From nobody Sat May 18 18:42:39 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VhXkr1VHDz5LHSM for ; Sat, 18 May 2024 18:42:44 +0000 (UTC) (envelope-from pfg@freebsd.org) Received: from sonic307-9.consmr.mail.ne1.yahoo.com (sonic307-9.consmr.mail.ne1.yahoo.com [66.163.190.32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4VhXkp6vRXz4YBm for ; Sat, 18 May 2024 18:42:42 +0000 (UTC) (envelope-from pfg@freebsd.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yahoo.com header.s=s2048 header.b=BO+HhwsC; dmarc=fail reason="No valid SPF, DKIM not aligned (relaxed)" header.from=freebsd.org (policy=none); spf=softfail (mx1.freebsd.org: 66.163.190.32 is neither permitted nor denied by domain of pfg@freebsd.org) smtp.mailfrom=pfg@freebsd.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1716057760; bh=DIJdN3W80lXVEB3Y79IAMMkk/Gem/XoSKg20BF8lZ5Y=; h=Date:From:To:In-Reply-To:References:Subject:From:Subject:Reply-To; b=BO+HhwsCjW2pFJn14XdQhdC4eWD2y+Z3nqEggC2z5sDIW6mjoGzJkZ6RvpjrBbJ2uCKkhe3VLdR4z0HWZfJiqHBfEIS/I4t41vhE/4KzjIt1URsaPbTSlxoUI3hiaAa/hhBw6421Q8ufeL3Pb2EHVPBgvOydHIRlEG/FKlpqvdSkFLImn8WXEZBSQtkoVpV7NJxg46nwpFkmB3YdcBgxEfdchuFB6R2/aoqRz3RutIWzECFjq8dRrmwU3loF0xpU5fdx2kffAFSGZFxGrBhm8nOjkV/ddQqUvS0mZ6SGRzBeymjs+LWVGZXlBzHt5SrHGOaGb34VVyHBXbnmpj4N8Q== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1716057760; bh=bDl4p+CskUJa8cuSZpFiHRRJK+o7wG4yr9aYdsq1DsF=; h=X-Sonic-MF:Date:From:To:Subject:From:Subject; b=c5hjf6ddF+SK8hlRV4S/Md8Y2Uj6sOqtf9HN0wiTzmFGYannoCNuGgiIITvlirvHOuA2JkpJQP5PWbY1NscYlJYsAFij9BfV9IeXgam+o1YsJRCJAqSoeEt8YCYTYC2SzZr8kMq+03P5ccJINBGJO6ogkFYwv5eXQ7O5Dv/DdtUbjEe47Kv0gy33fZ6A7A7t6n21j+7+koWNR//ge+yBkjC077mT8WKyctPq6/V91v8c8557DwxeWlFqV48nnLla1DrlqlCMswwtow6rOqtbocFwU6rCJkndNGPGa7KiZa3pltgDvUY/PAkxrOOig0H47BisS30Rp8zrt4vTYq3wxg== X-YMail-OSG: KzT0eQIVM1kcCxjCxlTD9hwXHJFHm91d7fHQ4ZCn3XljlsPeTDljs6c6aMOk1pS z7N1Mmq.5rj2.mSo7La8TAh63CCqg8BYzRQnnlhDs2bgVIo9Fy0lI_k6XefoqJG.XtT_U4EZH.CK va8nwhBCaybhMA7L_yTbk3WbCbefwaO7XefNnN5S7MzeN7AxcKaO.SDaOmZP2ygdEpCR9djjD847 P37mK8JzflR7F_ymw6pFbE_6NjaKebuVyyAwMcgg0mRjhDpMc9vILeqOE4HDFAYj4KXpRNG28bWK lXgnnMeVicBX4YbOmZ4NnDGwsKy54Hq0KZ4fJkIgMMZdGMJy84CZw0QvLYX8qlto.G5FkqR8r8vt SjEuBCxY5pfM9d3V5Kl5PXk3OVPLmi_MjX7MHeNvc8mm1aDc8tqlC4vG5x1KmbvFd6y248dd4s3j 7iW8ejVfN2BZH0yNHqy0svVNT5LBIEXwrPPQoOsY47g2nsiTkuDRx4upi6ljRrQokWtCORniGY1e .bkpAl2TzLlPTVTg9kGZ3.LnkPuQ4VwiwXxjvkG8GAenYLWzXwaXYvBbEbYTg_c0MmnO1c5z2Xy6 IgAjg4OrYne.Jj8bBu0q_eM3fJ0xHOm5u6NIJwTB9lfbPVzmsLGqaHtxSoIOhWptpQP9LL39vCiQ isfSPSWcAcTVreRQJ0hOTFEKM44c.eF_hrOdGCZN0W4wA4sJfoFmQXqLJKcXQqoHyy_H.wP9fk54 lOlJUbSMDLtlkGvi3HFsg8NT2v5edFrHapBOInUxL2dPtWqg7MwWgH8snAUHwBzgXnImScK7aNbG YjJxtBwWtq49hVdl2MY5prt0cvy5_V7vGbhtp7USI3T40M6L994N2hB9qjKgWN9N6qQa3rFKjGxe QvjjOJcDemFZIKsRxEbQdm37bRowsO.Ui8_rB7gGp.8NNhgRg.K_5PZLIeKl6wTAOFEO7maAyFzt Q2Qt5v.8JJSilSYRLEdiooRNL7EFDkvldF1rZlbVsMbcN2K30dnZ6Wtfort_KEo8HpgZr_BiHz.g _zcxZTghGpggd3RL907Iu4LZ7YS0wF_jDoPeCSNH4CWo5QqSCqcBA0nXWWNm6Q86T3kOm9rVNF29 WvZKBnUBXSN4zVdno0EcSF3FsZxzNFnFP1fMzuekFsuDuBMgcwNbL95JcSQkzOjpMQnU94CRb7k_ JZqHAQ_mgIm0pLr7xO7PkMIXWDj3L7kU7CfrLmYUBDVKpadbwPJj1LM4RRY5wPNoaItZF3iPKBTR LTV8hgSRP.15D.7YjB.pDoGXgPOyv6AsL8N6dh.APRbq8dFz3stSe4jnrU7QunCLSjlSpkKQRO6M qWjVBwXA0_Fka2UV.uAEjqpyoQW8k6jO7140HziiFgW_zDJVpdp7Zhi9QIciz7diPD4sxttzTZVU 9fsOuCzY9RLaC8G3feQ_5eoX2dZG72sFbO1MyAAx2q3PHQjlCgwM.TDnYnIdOPbZNg.wMZP8R8Sa hopkvN_U1Acow6EfeHzDTFGX0pZfJfXvnwdD9bpa1eKO27XPQ4VHr2Pqoxmt0Jrp5yOm9p6m.nz4 zWJf6jltu3oBmSDVsk.0cfEQ4VEbr.B5ZCy5Q3GCBCyj_kyQ7R8fat1YV0yu.Om9ca5sKK9NPo8b 2XqQj1W1vNxu0LrFU5poC41doBZUcuCWosbdROa5FpNlYyPHUZ4EIQqyMGYHsfuu14_KDb8vD.4s 6krMOzorxgYHgBzP1uqV49SKC7sE9zEl0xi01HQ..A1mu2KoQREgc.eUWieJ1ZJSKIlsMkQcaaig GWS9V82Fgky12VMXUATLU0ZpTQDKlLsZagmj3qsH.KCphM1_LIXjvVV9CqHMxBCMziU3Eua84EwX rjYb5QDttMeY1IG6RA1P8IoTMk5v4a_F9jQogNg2fnayDlkVMkbZQ2aiDJ.lLPMw1BCeC13EJ9US xTEqMEeDzxF7tGJsc0kLDBXvkPFKBlNmr7l5iDZ6cQ.UCxkgxFBc8PIUcrv6.7LUdkFK4ZuYUJtY E17MxFf2T1QD7sFvxtFEzhLgVVMkVCzyRFOc0doMrvmHyWmqV4FWVWZm4YdZTj8mphiMuls2OjOP LUl04h1aG7w8zFSGBjC7AtaByGbUHqIhwcRczqJOsN3fVfSgTk7otsdIDMx0MaZHn5A4jQjsNfsi E8kQnpZCdjhWsO.V3in7g_fuzD7IXzSk4EJVmYfDN05xZ X-Sonic-MF: X-Sonic-ID: f7f10cf2-24a3-4749-84aa-2ca3da38d593 Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.ne1.yahoo.com with HTTP; Sat, 18 May 2024 18:42:40 +0000 Date: Sat, 18 May 2024 18:42:39 +0000 (UTC) From: Pedro Giffuni To: "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" , Kyle Evans Message-ID: <177052019.1587022.1716057759658@mail.yahoo.com> In-Reply-To: <202405130524.44D5O9mN084277@gitrepo.freebsd.org> References: <202405130524.44D5O9mN084277@gitrepo.freebsd.org> Subject: Re: git: be04fec42638 - main - Import _FORTIFY_SOURCE implementation from NetBSD List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_1587021_1250298158.1716057759643" X-Mailer: WebService/1.1.22356 YMailNorrin X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.20 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; DMARC_POLICY_SOFTFAIL(0.10)[freebsd.org : No valid SPF, DKIM not aligned (relaxed),none]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; ASN(0.00)[asn:36646, ipnet:66.163.184.0/21, country:US]; FREEFALL_USER(0.00)[pfg]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_COUNT_ONE(0.00)[1]; TO_DN_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[66.163.190.32:from]; TO_DN_EQ_ADDR_SOME(0.00)[]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_SOFTFAIL(0.00)[~all:c]; FROM_EQ_ENVFROM(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[66.163.190.32:from]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_TLS_LAST(0.00)[]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; MLMMJ_DEST(0.00)[dev-commits-src-all@freebsd.org]; DKIM_TRACE(0.00)[yahoo.com:+] X-Rspamd-Queue-Id: 4VhXkp6vRXz4YBm ------=_Part_1587021_1250298158.1716057759643 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Oh no .. please not... We went into that in a GSoC: https://wiki.freebsd.org/SummerOfCode2015/FreeBSDLibcSecurityExtensions Ultimately it proved to be useless since stack-protector-strong. The NetBSD code was not well adapted to clang either. Ask me more if you really want to dig into it, but we don't want this. Pedro. On Monday, May 13, 2024 at 12:24:13 AM GMT-5, Kyle Evans wrote: =20 =20 The branch main has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=3Dbe04fec42638f30f50b5b55fd8e3= 634c0fb89928 commit be04fec42638f30f50b5b55fd8e3634c0fb89928 Author:=C2=A0 =C2=A0 Kyle Evans AuthorDate: 2024-05-13 05:23:49 +0000 Commit:=C2=A0 =C2=A0 Kyle Evans CommitDate: 2024-05-13 05:23:49 +0000 =C2=A0 =C2=A0 Import _FORTIFY_SOURCE implementation from NetBSD =C2=A0 =C2=A0=20 =C2=A0 =C2=A0 This is a mostly-unmodified copy of the various *_chk impleme= ntations =C2=A0 =C2=A0 and headers from NetBSD, without yet modifying system headers= to start =C2=A0 =C2=A0 actually including them.=C2=A0 A future commit will also appl= y the needed =C2=A0 =C2=A0 bits to fix ssp/unistd.h. =C2=A0 =C2=A0=20 =C2=A0 =C2=A0 Reviewed by:=C2=A0 =C2=A0 imp, pauamma_gundo.com (both previo= us versions), kib =C2=A0 =C2=A0 Sponsored by:=C2=A0 Stormshield =C2=A0 =C2=A0 Sponsored by:=C2=A0 Klara, Inc. =C2=A0 =C2=A0 Differential Revision:=C2=A0 https://reviews.freebsd.org/D323= 06 --- etc/mtree/BSD.include.dist=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 2 + include/Makefile=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 |=C2=A0 2 +- include/ssp/Makefile=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2= =A0 6 ++ include/ssp/ssp.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 |=C2=A0 91 ++++++++++++++++++++++++++ include/ssp/stdio.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0= |=C2=A0 93 ++++++++++++++++++++++++++ include/ssp/string.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 | 129= ++++++++++++++++++++++++++++++++++++ include/ssp/strings.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2= =A0 67 +++++++++++++++++++ include/ssp/unistd.