diff options
| author | Mark Johnston <markj@FreeBSD.org> | 2022-11-07 21:07:26 +0000 |
|---|---|---|
| committer | Mark Johnston <markj@FreeBSD.org> | 2022-11-21 13:48:39 +0000 |
| commit | 79e5fc020e0cd02d81f7d3ec9ff974ddff8e4ca0 (patch) | |
| tree | c11806c9c6d36e9ce74559668b44a202f0747dda /sys | |
| parent | 51425bb84689001515b15e52f713a979b4bf3cdb (diff) | |
ksan: Build sanitizer runtimes without stack-smashing protection
On arm64 with per-thread stack canaries enabled (the PERTHREAD_SSP
option), the compiler may load curthread->td_md.md_canary in function
prologues. This is not safe in data_abort(); see commit 2c10be9e06d4.
Thus, sanitizer runtimes must also avoid accessing the current thread's
canary.
Since SSP has limited utility in sanitizer runtimes, simply disable it
unconditionally to avoid unpleasant surprises in the future.
MFC after: 2 weeks
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
(cherry picked from commit 3c0e9169a357f6d99b80c02dd27210d742797cf2)
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/conf/files | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/conf/files b/sys/conf/files index 5a02fe8f9f36..8d8b27940948 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -3916,7 +3916,7 @@ kern/stack_protector.c standard \ kern/subr_acl_nfs4.c optional ufs_acl | zfs kern/subr_acl_posix1e.c optional ufs_acl kern/subr_asan.c optional kasan \ - compile-with "${NORMAL_C:N-fsanitize*}" + compile-with "${NORMAL_C:N-fsanitize*:N-fstack-protector*}" kern/subr_autoconf.c standard kern/subr_blist.c standard kern/subr_boot.c standard @@ -3931,7 +3931,7 @@ kern/subr_coverage.c optional coverage \ compile-with "${NORMAL_C:N-fsanitize*}" kern/subr_counter.c standard kern/subr_csan.c optional kcsan \ - compile-with "${NORMAL_C:N-fsanitize*}" + compile-with "${NORMAL_C:N-fsanitize*:N-fstack-protector*}" kern/subr_devstat.c standard kern/subr_disk.c standard kern/subr_early.c standard |