work with hardened ssp and pie toolchain extensions

netboot-0.10.1-nossp.patch

Logged In: YES
user_id=612034
Originator: YES

The -fno-pie and -fno-stack-protector probably should be conditional if the toolchain recognises it.

Fails with the following if I don't include it:
i686-pc-linux-gnu-gcc -march=pentium3 -O2 -pipe -DHAVE_CONFIG_H -DNETBOOT -I/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/include -I/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/misc -o gccrules gccrules.o -L/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/nblib /var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/nblib/.libs/libnb.a -ldb
/usr/lib/gcc/i686-pc-linux-gnu/3.4.6/../../../../i686-pc-linux-gnu/bin/ld: warning: creating a DT_TEXTREL in object.
./gccrules -ogccopt.h rules.stack rules.gcc rules.post
./gccrules: error while loading shared libraries: cannot make segment writable for relocation: Permission denied

I probably should explain the string.h86 modification

I had the error "can't find a register in class `SREG" while reloading `asm""

I didn't see it making use of esi so I just added esi to the clobber list.

Logged In: YES
user_id=282902
Originator: NO

Hello,
thanks for pointing out this problem. Which version of gcc are you using? Actually,
the error appears when linking with the netboot library, and that should never
require write access to the TEXT segment. I need to investigate this further.
gero.

Logged In: YES
user_id=612034
Originator: YES

Please ignore the TEXTREL - was from a broken toolchain (different machine that I used to debug netboot).

Here is the right environment info:
$ emerge --info
Portage 2.1.1-r2 (hardened/x86/2.6, gcc-3.4.6, glibc-2.3.6-r5, 2.6.19-gentoo-r4 i686)
=================================================================
System uname: 2.6.19-gentoo-r4 i686 Intel(R) Celeron(R) CPU 2.40GHz
Gentoo Base System version 1.12.9
Last Sync: Wed, 31 Jan 2007 01:47:01 +0000
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
ccache version 2.4 [disabled]
app-admin/eselect-compiler: [Not Present]
dev-java/java-config: 1.3.7, 2.0.31
dev-lang/python: 2.3.5-r2, 2.4.4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache: 2.4-r6
dev-util/confcache: [Not Present]
sys-apps/sandbox: 1.2.18.1
sys-devel/autoconf: 2.13, 2.60
sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils: 2.17
sys-devel/gcc-config: 1.3.14
sys-devel/libtool: 1.5.22
virtual/os-headers: 2.6.19.2-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=athlon-xp -fomit-frame-pointer -pipe"
CHOST="i686-pc-linux-gnu"
$ gcc --version
gcc (GCC) 3.4.6 (Gentoo Hardened 3.4.6-r2, HTB-3.4.4-1.00, ssp-3.4.6-1.0, pie-8.7.9)

Configured with
./configure --prefix=/usr --host=i686-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --enable-bootrom --with-gnu-cc86=i686-pc-linux-gnu-gcc --with-gnu-as86=i686-pc-linux-gnu-as --with-gnu-ld86=i686-pc-linux-gnu-ld --build=i686-pc-linux-gnu

Below is the error without this patch
i686-pc-linux-gnu-gcc -nostdinc -I/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/include -I/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/i386 -Os -march=i386 -x c -DHAVE_CONFIG_H -D_TARGET_ -Wall -Winline -mpreferred-stack-boundary=2 -mregparm=1 -ffreestanding -fpack-struct -fshort-enums -fleading-underscore -fcall-used-ecx -fcall-used-edx -finline-functions -S -o ansi.t86 ansi.c86
ansi.c86: In function `dochar':
ansi.c86:209: error: can't find a register in class `BREG' while reloading `asm'
ansi.c86:246: error: can't find a register in class `BREG' while reloading `asm'
ansi.c86:274: error: can't find a register in class `BREG' while reloading `asm'
ansi.c86:161: error: can't find a register in class `BREG' while reloading `asm'
make[4]: *** [ansi.t86] Error 1
rm setjmp.o86 setjmp.s86
make[4]: Leaving directory `/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/i386/libc'

With ssp patch excluding the string.h86 patch

i686-pc-linux-gnu-gcc -nostdinc -I/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/include -I/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/bootrom/kernel -Os -march=i386 -x c -DHAVE_CONFIG_H -D_TARGET_ -D_BOOTROM_ -D_KERNEL_ -I/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/bootrom -Wall -Winline -mpreferred-stack-boundary=2 -mregparm=1 -ffreestanding -fpack-struct -fshort-enums -fleading-underscore -fcall-used-ecx -fcall-used-edx -finline-functions -S -fno-pie -fno-stack-protector -o load.t86 load.c86
load.c86: In function `load':
/var/tmp/portage/netboot-0.10.1/work/netboot-0.10.1/include/i386/string.h86:645: error: can't find a register in class `SIREG' while reloading `asm'

And with the patch these get cleared.

Logged In: YES
user_id=282902
Originator: NO

Hello,
thanks again for your input. I have now modified configure.ac to find out if gcc supports
the pie and ssp command line options. I've also changed the installation layout a little
bit following your "installation" bug report. There is probably no need to have a "utils"
subdirectory in $libdir/netboot, so I have moved all executables from that subdirectory
into $libdir/netboot. The network driver information file "netboot.drivers" now goes into
$datadir/netboot where it belongs. This should make for a cleaner layout.
Regarding the string.h86 problem this is clearly a bug. movmem preserves ESI so there is
no need to care for it at all.
I have sent all modifications to the CVS tree.
Thanks again very much for your help!
gero.