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2= =A0 54 +++++++++++++++ lib/libc/secure/Makefile.inc=C2=A0 =C2=A0 =C2=A0 |=C2=A0 11 ++++ lib/libc/secure/Symbol.map=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 18 +++++ lib/libc/secure/fgets_chk.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 54 ++++++++= +++++++ lib/libc/secure/gets_chk.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 74 +++++++++= ++++++++++++ lib/libc/secure/memcpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 53 ++++++++++++++= + lib/libc/secure/memmove_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 47 +++++++++++++ lib/libc/secure/memset_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 46 +++++++++++++ lib/libc/secure/snprintf_chk.c=C2=A0 =C2=A0 |=C2=A0 56 ++++++++++++++++ lib/libc/secure/sprintf_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 61 +++++++++++++= ++++ lib/libc/secure/ssp_internal.h=C2=A0 =C2=A0 |=C2=A0 37 +++++++++++ lib/libc/secure/stpcpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 55 ++++++++++++++= ++ lib/libc/secure/stpncpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 53 +++++++++++++= ++ lib/libc/secure/strcat_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 60 ++++++++++++++= +++ lib/libc/secure/strcpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 54 ++++++++++++++= + lib/libc/secure/strncat_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 70 +++++++++++++= +++++++ lib/libc/secure/strncpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 53 +++++++++++++= ++ lib/libc/secure/vsnprintf_chk.c=C2=A0 =C2=A0 |=C2=A0 49 ++++++++++++++ lib/libc/secure/vsprintf_chk.c=C2=A0 =C2=A0 |=C2=A0 58 ++++++++++++++++ lib/libssp/Makefile=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0= |=C2=A0 20 +++++- lib/libssp/Symbol.map=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2= =A0 12 ++-- lib/libssp/Versions.def=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 5= ++ lib/libssp/__builtin_object_size.3 | 110 +++++++++++++++++++++++++++++++ lib/libssp/fortify_stubs.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 | 131 --------------= ----------------------- lib/libssp/ssp.3=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 | 130 ++++++++++++++++++++++++++++++++++++ 32 files changed, 1621 insertions(+), 140 deletions(-) diff --git a/etc/mtree/BSD.include.dist b/etc/mtree/BSD.include.dist index a6bd5880bf61..f8c83d6dde7a 100644 --- a/etc/mtree/BSD.include.dist +++ b/etc/mtree/BSD.include.dist @@ -372,6 +372,8 @@ =C2=A0 =C2=A0 =C2=A0 =C2=A0 mac_veriexec =C2=A0 =C2=A0 =C2=A0 =C2=A0 .. =C2=A0 =C2=A0 .. +=C2=A0 =C2=A0 ssp +=C2=A0 =C2=A0 .. =C2=A0 =C2=A0 sys =C2=A0 =C2=A0 =C2=A0 =C2=A0 disk =C2=A0 =C2=A0 =C2=A0 =C2=A0 .. diff --git a/include/Makefile b/include/Makefile index 19e6beb95203..32774419f162 100644 --- a/include/Makefile +++ b/include/Makefile @@ -4,7 +4,7 @@ =20 PACKAGE=3Dclibs CLEANFILES=3D osreldate.h version -SUBDIR=3D arpa protocols rpcsvc rpc xlocale +SUBDIR=3D arpa protocols rpcsvc rpc ssp xlocale .if ${MACHINE_CPUARCH} =3D=3D "amd64" SUBDIR+=3D=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 i386 INCLUDE_SUBDIRS+=3D=C2=A0=C2=A0=C2=A0 i386 diff --git a/include/ssp/Makefile b/include/ssp/Makefile new file mode 100644 index 000000000000..dff19f43c920 --- /dev/null +++ b/include/ssp/Makefile @@ -0,0 +1,6 @@ +# $FreeBSD$ + +INCS=3D=C2=A0=C2=A0=C2=A0 ssp.h stdio.h string.h strings.h unistd.h +INCSDIR=3D=C2=A0=C2=A0=C2=A0 ${INCLUDEDIR}/ssp + +.include diff --git a/include/ssp/ssp.h b/include/ssp/ssp.h new file mode 100644 index 000000000000..35a9aeee02df --- /dev/null +++ b/include/ssp/ssp.h @@ -0,0 +1,91 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: ssp.h,v 1.13 2015/09/03 20:43:47 plunky Exp = $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006, 2011 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_SSP_H_ +#define _SSP_SSP_H_ + +#include + +#if !defined(__cplusplus) +# if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 && \ +=C2=A0 =C2=A0 (__OPTIMIZE__ > 0 || defined(__clang__)) +#=C2=A0 if _FORTIFY_SOURCE > 1 +#=C2=A0 define __SSP_FORTIFY_LEVEL 2 +#=C2=A0 else +#=C2=A0 define __SSP_FORTIFY_LEVEL 1 +#=C2=A0 endif +# else +#=C2=A0 define __SSP_FORTIFY_LEVEL 0 +# endif +#else +# define __SSP_FORTIFY_LEVEL 0 +#endif + +#define=C2=A0=C2=A0=C2=A0 __ssp_var(type)=C2=A0=C2=A0=C2=A0 __CONCAT(__ssp= _ ## type, __COUNTER__) + +/* __ssp_real is used by the implementation in libc */ +#if __SSP_FORTIFY_LEVEL =3D=3D 0 +#define __ssp_real_(fun)=C2=A0=C2=A0=C2=A0 fun +#else +#define __ssp_real_(fun)=C2=A0=C2=A0=C2=A0 __ssp_real_ ## fun +#endif +#define __ssp_real(fun)=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __ssp_real_(f= un) + +#define __ssp_inline static __inline __attribute__((__always_inline__)) + +#define __ssp_bos(ptr) __builtin_object_size(ptr, __SSP_FORTIFY_LEVEL > 1) +#define __ssp_bos0(ptr) __builtin_object_size(ptr, 0) + +#define __ssp_check(buf, len, bos) \ +=C2=A0=C2=A0=C2=A0 if (bos(buf) !=3D (size_t)-1 && len > bos(buf)) \ +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail() +#define __ssp_redirect_raw(rtype, fun, symbol, args, call, cond, bos) \ +rtype __ssp_real_(fun) args __RENAME(symbol); \ +__ssp_inline rtype fun args __RENAME(__ssp_protected_ ## fun); \ +__ssp_inline rtype fun args { \ +=C2=A0=C2=A0=C2=A0 if (cond) \ +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __ssp_check(__buf, __len, bos); \ +=C2=A0=C2=A0=C2=A0 return __ssp_real_(fun) call; \ +} + +#define __ssp_redirect(rtype, fun, args, call) \ +=C2=A0 =C2=A0 __ssp_redirect_raw(rtype, fun, fun, args, call, 1, __ssp_bos= ) +#define __ssp_redirect0(rtype, fun, args, call) \ +=C2=A0 =C2=A0 __ssp_redirect_raw(rtype, fun, fun, args, call, 1, __ssp_bos= 0) + +__BEGIN_DECLS +void __stack_chk_fail(void) __dead2; +void __chk_fail(void) __dead2; +__END_DECLS + +#endif /* _SSP_SSP_H_ */ diff --git a/include/ssp/stdio.h b/include/ssp/stdio.h new file mode 100644 index 000000000000..72e3236eac80 --- /dev/null +++ b/include/ssp/stdio.h @@ -0,0 +1,93 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: stdio.h,v 1.5 2011/07/17 20:54:34 joerg Exp = $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_STDIO_H_ +#define _SSP_STDIO_H_ + +#include + +__BEGIN_DECLS +int __sprintf_chk(char *__restrict, int, size_t, const char *__restrict, .= ..) +=C2=A0 =C2=A0 __printflike(4, 5); +int __vsprintf_chk(char *__restrict, int, size_t, const char *__restrict, +=C2=A0 =C2=A0 __va_list) +=C2=A0 =C2=A0 __printflike(4, 0); +int __snprintf_chk(char *__restrict, size_t, int, size_t, +=C2=A0 =C2=A0 const char *__restrict, ...) +=C2=A0 =C2=A0 __printflike(5, 6); +int __vsnprintf_chk(char *__restrict, size_t, int, size_t, +=C2=A0 =C2=A0 const char *__restrict, __va_list) +=C2=A0 =C2=A0 __printflike(5, 0); +char *__gets_chk(char *, size_t); +char *__fgets_chk(char *, int, size_t, FILE *); +__END_DECLS + +#if __SSP_FORTIFY_LEVEL > 0 + +#define sprintf(str, ...) ({=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___sprintf_chk(_ssp_str, 0, __ssp_bos(_ssp_str),=C2= =A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __VA_ARGS__); \ +}) + +#define vsprintf(str, fmt, ap) ({=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 =C2=A0 __builtin___vsprintf_chk(_ssp_str, 0, __ssp_bos(_ssp_str), f= mt,=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 ap);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2= =A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +}) + +#define snprintf(str, len, ...) ({=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 =C2=A0 __builtin___snprintf_chk(_ssp_str, len, 0, __ssp_bos(_ssp_st= r),=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __VA_ARGS__);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0= =C2=A0 =C2=A0=C2=A0=C2=A0 \ +}) + +#define vsnprintf(str, len, fmt, ap) ({=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 =C2=A0 __builtin___vsnprintf_chk(_ssp_str, len, 0, __ssp_bos(_ssp_s= tr),=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 fmt, ap);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 \ +}) + +#define gets(str) ({=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __gets_chk(_ssp_str, __ssp_bos(_ssp_str));=C2=A0=C2=A0=C2=A0= \ +}) + +#define fgets(str, len, fp) ({=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 =C2=A0 __fgets_chk(_ssp_str, len, __ssp_bos(_ssp_str), fp);=C2=A0= =C2=A0=C2=A0 \ +}) + +#endif /* __SSP_FORTIFY_LEVEL > 0 */ + +#endif /* _SSP_STDIO_H_ */ diff --git a/include/ssp/string.h b/include/ssp/string.h new file mode 100644 index 000000000000..996020fda778 --- /dev/null +++ b/include/ssp/string.h @@ -0,0 +1,129 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: string.h,v 1.14 2020/09/05 13:37:59 mrg Exp = $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_STRING_H_ +#define _SSP_STRING_H_ + +#include + +__BEGIN_DECLS +void *__memcpy_chk(void *, const void *, size_t, size_t); +void *__memmove_chk(void *, const void *, size_t, size_t); +void *__memset_chk(void *, int, size_t, size_t); +char *__stpcpy_chk(char *, const char *, size_t); +char *__stpncpy_chk(char *, const char *, size_t, size_t); +char *__strcat_chk(char *, const char *, size_t); +char *__strcpy_chk(char *, const char *, size_t); +char *__strncat_chk(char *, const char *, size_t, size_t); +char *__strncpy_chk(char *, const char *, size_t, size_t); +__END_DECLS + +#if __SSP_FORTIFY_LEVEL > 0 + +#define __ssp_bos_check3_typed_var(fun, dsttype, dsrvar, dst, srctype, src= var, \ +=C2=A0 =C2=A0 src, lenvar, len) ({=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 = =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 srctype srcvar =3D (src);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 dsttype dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 size_t lenvar =3D (len);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=C2=A0=C2=A0 = =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___ ## fun ## _chk(dstvar, srcvar, lenvar,=C2=A0=C2= =A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) :=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __ ## fun ## _ichk(dstvar, srcvar, lenvar));=C2=A0=C2=A0=C2= =A0 \ +}) + +#define __ssp_bos_check3_typed(fun, dsttype, dst, srctype, src, len)=C2=A0= =C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __ssp_bos_check3_typed_var(fun, dsttype, __ssp_var(dstv), ds= t,=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 srctype, __ssp_var(srcv), src, __ssp_var(lenv)= , len) + +#define __ssp_bos_check3(fun, dst, src, len)=C2=A0=C2=A0=C2=A0 =C2=A0=C2= =A0=C2=A0 \ +=C2=A0 =C2=A0 __ssp_bos_check3_typed_var(fun, void *, __ssp_var(dstv), dst= ,=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 const void *, __ssp_var(srcv), src, __ssp_var(= lenv), len) + +#define __ssp_bos_check2_var(fun, dstvar, dst, srcvar, src) ({=C2=A0=C2=A0= =C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 const void *srcvar =3D (src);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0= =C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 void *dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=C2=A0=C2=A0 = =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___ ## fun ## _chk(dstvar, srcvar,=C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) :=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __ ## fun ## _ichk(dstvar, srcvar));=C2=A0=C2=A0=C2=A0 =C2= =A0=C2=A0=C2=A0 \ +}) + +#define __ssp_bos_check2(fun, dst, src)=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __ssp_bos_check2_var(fun, __ssp_var(dstv), dst, __ssp_var(sr= cv), src) + +#define __ssp_bos_icheck3_restrict(fun, type1, type2) \ +static __inline type1 __ ## fun ## _ichk(type1 __restrict, type2 __restric= t, size_t); \ +static __inline __attribute__((__always_inline__)) type1 \ +__ ## fun ## _ichk(type1 __restrict dst, type2 __restrict src, size_t len)= { \ +=C2=A0=C2=A0=C2=A0 return __builtin___ ## fun ## _chk(dst, src, len, __ssp= _bos0(dst)); \ +} + +#define __ssp_bos_icheck3(fun, type1, type2) \ +static __inline type1 __ ## fun ## _ichk(type1, type2, size_t); \ +static __inline __attribute__((__always_inline__)) type1 \ +__ ## fun ## _ichk(type1 dst, type2 src, size_t len) { \ +=C2=A0=C2=A0=C2=A0 return __builtin___ ## fun ## _chk(dst, src, len, __ssp= _bos0(dst)); \ +} + +#define __ssp_bos_icheck2_restrict(fun, type1, type2) \ +static __inline type1 __ ## fun ## _ichk(type1, type2); \ +static __inline __attribute__((__always_inline__)) type1 \ +__ ## fun ## _ichk(type1 __restrict dst, type2 __restrict src) { \ +=C2=A0=C2=A0=C2=A0 return __builtin___ ## fun ## _chk(dst, src, __ssp_bos0= (dst)); \ +} + +__BEGIN_DECLS +__ssp_bos_icheck3_restrict(memcpy, void *, const void *) +__ssp_bos_icheck3(memmove, void *, const void *) +__ssp_bos_icheck3(memset, void *, int) +__ssp_bos_icheck2_restrict(stpcpy, char *, const char *) +__ssp_bos_icheck3_restrict(stpncpy, char *, const char *) +__ssp_bos_icheck2_restrict(strcpy, char *, const char *) +__ssp_bos_icheck2_restrict(strcat, char *, const char *) +__ssp_bos_icheck3_restrict(strncpy, char *, const char *) +__ssp_bos_icheck3_restrict(strncat, char *, const char *) +__END_DECLS + +#define memcpy(dst, src, len) __ssp_bos_check3(memcpy, dst, src, len) +#define memmove(dst, src, len) __ssp_bos_check3(memmove, dst, src, len) +#define memset(dst, val, len) \ +=C2=A0 =C2=A0 __ssp_bos_check3_typed(memset, void *, dst, int, val, len) +#define stpcpy(dst, src) __ssp_bos_check2(stpcpy, dst, src) +#define stpncpy(dst, src, len) __ssp_bos_check3(stpncpy, dst, src, len) +#define strcpy(dst, src) __ssp_bos_check2(strcpy, dst, src) +#define strcat(dst, src) __ssp_bos_check2(strcat, dst, src) +#define strncpy(dst, src, len) __ssp_bos_check3(strncpy, dst, src, len) +#define strncat(dst, src, len) __ssp_bos_check3(strncat, dst, src, len) + +#endif /* __SSP_FORTIFY_LEVEL > 0 */ +#endif /* _SSP_STRING_H_ */ diff --git a/include/ssp/strings.h b/include/ssp/strings.h new file mode 100644 index 000000000000..06c9c7cc0a09 --- /dev/null +++ b/include/ssp/strings.h @@ -0,0 +1,67 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: strings.h,v 1.3 2008/04/28 20:22:54 martin E= xp $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2007 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_STRINGS_H_ +#define _SSP_STRINGS_H_ + +#include +#include + +#if __SSP_FORTIFY_LEVEL > 0 + +#define _ssp_bcopy(srcvar, src, dstvar, dst, lenvar,=C2=A0 len) ({=C2=A0= =C2=A0=C2=A0 \ +=C2=A0 =C2=A0 const void *srcvar =3D (src);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0= =C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 void *dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 size_t lenvar =3D (len);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___memmove_chk(dstvar, srcvar, lenvar,=C2=A0=C2=A0= =C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) :=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __memmove_ichk(dstvar, srcvar, lenvar));=C2=A0=C2=A0=C2=A0 \ +}) + +#define=C2=A0=C2=A0=C2=A0 bcopy(src, dst, len)=C2=A0=C2=A0=C2=A0 =C2=A0=C2= =A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 _ssp_bcopy(__ssp_var(srcv), src, __ssp_var(dstv), dst, __ssp= _var(lenv), len) + +#define _ssp_bzero(dstvar, dst, lenvar, len) ({=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 \ +=C2=A0 =C2=A0 void *dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 size_t lenvar =3D (len);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___memset_chk(dstvar, 0, lenvar,=C2=A0=C2=A0=C2=A0 = \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) : \ +=C2=A0 =C2=A0 __memset_ichk(dstvar, 0, lenvar));=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 \ +}) + +#define=C2=A0=C2=A0=C2=A0 bzero(dst, len)=C2=A0=C2=A0=C2=A0 _ssp_bzero(__s= sp_var(dstv), dst, __ssp_var(lenv), len) + +#endif /* __SSP_FORTIFY_LEVEL > 0 */ +#endif /* _SSP_STRINGS_H_ */ diff --git a/include/ssp/unistd.h b/include/ssp/unistd.h new file mode 100644 index 000000000000..2414e2baa96b --- /dev/null +++ b/include/ssp/unistd.h @@ -0,0 +1,54 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: unistd.h,v 1.7 2015/06/25 18:41:03 joerg Exp= $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_UNISTD_H_ +#define _SSP_UNISTD_H_ + +#include + +#if __SSP_FORTIFY_LEVEL > 0 +__BEGIN_DECLS + +__ssp_redirect0(ssize_t, read, (int __fd, void *__buf, size_t __len), \ +=C2=A0 =C2=A0 (__fd, __buf, __len)); + +__ssp_redirect(ssize_t, readlink, (const char *__restrict __path, \ +=C2=A0 =C2=A0 char *__restrict __buf, size_t __len), (__path, __buf, __len= )); + +__ssp_redirect_raw(char *, getcwd, getcwd, (char *__buf, size_t __len), +=C2=A0 =C2=A0 (__buf, __len), __buf !