst-cpuclock2 --- -.. .X- .-. .-. (?) +nptl/tst-eintr1 --- -.. .-- .X. .-. (?) +nptl/tst-cancel20 --- -.. .-- .X. .-. (?) +nptl/tst-cancelx20 --- -.. .-- .X. .-. (?) +elf/tst-tls1 X-- X.. .X- .X. .X. (local-exec TLS) +elf/tst-tls2 X-- X.. .X- .X. .X. (local-exec TLS) +elf/tst-tls1-static --- X.. .X- .X. .X. (local-exec TLS) +elf/tst-tls2-static --- X.. .X- .X. .X. (local-exec TLS) +elf/resolvfail XX- X.. .X- .X. .X. (BIND_NOW) +elf/constload1 XX- X.. .X- .X. .X. (BIND_NOW) +elf/order XX- X.. .X- .X. .X. (BIND_NOW) +elf/lateglobal XX- X.. .X- .X. .X. (BIND_NOW) +elf/dblload XX- X.. .X- .X. .X. (BIND_NOW) +elf/dblunload XX- X.. .X- .X. .X. (BIND_NOW) +elf/reldep6 XX- X.. .X- .X. .X. (BIND_NOW) +elf/circleload1 XX- X.. .X- .X. .X. (BIND_NOW) +elf/tst-tls3 X-- X.. .X- .X. ... (?) +elf/tst-tls10 X-- X.. .X- .-. .X. (local-exec TLS) +elf/tst-tls14 X-- -.. .X- .-. ... (local-exec TLS) +elf/tst-execstack X-- X.. .-- .-. ... (PaX) +elf/tst-execstack-needed X-- X.. .-- .-. ... (PaX) +elf/tst-execstack-prog X-- X.. .-- .-. ... (PaX) +elf/tst-global1 XX- X.. .X- .X. .X. (BIND_NOW) +elf/tst-audit2 XX- X.. .X- .-. .X. (local-exec TLS) + +... is HhV where H: hardened on hardened kernel, h: hardened on vanilla kernel, V: vanilla on vanilla kernel X => test failure, - => test pass. . => not run + PaX: PaX kernel causes execstack behaviour to fail (a good thing, where PaX is concerned). -BIND_NOW: These tests require that some of their links be -Wl,-z,lazy (perhaps we could add this explicitly) +BIND_NOW: These tests require that some of their links be -Wl,-z,lazy local-exec TLS: The local-exec TLS model is not compatible with PIC (and therefore PIE) posix/annexc is ignored upstream (http://sourceware.org/ml/libc-hacker/1998-11/msg00207.html) tst-cancel1 fails on x86/amd64 because support is not in gcc-4.1.1 - gcc-4.2 will fix this (http://sourceware.org/ml/libc-alpha/2006-09/msg00039.html) + +Things to work out: +1) Why all those mutex/robust (barrier) checks fail on x86 with a hardened kernel (only!) +2) Why x86 passes elf/tst-tls{1,2}-static when all other arches fail it +3) What's different about x86_64 that it fails a whole bunch that are ok for other arches +4) Failures marked (?) + +Things to consider: +1) Forcing TLS model local-exec to local-dynamic or initial-exec; or implementing + a PIC-friendly local-exec in gcc. |