=3D 0, __ssp_bos); + +__END_DECLS + +#endif /* __SSP_FORTIFY_LEVEL > 0 */ +#endif /* _SSP_UNISTD_H_ */ diff --git a/lib/libc/secure/Makefile.inc b/lib/libc/secure/Makefile.inc index 8574c5a05dc5..3b1ad879c715 100644 --- a/lib/libc/secure/Makefile.inc +++ b/lib/libc/secure/Makefile.inc @@ -3,6 +3,17 @@ =20 .PATH: ${LIBC_SRCTOP}/secure =20 +# _FORTIFY_SOURCE +SRCS+=3D=C2=A0=C2=A0=C2=A0 gets_chk.c fgets_chk.c memcpy_chk.c memmove_chk= .c memset_chk.c \ +=C2=A0=C2=A0=C2=A0 snprintf_chk.c sprintf_chk.c stpcpy_chk.c stpncpy_chk.c= \ +=C2=A0=C2=A0=C2=A0 strcat_chk.c strcpy_chk.c strncat_chk.c strncpy_chk.c \ +=C2=A0=C2=A0=C2=A0 vsnprintf_chk.c vsprintf_chk.c + +CFLAGS.snprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-parameter +CFLAGS.sprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-parameter +CFLAGS.vsnprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-parameter +CFLAGS.vsprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-parameter + # Sources common to both syscall interfaces: SRCS+=3D=C2=A0=C2=A0=C2=A0 stack_protector.c \ =C2=A0=C2=A0=C2=A0 stack_protector_compat.c diff --git a/lib/libc/secure/Symbol.map b/lib/libc/secure/Symbol.map index 641f451b5421..7859fcee3821 100644 --- a/lib/libc/secure/Symbol.map +++ b/lib/libc/secure/Symbol.map @@ -3,3 +3,21 @@ FBSD_1.0 { =C2=A0=C2=A0=C2=A0 __stack_chk_fail; =C2=A0=C2=A0=C2=A0 __stack_chk_guard; }; + +FBSD_1.8 { +=C2=A0=C2=A0=C2=A0 __gets_chk; +=C2=A0=C2=A0=C2=A0 __fgets_chk; +=C2=A0=C2=A0=C2=A0 __memcpy_chk; +=C2=A0=C2=A0=C2=A0 __memmove_chk; +=C2=A0=C2=A0=C2=A0 __memset_chk; +=C2=A0=C2=A0=C2=A0 __snprintf_chk; +=C2=A0=C2=A0=C2=A0 __sprintf_chk; +=C2=A0=C2=A0=C2=A0 __stpcpy_chk; +=C2=A0=C2=A0=C2=A0 __stpncpy_chk; +=C2=A0=C2=A0=C2=A0 __strcat_chk; +=C2=A0=C2=A0=C2=A0 __strcpy_chk; +=C2=A0=C2=A0=C2=A0 __strncat_chk; +=C2=A0=C2=A0=C2=A0 __strncpy_chk; +=C2=A0=C2=A0=C2=A0 __vsnprintf_chk; +=C2=A0=C2=A0=C2=A0 __vsprintf_chk; +}; diff --git a/lib/libc/secure/fgets_chk.c b/lib/libc/secure/fgets_chk.c new file mode 100644 index 000000000000..72aa1d816ce1 --- /dev/null +++ b/lib/libc/secure/fgets_chk.c @@ -0,0 +1,54 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: fgets_chk.c,v 1.6 2009/02/05 05:41:51 lukem Exp $"); + +#include +#include +#include +#include + +#include +#include +#undef fgets + +char * +__fgets_chk(char * __restrict buf, int len, size_t slen, FILE *fp) +{ +=C2=A0=C2=A0=C2=A0 if (slen >=3D (size_t)INT_MAX) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (fgets(buf, len, fp)); + +=C2=A0=C2=A0=C2=A0 if (len >=3D 0 && (size_t)len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 return (fgets(buf, len, fp)); +} diff --git a/lib/libc/secure/gets_chk.c b/lib/libc/secure/gets_chk.c new file mode 100644 index 000000000000..18c1e2d18f43 --- /dev/null +++ b/lib/libc/secure/gets_chk.c @@ -0,0 +1,74 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: gets_chk.c,v 1.7 2013/10/04 20:49:16 christos Exp $"); + +#include +#include +#include +#include + +#include +#include + +char *__gets_unsafe(char *); + +char * +__gets_chk(char * __restrict buf, size_t slen) +{ +=C2=A0=C2=A0=C2=A0 char *abuf; +=C2=A0=C2=A0=C2=A0 size_t len; + +=C2=A0=C2=A0=C2=A0 if (slen >=3D (size_t)INT_MAX) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (__gets_unsafe(buf)); + +=C2=A0=C2=A0=C2=A0 if ((abuf =3D malloc(slen + 1)) =3D=3D NULL) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (__gets_unsafe(buf)); + +=C2=A0=C2=A0=C2=A0 if (fgets(abuf, (int)(slen + 1), stdin) =3D=3D NULL) { +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 free(abuf); +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (NULL); +=C2=A0=C2=A0=C2=A0 } + +=C2=A0=C2=A0=C2=A0 len =3D strlen(abuf); +=C2=A0=C2=A0=C2=A0 if (len > 0 && abuf[len - 1] =3D=3D '\n') +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 --len; + +=C2=A0=C2=A0=C2=A0 if (len >=3D slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 (void)memcpy(buf, abuf, len); + +=C2=A0=C2=A0=C2=A0 buf[len] =3D '\0'; +=C2=A0=C2=A0=C2=A0 free(abuf); +=C2=A0=C2=A0=C2=A0 return (buf); +} diff --git a/lib/libc/secure/memcpy_chk.c b/lib/libc/secure/memcpy_chk.c new file mode 100644 index 000000000000..99cf2d5f13ff --- /dev/null +++ b/lib/libc/secure/memcpy_chk.c @@ -0,0 +1,53 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: memcpy_chk.c,v 1.7 2015/05/13 19:57:16 joerg Exp $"); + +#include + +#include +#undef memcpy + +#include "ssp_internal.h" + +void * +__memcpy_chk(void * __restrict dst, const void * __restrict src, size_t le= n, +=C2=A0 =C2=A0 size_t slen) +{ +=C2=A0=C2=A0=C2=A0 if (len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 if (__ssp_overlap((const char *)src, (const char *)dst,= len)) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 return (memcpy(dst, src, len)); +} diff --git a/lib/libc/secure/memmove_chk.c b/lib/libc/secure/memmove_chk.c new file mode 100644 index 000000000000..07f965d608fc --- /dev/null +++ b/lib/libc/secure/memmove_chk.c @@ -0,0 +1,47 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: memmove_chk.c,v 1.6 2020/09/05 13:37:59 mrg Exp $"); + +#include + +#include +#undef memmove + +void * +__memmove_chk(void *dst, const void *src, size_t len, +=C2=A0 =C2=A0 size_t slen) +{ +=C2=A0=C2=A0=C2=A0 if (len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); +=C2=A0=C2=A0=C2=A0 return (memmove(dst, src, len)); +} diff --git a/lib/libc/secure/memset_chk.c b/lib/libc/secure/memset_chk.c new file mode 100644 index 000000000000..f337be98b46d --- /dev/null +++ b/lib/libc/secure/memset_chk.c @@ -0,0 +1,46 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: memset_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $"); + +#include + +#include +#undef memset + +void * +__memset_chk(void * __restrict dst, int val, size_t len, size_t slen) +{ +=C2=A0=C2=A0=C2=A0 if (len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); +=C2=A0=C2=A0=C2=A0 return (memset(dst, val, len)); +} diff --git a/lib/libc/secure/snprintf_chk.c b/lib/libc/secure/snprintf_chk.= c new file mode 100644 index 000000000000..52ef874ede5b --- /dev/null +++ b/lib/libc/secure/snprintf_chk.c @@ -0,0 +1,56 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: snprintf_chk.c,v 1.5 2008/04/28 20:23:00 martin Exp $"); + +#include +#include + +#include +#undef vsnprintf + +int +__snprintf_chk(char * __restrict buf, size_t len, int flags, size_t slen, +=C2=A0 =C2=A0 const char * __restrict fmt, ...) +{ +=C2=A0=C2=A0=C2=A0 va_list ap; +=C2=A0=C2=A0=C2=A0 int rv; + +=C2=A0=C2=A0=C2=A0 if (len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 va_start(ap, fmt); +=C2=A0=C2=A0=C2=A0 rv =3D vsnprintf(buf, len, fmt, ap); +=C2=A0=C2=A0=C2=A0 va_end(ap); + +=C2=A0=C2=A0=C2=A0 return (rv); +} diff --git a/lib/libc/secure/sprintf_chk.c b/lib/libc/secure/sprintf_chk.c new file mode 100644 index 000000000000..d4c42ccba3ce --- /dev/null +++ b/lib/libc/secure/sprintf_chk.c @@ -0,0 +1,61 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation *** 1063 LINES SKIPPED *** =20 ------=_Part_1587021_1250298158.1716057759643 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Oh no .. please not...
=

We went into that in a GSoC:



<= /div>
Ultimately it proved to be usel= ess since stack-protector-strong.

The NetBSD code was not= well adapted to clang either.
=
Ask me more if you really = want to dig into it, but we don't want this.

Pedro.
=


=20
=20
On Monday, May 13, 2024 at 12:24:13 AM GMT-5, Kyle = Evans <kevans@freebsd.org> wrote:


=20 =20
The branch main has been updated by k= evans:


commit be04fec42638f30f50b5b55fd8e3634c= 0fb89928
Author:    Kyle Evans <kevan= s@FreeBSD.org>
AuthorDate: 2024-05-13 05:2= 3:49 +0000
Commit:    Kyle Evans <<= a href=3D"mailto:kevans@FreeBSD.org" rel=3D"nofollow" target=3D"_blank">kev= ans@FreeBSD.org>
CommitDate: 2024-05-13 05= :23:49 +0000

  &n= bsp; Import _FORTIFY_SOURCE implementation from NetBSD
   
    This is a most= ly-unmodified copy of the various *_chk implementations
    and headers from NetBSD, without yet modifying syste= m headers to start
    actually includi= ng them.  A future commit will also apply the needed
    bits to fix ssp/unistd.h.
=    
    Reviewed by:  &= nbsp; imp, pauamma_gundo.com (both previous versions), kib
    Sponsored by:  Stormshield
    Sponsored by:  Klara, Inc.
    Differential Revision:  https://reviews.= freebsd.org/D32306
---
etc/mtree/BSD.include.dist        |  2 +
include/Makefile         =         |  2 +-
incl= ude/ssp/Makefile              |  = 6 ++
include/ssp/ssp.h       = ;           |  91 ++++++++++++++++++++++++++<= br>
include/ssp/stdio.h        &= nbsp;       |  93 ++++++++++++++++++++++++++
<= div dir=3D"ltr"> include/ssp/string.h          &nb= sp;   | 129 ++++++++++++++++++++++++++++++++++++
include/ssp/strings.h             = ; |  67 +++++++++++++++++++
include/ssp/uni= std.h              |  54 +++++++++= ++++++
lib/libc/secure/Makefile.inc   =   |  11 ++++
lib/libc/secure/Symbol.= map        |  18 +++++
= lib/libc/secure/fgets_chk.c        |  54 ++++++++= +++++++
lib/libc/secure/gets_chk.c    =     |  74 +++++++++++++++++++++
= lib/libc/secure/memcpy_chk.c      |  53 ++++++++++++++= +
lib/libc/secure/memmove_chk.c    &nb= sp; |  47 +++++++++++++
lib/libc/secure/mem= set_chk.c      |  46 +++++++++++++
lib/libc/secure/snprintf_chk.c    |  56 +++++++++= +++++++
lib/libc/secure/sprintf_chk.c  &nbs= p;   |  61 +++++++++++++++++
lib/libc/= secure/ssp_internal.h    |  37 +++++++++++
lib/libc/secure/stpcpy_chk.c      |  55 +++= +++++++++++++
lib/libc/secure/stpncpy_chk.c = ;     |  53 +++++++++++++++
lib/l= ibc/secure/strcat_chk.c      |  60 +++++++++++++++++
lib/libc/secure/strcpy_chk.c      = |  54 +++++++++++++++
lib/libc/secure/strn= cat_chk.c      |  70 ++++++++++++++++++++
lib/libc/secure/strncpy_chk.c      |  53 = +++++++++++++++
lib/libc/secure/vsnprintf_chk.c&= nbsp;   |  49 ++++++++++++++
lib/libc/= secure/vsprintf_chk.c    |  58 ++++++++++++++++
lib/libssp/Makefile           = ;     |  20 +++++-
lib/libssp/Sym= bol.map              |  12 ++--
=
lib/libssp/Versions.def        =     |  5 ++
lib/libssp/__builtin= _object_size.3 | 110 +++++++++++++++++++++++++++++++
lib/libssp/fortify_stubs.c        | 131 ---------= ----------------------------
lib/libssp/ssp.3&nb= sp;                 | 130 ++++++++= ++++++++++++++++++++++++++++
32 files changed, 1= 621 insertions(+), 140 deletions(-)

diff --git a/etc/mtree/BSD.include.dist b/etc/mtree/BSD.inclu= de.dist
index a6bd5880bf61..f8c83d6dde7a 100644
--- a/etc/mtree/BSD.include.dist
+++ b/etc/mtree/BSD.include.dist
@@ -372= ,6 +372,8 @@
        mac_ver= iexec
        ..
    ..
+    s= sp
+    ..
&n= bsp;   sys
        dis= k
        ..
diff --git a/include/Makefile b/include/Makefile
index 19e6beb95203..32774419f162 100644
--- a/include/Makefile
+++ b/include/Makefile
@@ -4,7 +4,7 @@

PACKAGE=3Dclibs
CLEANFILES= =3D osreldate.h version
-SUBDIR=3D arpa protocols= rpcsvc rpc xlocale
+SUBDIR=3D arpa protocols rpc= svc rpc ssp xlocale
.if ${MACHINE_CPUARCH} =3D= =3D "amd64"
SUBDIR+=3D     &= nbsp;  i386
INCLUDE_SUBDIRS+=3D  =   i386
diff --git a/include/ssp/Makefile b/i= nclude/ssp/Makefile
new file mode 100644
index 000000000000..dff19f43c920
--- /dev/null
+++ b/include/ssp/Makefile
@@ -0,0 +1,6 @@
+# $FreeBSD$<= br>
+
+INCS=3D  &= nbsp; ssp.h stdio.h string.h strings.h unistd.h
+= INCSDIR=3D    ${INCLUDEDIR}/ssp
+<= br>
+.include <bsd.prog.mk>
diff --git a/include/ssp/ssp.h b/include/ssp/ssp.h
new file mode 100644
index 00000000000= 0..35a9aeee02df
--- /dev/null
+++ b/include/ssp/ssp.h
@@ -0,0 +1,91 @@=
+/*    $NetBSD: ssp.h,v 1.13 2015= /09/03 20:43:47 plunky Exp $    */
+
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006, 2011 The Net= BSD Foundation, Inc.
+ * All rights reserved.
=
+ *
+ * This code is deriv= ed from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or wi= thout
+ * modification, are permitted provided th= at the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the abo= ve copyright
+ *    notice, this list o= f conditions and the following disclaimer.
+ * 2.= Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the = following disclaimer in the
+ *    docu= mentation and/or other materials provided with the distribution.
<= div dir=3D"ltr">+ *
+ * THIS SOFTWARE IS PROVIDED= BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
= + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTAB= ILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE AR= E DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE= CIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (IN= CLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * S= UBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
=
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY O= F LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIAB= ILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED O= F THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef _SSP_SSP_H_
+#define _SSP_SSP_H_
+
+#include <sys/cdefs.h>
+=
+#if !defined(__cplusplus)
+# if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 &= & \
+    (__OPTIMIZE__ > 0 || d= efined(__clang__))
+#  if _FORTIFY_SOURCE &g= t; 1
+#  define __SSP_FORTIFY_LEVEL 2
+#  else
+#  defi= ne __SSP_FORTIFY_LEVEL 1
+#  endif
=
+# else
+#  define __SSP_FO= RTIFY_LEVEL 0
+# endif
= +#else
+# define __SSP_FORTIFY_LEVEL 0
<= div dir=3D"ltr">+#endif
+
+#define    __ssp_var(type)    __CONCAT(__= ssp_ ## type, __COUNTER__)
+
+/* __ssp_real is used by the implementation in libc */
+#if __SSP_FORTIFY_LEVEL =3D=3D 0
+#= define __ssp_real_(fun)    fun
+#e= lse
+#define __ssp_real_(fun)    _= _ssp_real_ ## fun
+#endif
+#define __ssp_real(fun)        __ssp_real= _(fun)
+
+#define __ssp= _inline static __inline __attribute__((__always_inline__))
+
+#define __ssp_bos(ptr) __builtin_obj= ect_size(ptr, __SSP_FORTIFY_LEVEL > 1)
+#defin= e __ssp_bos0(ptr) __builtin_object_size(ptr, 0)
+=
+#define __ssp_check(buf, len, bos) \
<= div dir=3D"ltr">+    if (bos(buf) !=3D (size_t)-1 &&= len > bos(buf)) \
+     &= nbsp;  __chk_fail()
+#define __ssp_redirect_= raw(rtype, fun, symbol, args, call, cond, bos) \
= +rtype __ssp_real_(fun) args __RENAME(symbol); \
= +__ssp_inline rtype fun args __RENAME(__ssp_protected_ ## fun); \
=
+__ssp_inline rtype fun args { \
+    if (cond) \
+  &nb= sp;     __ssp_check(__buf, __len, bos); \
+    return __ssp_real_(fun) call; \
+}
+
+#defi= ne __ssp_redirect(rtype, fun, args, call) \
+&nbs= p;   __ssp_redirect_raw(rtype, fun, fun, args, call, 1, __ssp_bos)
=
+#define __ssp_redirect0(rtype, fun, args, call) \
+    __ssp_redirect_raw(rtype, fun, fun,= args, call, 1, __ssp_bos0)
+
+__BEGIN_DECLS
+void __stack_chk_fail(vo= id) __dead2;
+void __chk_fail(void) __dead2;
<= /div>
+__END_DECLS
+
+#endif /* _SSP_SSP_H_ */
diff --gi= t a/include/ssp/stdio.h b/include/ssp/stdio.h
new= file mode 100644
index 000000000000..72e3236eac8= 0
--- /dev/null
+++ b/i= nclude/ssp/stdio.h
@@ -0,0 +1,93 @@
+/*    $NetBSD: stdio.h,v 1.5 2011/07/17 20:54:= 34 joerg Exp $    */
+
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.<= br>
+ * All rights reserved.
+ *
+ * This code is derived from software cont= ributed to The NetBSD Foundation
+ * by Christos = Zoulas.
+ *
+ * Redistr= ibution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following cond= itions
+ * are met:
+ *= 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the = following disclaimer.
+ * 2. Redistributions in b= inary form must reproduce the above copyright
+ *=     notice, this list of conditions and the following disclaimer = in the
+ *    documentation and/or othe= r materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDA= TION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY= EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR= A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  I= N NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+= * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMI= TED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SE= RVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER = IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLU= DING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY = WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef _SSP_STDIO_H_
+= #define _SSP_STDIO_H_
+
+#include <ssp/ssp.h>
+
+__BEGIN_DECLS
+int __sprintf_chk(char *= __restrict, int, size_t, const char *__restrict, ...)
+    __printflike(4, 5);
+int __vs= printf_chk(char *__restrict, int, size_t, const char *__restrict,
=
+    __va_list)
+ = ;   __printflike(4, 0);
+int __snprintf_chk(= char *__restrict, size_t, int, size_t,
+  &n= bsp; const char *__restrict, ...)
+    = __printflike(5, 6);
+int __vsnprintf_chk(char *__= restrict, size_t, int, size_t,
+    co= nst char *__restrict, __va_list)
+    _= _printflike(5, 0);
+char *__gets_chk(char *, size= _t);
+char *__fgets_chk(char *, int, size_t, FILE= *);
+__END_DECLS
+
=
+#if __SSP_FORTIFY_LEVEL > 0
+
+#define sprintf(str, ...) ({  =   \
+    char *_ssp_str =3D (str);=     \
+    __builtin___s= printf_chk(_ssp_str, 0, __ssp_bos(_ssp_str),      =   \
+        __VA_ARGS__= ); \
+})
+
+#define vsprintf(str, fmt, ap) ({    \
+    char *_ssp_str =3D (str);  &nb= sp;     \
+    __builtin= ___vsprintf_chk(_ssp_str, 0, __ssp_bos(_ssp_str), fmt,    \<= br>
+        ap);  &nbs= p;             \
+})
+
+#de= fine snprintf(str, len, ...) ({    \
+    char *_ssp_str =3D (str);      &= nbsp; \
+    __builtin___snprintf_chk(_= ssp_str, len, 0, __ssp_bos(_ssp_str),    \
+        __VA_ARGS__);     = ;       \
+})
<= div dir=3D"ltr">+
+#define vsnprintf(str, len, fm= t, ap) ({    \
+    char= *_ssp_str =3D (str);        \
+    __builtin___vsnprintf_chk(_ssp_str, len, 0, __ss= p_bos(_ssp_str),    \
+  &nbs= p;     fmt, ap);          = ;  \
+})
+
+#define gets(str) ({      &nbs= p;     \
+  char *_ssp_str = =3D (str);        \
+    __gets_chk(_ssp_str, __ssp_bos(_ssp_str));   = ; \
+})
+
+#define fgets(str, len, fp) ({      =   \
+    char *_ssp_str =3D (str);=         \
+  &= nbsp; __fgets_chk(_ssp_str, len, __ssp_bos(_ssp_str), fp);   = ; \
+})
+
+#endif /* __SSP_FORTIFY_LEVEL > 0 */
+
+#endif /* _SSP_STDIO_H_ */
diff --git a/include/ssp/string.h b/include/ssp/string.h
new file mode 100644
index 00= 0000000000..996020fda778
--- /dev/null
<= div dir=3D"ltr">+++ b/include/ssp/string.h
@@ -0,= 0 +1,129 @@
+/*    $NetBSD: string= .h,v 1.14 2020/09/05 13:37:59 mrg Exp $    */
+
+/*-
+ *<= br>
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The= NetBSD Foundation, Inc.
+ * All rights reserved.=
+ *
+ * This code is d= erived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with o= r without
+ * modification, are permitted provide= d that the following conditions
+ * are met:
<= /div>
+ * 1. Redistributions of source code must retain the= above copyright
+ *    notice, this li= st of conditions and the following disclaimer.
+ = * 2. Redistributions in binary form must reproduce the above copyright
<= /div>
+ *    notice, this list of conditions and = the following disclaimer in the
+ *    = documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROV= IDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT= LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHA= NTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOS= E ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,= SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES= (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+= * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS=
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEO= RY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT = LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVIS= ED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef _SSP_STRING_H_
+#define _SSP_STRING_H_
= +
+#include <ssp/ssp.h>
+
+__BEGIN_DECLS
+void *__memcpy_chk(void *, const void *, size_t, size_t);
+void *__memmove_chk(void *, const void *, size_t, size_t);
+void *__memset_chk(void *, int, size_t, size_t);
+char *__stpcpy_chk(char *, const char *, size_t);=
+char *__stpncpy_chk(char *, const char *, size_= t, size_t);
+char *__strcat_chk(char *, const cha= r *, size_t);
+char *__strcpy_chk(char *, const c= har *, size_t);
+char *__strncat_chk(char *, cons= t char *, size_t, size_t);
+char *__strncpy_chk(c= har *, const char *, size_t, size_t);
+__END_DECL= S
+
+#if __SSP_FORTIFY_= LEVEL > 0
+
+#define= __ssp_bos_check3_typed_var(fun, dsttype, dsrvar, dst, srctype, srcvar, \
+    src, lenvar, len) ({  &nb= sp;             \
+    srctype srcvar =3D (src);    &n= bsp;           \
+    dsttype dstvar =3D (dst);     &= nbsp;          \
+    size_t lenvar =3D (len);      &n= bsp;         \
+&nb= sp;   ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?     =    \
+    __builtin___ ## fun= ## _chk(dstvar, srcvar, lenvar,    \
+        __ssp_bos0(dstvar)) :    &n= bsp;           \
+    __ ## fun ## _ichk(dstvar, srcvar, lenvar)); &= nbsp;  \
+})
+
=
+#define __ssp_bos_check3_typed(fun, dsttype, dst, s= rctype, src, len)    \
+  &nb= sp; __ssp_bos_check3_typed_var(fun, dsttype, __ssp_var(dstv), dst, &nb= sp;  \
+        srctype,= __ssp_var(srcv), src, __ssp_var(lenv), len)
+
+#define __ssp_bos_check3(fun, dst, src, len) =        \
+    = __ssp_bos_check3_typed_var(fun, void *, __ssp_var(dstv), dst,  &n= bsp; \
+        const void *,= __ssp_var(srcv), src, __ssp_var(lenv), len)
+
+#define __ssp_bos_check2_var(fun, dstvar, dst, src= var, src) ({        \
+    const void *srcvar =3D (src);     &nb= sp;          \
+    void *dstvar =3D (dst);       = ;         \
+ =   ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?     &nb= sp;  \
+    __builtin___ ## fun ##= _chk(dstvar, srcvar,        \
+        __ssp_bos0(dstvar)) :  &= nbsp;             \
<= div dir=3D"ltr">+    __ ## fun ## _ichk(dstvar, srcvar)); &n= bsp;      \
+})
+
+#define __ssp_bos_check2(fun, dst= , src)            \
<= div dir=3D"ltr">+    __ssp_bos_check2_var(fun, __ssp_var(dstv), d= st, __ssp_var(srcv), src)
+
+#define __ssp_bos_icheck3_restrict(fun, type1, type2) \
+static __inline type1 __ ## fun ## _ichk(type1 __restrict, ty= pe2 __restrict, size_t); \
+static __inline __att= ribute__((__always_inline__)) type1 \
+__ ## fun = ## _ichk(type1 __restrict dst, type2 __restrict src, size_t len) { \
+    return __builtin___ ## fun ## _chk(= dst, src, len, __ssp_bos0(dst)); \
+}
+
+#define __ssp_bos_icheck3(fun, = type1, type2) \
+static __inline type1 __ ## fun = ## _ichk(type1, type2, size_t); \
+static __inlin= e __attribute__((__always_inline__)) type1 \
+__ = ## fun ## _ichk(type1 dst, type2 src, size_t len) { \
+    return __builtin___ ## fun ## _chk(dst, src, len, = __ssp_bos0(dst)); \
+}
= +
+#define __ssp_bos_icheck2_restrict(fun, type1,= type2) \
+static __inline type1 __ ## fun ## _ic= hk(type1, type2); \
+static __inline __attribute_= _((__always_inline__)) type1 \
+__ ## fun ## _ich= k(type1 __restrict dst, type2 __restrict src) { \
+    return __builtin___ ## fun ## _chk(dst, src, __ssp_bos= 0(dst)); \
+}
+
+__BEGIN_DECLS
+__ssp_bos_iche= ck3_restrict(memcpy, void *, const void *)
+__ssp= _bos_icheck3(memmove, void *, const void *)
+__ss= p_bos_icheck3(memset, void *, int)
+__ssp_bos_ich= eck2_restrict(stpcpy, char *, const char *)
+__ss= p_bos_icheck3_restrict(stpncpy, char *, const char *)
+__ssp_bos_icheck2_restrict(strcpy, char *, const char *)
+__ssp_bos_icheck2_restrict(strcat, char *, const char *)
=
+__ssp_bos_icheck3_restrict(strncpy, char *, const c= har *)
+__ssp_bos_icheck3_restrict(strncat, char = *, const char *)
+__END_DECLS
+
+#define memcpy(dst, src, len) __ssp_b= os_check3(memcpy, dst, src, len)
+#define memmove= (dst, src, len) __ssp_bos_check3(memmove, dst, src, len)
+#define memset(dst, val, len) \
+ =   __ssp_bos_check3_typed(memset, void *, dst, int, val, len)
+#define stpcpy(dst, src) __ssp_bos_check2(stpcpy, dst, s= rc)
+#define stpncpy(dst, src, len) __ssp_bos_che= ck3(stpncpy, dst, src, len)
+#define strcpy(dst, = src) __ssp_bos_check2(strcpy, dst, src)
+#define = strcat(dst, src) __ssp_bos_check2(strcat, dst, src)
+#define strncpy(dst, src, len) __ssp_bos_check3(strncpy, dst, src, len)=
+#define strncat(dst, src, len) __ssp_bos_check3= (strncat, dst, src, len)
+
+#endif /* __SSP_FORTIFY_LEVEL > 0 */
+#en= dif /* _SSP_STRING_H_ */
diff --git a/include/ssp= /strings.h b/include/ssp/strings.h
new file mode = 100644
index 000000000000..06c9c7cc0a09
=
--- /dev/null
+++ b/include/ssp/= strings.h
@@ -0,0 +1,67 @@
+/*    $NetBSD: strings.h,v 1.3 2008/04/28 20:22:54 mart= in Exp $    */
+
+/*-
+ *
+ * S= PDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2007 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *<= br>
+ * This code is derived from software contribute= d to The NetBSD Foundation
+ * by Christos Zoulas= .
+ *
+ * Redistributio= n and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions=
+ * are met:
+ * 1. Re= distributions of source code must retain the above copyright
+ *    notice, this list of conditions and the follow= ing disclaimer.
+ * 2. Redistributions in binary = form must reproduce the above copyright
+ * =   notice, this list of conditions and the following disclaimer in the=
+ *    documentation and/or other mate= rials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, = INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRE= SS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PAR= TICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO E= VENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE = LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO= , PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES= ; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * = INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
=
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING N= EGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OU= T OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef _SSP_STRINGS_H_
+#def= ine _SSP_STRINGS_H_
+
+= #include <ssp/ssp.h>
+#include <string.h= >
+
+#if __SSP_FORTI= FY_LEVEL > 0
+
+#def= ine _ssp_bcopy(srcvar, src, dstvar, dst, lenvar,  len) ({  &= nbsp; \
+    const void *srcvar =3D (sr= c);            \
+    void *dstvar =3D (dst);     = ;       \
+   = size_t lenvar =3D (len);          =   \
+    ((__ssp_bos0(dstvar) !=3D= (size_t)-1) ?    \
+   = __builtin___memmove_chk(dstvar, srcvar, lenvar,    \
+        __ssp_bos0(dstvar)) : = ;           \
+    __memmove_ichk(dstvar, srcvar, lenvar));  &nb= sp; \
+})
+
+#define    bcopy(src, dst, len)  &= nbsp;         \
+&n= bsp;   _ssp_bcopy(__ssp_var(srcv), src, __ssp_var(dstv), dst, __ssp_va= r(lenv), len)
+
+#defin= e _ssp_bzero(dstvar, dst, lenvar, len) ({      &nb= sp; \
+    void *dstvar =3D (dst); = ;           \
+    size_t lenvar =3D (len);      =       \
+    ((__ss= p_bos0(dstvar) !=3D (size_t)-1) ?    \
+    __builtin___memset_chk(dstvar, 0, lenvar,  &n= bsp; \
+        __ssp_bos0(ds= tvar)) : \
+    __memset_ichk(dstvar, 0= , lenvar));        \
+})
+
+#define &= nbsp;  bzero(dst, len)    _ssp_bzero(__ssp_var(dstv), d= st, __ssp_var(lenv), len)
+
+#endif /* __SSP_FORTIFY_LEVEL > 0 */
+#e= ndif /* _SSP_STRINGS_H_ */
diff --git a/include/s= sp/unistd.h b/include/ssp/unistd.h
new file mode = 100644
index 000000000000..2414e2baa96b
=
--- /dev/null
+++ b/include/ssp/= unistd.h
@@ -0,0 +1,54 @@
+/*    $NetBSD: unistd.h,v 1.7 2015/06/25 18:41:03 joerg = Exp $    */
+
+/*-
+ *
+ * SPDX= -License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
=
+ * All rights reserved.
+ *
=
+ * This code is derived from software contributed t= o The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution a= nd use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redis= tributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following= disclaimer.
+ * 2. Redistributions in binary for= m must reproduce the above copyright
+ *  &n= bsp; notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materia= ls provided with the distribution.
+ *
<= div dir=3D"ltr">+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC= . AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS = OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTIC= ULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVEN= T SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIA= BLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
<= div dir=3D"ltr">+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, P= ROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; L= OSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INT= ERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGL= IGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT O= F THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
<= div dir=3D"ltr">+#ifndef _SSP_UNISTD_H_
+#define = _SSP_UNISTD_H_
+
+#incl= ude <ssp/ssp.h>
+
+#if __SSP_FORTIFY_LEVEL > 0
+__BEGIN_DECLS
+
+__ssp_redirect0(ssize= _t, read, (int __fd, void *__buf, size_t __len), \
+    (__fd, __buf, __len));
+
+__ssp_redirect(ssize_t, readlink, (const char *__restri= ct __path, \
+    char *__restrict __bu= f, size_t __len), (__path, __buf, __len));
+
<= /div>
+__ssp_redirect_raw(char *, getcwd, getcwd, (char *__= buf, size_t __len),
+    (__buf, __len)= , __buf !=3D 0, __ssp_bos);
+
+__END_DECLS
+
+#endif /* __SSP_FORTIFY_LEVEL > 0 */
+#endif= /* _SSP_UNISTD_H_ */
diff --git a/lib/libc/secur= e/Makefile.inc b/lib/libc/secure/Makefile.inc
ind= ex 8574c5a05dc5..3b1ad879c715 100644
--- a/lib/li= bc/secure/Makefile.inc
+++ b/lib/libc/secure/Make= file.inc
@@ -3,6 +3,17 @@

.PATH: ${LIBC_SRCTOP}/secure

+# _FORTIFY_SOURCE
+SRCS+=3D    gets_chk.c fgets_chk.c memcpy_chk.c m= emmove_chk.c memset_chk.c \
+    s= nprintf_chk.c sprintf_chk.c stpcpy_chk.c stpncpy_chk.c \
+    strcat_chk.c strcpy_chk.c strncat_chk.c strncp= y_chk.c \
+    vsnprintf_chk.c vsp= rintf_chk.c
+
+CFLAGS.s= nprintf_chk.c+=3D    -Wno-unused-parameter
+CFLAGS.sprintf_chk.c+=3D    -Wno-unused-parameter<= br>
+CFLAGS.vsnprintf_chk.c+=3D    -Wn= o-unused-parameter
+CFLAGS.vsprintf_chk.c+=3D&nbs= p;   -Wno-unused-parameter
+
<= div dir=3D"ltr"> # Sources common to both syscall interfaces:
SRCS+=3D    stack_protector.c \
    stack_protector_compat.c
diff --git a/lib/libc/secure/Symbol.map b/lib/libc/secure/Symbol.m= ap
index 641f451b5421..7859fcee3821 100644
--- a/lib/libc/secure/Symbol.map
+++ b/lib/libc/secure/Symbol.map
@@ -3,3 +3,2= 1 @@ FBSD_1.0 {
    __stack_chk_f= ail;
    __stack_chk_guard;
};
+
+FBSD_1.8 {
+    __gets_chk;
+    __fgets_chk;
+    __memcpy_chk;
+ = ;   __memmove_chk;
+    = __memset_chk;
+    __snprintf_chk;=
+    __sprintf_chk;
+    __stpcpy_chk;
+&= nbsp;   __stpncpy_chk;
+  &nb= sp; __strcat_chk;
+    __strcpy_ch= k;
+    __strncat_chk;
+    __strncpy_chk;
+    __vsnprintf_chk;
+ &nbs= p;  __vsprintf_chk;
+};
diff --git a/lib/libc/secure/fgets_chk.c b/lib/libc/secure/fgets_chk.= c
new file mode 100644
= index 000000000000..72aa1d816ce1
--- /dev/null
+++ b/lib/libc/secure/fgets_chk.c
@@ -0,0 +1,54 @@
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-C= lause
+ *
+ * Copyright= (c) 2006 The NetBSD Foundation, Inc.
+ * All rig= hts reserved.
+ *
+ * T= his code is derived from software contributed to The NetBSD Foundation
<= /div>
+ * by Christos Zoulas.
+ *=
+ * Redistribution and use in source and binary = forms, with or without
+ * modification, are perm= itted provided that the following conditions
+ * = are met:
+ * 1. Redistributions of source code mu= st retain the above copyright
+ *    no= tice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above c= opyright
+ *    notice, this list of co= nditions and the following disclaimer in the
+ *&= nbsp;   documentation and/or other materials provided with the distrib= ution.
+ *
+ * THIS SOF= TWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
=
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLU= DING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANT= IES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CO= NTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT= , INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUE= NTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS= ; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AN= D ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONT= RACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, = EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DA= MAGE.
+ */
+#include &l= t;sys/cdefs.h>
+__RCSID("$NetBSD: fgets_chk.c,= v 1.6 2009/02/05 05:41:51 lukem Exp $");
+
+#include <limits.h>
+#= include <stdio.h>
+#include <stdlib.h>= ;
+#include <string.h>
+
+#include <ssp/stdio.h>
+#include <ssp/string.h>
+#u= ndef fgets
+
+char *
+__fgets_chk(char * __restrict buf, int len, size_t= slen, FILE *fp)
+{
+&n= bsp;   if (slen >=3D (size_t)INT_MAX)
+        return (fgets(buf, len, fp));
<= /div>
+
+    if (l= en >=3D 0 && (size_t)len > slen)
+&= nbsp;       __chk_fail();
+
+    return (fgets(buf, len, f= p));
+}
diff --git a/li= b/libc/secure/gets_chk.c b/lib/libc/secure/gets_chk.c
new file mode 100644
index 000000000000..18c= 1e2d18f43
--- /dev/null
+++ b/lib/libc/secure/gets_chk.c
@@ -0,0 +1,74 @= @
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Fo= undation, Inc.
+ * All rights reserved.
=
+ *
+ * This code is derived fro= m software contributed to The NetBSD Foundation
+= * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without<= br>
+ * modification, are permitted provided that the= following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above cop= yright
+ *    notice, this list of cond= itions and the following disclaimer.
+ * 2. Redis= tributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the follow= ing disclaimer in the
+ *    documentat= ion and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY TH= E NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``= AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY = AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISC= LAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, = EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDIN= G, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTIT= UTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
=
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIAB= ILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY,= OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * = ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE<= br>
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: gets_chk.c,v 1.7 2013/10/04 20:49:1= 6 christos Exp $");
+
+= #include <limits.h>
+#include <stdio.h&g= t;
+#include <stdlib.h>
+#include <string.h>
+
+#include <ssp/stdio.h>
+#in= clude <ssp/string.h>
+
+char *__gets_unsafe(char *);
+
+char *
+__gets_chk(char * __restr= ict buf, size_t slen)
+{
+    char *abuf;
+  &n= bsp; size_t len;
+
+&nb= sp;   if (slen >=3D (size_t)INT_MAX)
+        return (__gets_unsafe(buf));
+
+    if ((ab= uf =3D malloc(slen + 1)) =3D=3D NULL)
+ &nbs= p;      return (__gets_unsafe(buf));
+
+    if (fgets(abuf, (i= nt)(slen + 1), stdin) =3D=3D NULL) {
+  = ;      free(abuf);
+ &nb= sp;      return (NULL);
+&nbs= p;   }
+
+&nb= sp;   len =3D strlen(abuf);
+ &nbs= p;  if (len > 0 && abuf[len - 1] =3D=3D '\n')
+        --len;
+
+    if (len >=3D s= len)
+        __chk= _fail();
+
+  = ;  (void)memcpy(buf, abuf, len);
+
=
+    buf[len] =3D '\0';
+    free(abuf);
+ &= nbsp;  return (buf);
+}
diff --git a/lib/libc/secure/memcpy_chk.c b/lib/libc/secure/memcpy_ch= k.c
new file mode 100644
index 000000000000..99cf2d5f13ff
--- /dev/null<= br>
+++ b/lib/libc/secure/memcpy_chk.c
@@ -0,0 +1,53 @@
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2= -Clause
+ *
+ * Copyrig= ht (c) 2006 The NetBSD Foundation, Inc.
+ * All r= ights reserved.
+ *
+ *= This code is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+= *
+ * Redistribution and use in source and binar= y forms, with or without
+ * modification, are pe= rmitted provided that the following conditions
+ = * are met:
+ * 1. Redistributions of source code = must retain the above copyright
+ *    = notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above= copyright
+ *    notice, this list of = conditions and the following disclaimer in the
+ = *    documentation and/or other materials provided with the distr= ibution.
+ *
+ * THIS S= OFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INC= LUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRA= NTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR = CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRE= CT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQ= UENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFI= TS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED = AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CO= NTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE= , EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH = DAMAGE.
+ */
+#include = <sys/cdefs.h>
+__RCSID("$NetBSD: memcpy_chk= .c,v 1.7 2015/05/13 19:57:16 joerg Exp $");
+
=
+#include <string.h>
+
+#include <ssp/string.h>
+#undef memcpy
+
+#include "ssp_internal.h"
+
+void *
+__memcpy_chk(void * __restric= t dst, const void * __restrict src, size_t len,
+=     size_t slen)
+{
+    if (len > slen)
+=         __chk_fail();
+
+    if (__ssp_overlap((const= char *)src, (const char *)dst, len))
+ &nbs= p;      __chk_fail();
+
+    return (memcpy(dst, src, len));
+}
diff --git a/lib/libc/= secure/memmove_chk.c b/lib/libc/secure/memmove_chk.c
new file mode 100644
index 000000000000..07f9= 65d608fc
--- /dev/null
= +++ b/lib/libc/secure/memmove_chk.c
@@ -0,0 +1,47= @@
+/*-
+ *
<= div dir=3D"ltr">+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Fo= undation, Inc.
+ * All rights reserved.
=
+ *
+ * This code is derived fro= m software contributed to The NetBSD Foundation
+= * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without<= br>
+ * modification, are permitted provided that the= following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above cop= yright
+ *    notice, this list of cond= itions and the following disclaimer.
+ * 2. Redis= tributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the follow= ing disclaimer in the
+ *    documentat= ion and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY TH= E NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``= AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY = AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISC= LAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, = EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDIN= G, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTIT= UTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
=
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIAB= ILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY,= OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * = ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE<= br>
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: memmove_chk.c,v 1.6 2020/09/05 13:3= 7:59 mrg Exp $");
+
+#i= nclude <string.h>
+
+#include <ssp/string.h>
+#undef memmove=
+
+void *
+__memmove_chk(void *dst, const void *src, size_t len,
+    size_t slen)
+= {
+    if (len > slen)
+        __chk_fail();
<= /div>
+    return (memmove(dst, src, len));<= br>
+}
diff --git a/lib/lib= c/secure/memset_chk.c b/lib/libc/secure/memset_chk.c
new file mode 100644
index 000000000000..f337= be98b46d
--- /dev/null
= +++ b/lib/libc/secure/memset_chk.c
@@ -0,0 +1,46 = @@
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Fo= undation, Inc.
+ * All rights reserved.
=
+ *
+ * This code is derived fro= m software contributed to The NetBSD Foundation
+= * by Christos Zoulas.
+ *
+ * Redistribution and use in source and binary forms, with or without<= br>
+ * modification, are permitted provided that the= following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above cop= yright
+ *    notice, this list of cond= itions and the following disclaimer.
+ * 2. Redis= tributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the follow= ing disclaimer in the
+ *    documentat= ion and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY TH= E NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``= AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY = AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISC= LAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, = EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDIN= G, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTIT= UTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
=
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIAB= ILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY,= OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * = ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE<= br>
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: memset_chk.c,v 1.5 2014/09/17 00:39= :28 joerg Exp $");
+
+#= include <string.h>
+
+#include <ssp/string.h>
+#undef memset=
+
+void *
+__memset_chk(void * __restrict dst, int val, size_t len, siz= e_t slen)
+{
+ &nb= sp;  if (len > slen)
+    =     __chk_fail();
+  &nb= sp; return (memset(dst, val, len));
+}
<= div dir=3D"ltr">diff --git a/lib/libc/secure/snprintf_chk.c b/lib/libc/secu= re/snprintf_chk.c
new file mode 100644
<= div dir=3D"ltr">index 000000000000..52ef874ede5b
= --- /dev/null
+++ b/lib/libc/secure/snprintf_chk.= c
@@ -0,0 +1,56 @@
+/*-=
+ *
+ * SPDX-License-I= dentifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The Ne= tBSD Foundation
+ * by Christos Zoulas.
=
+ *
+ * Redistribution and use i= n source and binary forms, with or without
+ * mo= dification, are permitted provided that the following conditions
<= div dir=3D"ltr">+ * are met:
+ * 1. Redistributio= ns of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclai= mer.
+ * 2. Redistributions in binary form must r= eproduce the above copyright
+ *    not= ice, this list of conditions and the following disclaimer in the
<= div dir=3D"ltr">+ *    documentation and/or other materials provi= ded with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND C= ONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPL= IED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO= , THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL= THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR= ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREM= ENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF = USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTI= ON) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE = OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE U= SE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * P= OSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("= $NetBSD: snprintf_chk.c,v 1.5 2008/04/28 20:23:00 martin Exp $");
=
+
+#include <stdarg.h>
=
+#include <stdio.h>
= +
+#include <ssp/stdio.h>
+#undef vsnprintf
+
+int
+__snprintf_chk(char * __restrict buf,= size_t len, int flags, size_t slen,
+  &nbs= p; const char * __restrict fmt, ...)
+{
=
+    va_list ap;
= +    int rv;
+
+    if (len > slen)
+=         __chk_fail();
+
+    va_start(ap, fmt);
+    rv =3D vsnprintf(buf, len, fmt, ap= );
+    va_end(ap);
+
+    return (rv);
+}
diff --git a/lib/libc/= secure/sprintf_chk.c b/lib/libc/secure/sprintf_chk.c
new file mode 100644
index 000000000000..d4c4= 2ccba3ce
--- /dev/null
= +++ b/lib/libc/secure/sprintf_chk.c
@@ -0,0 +1,61= @@
+/*-
+ *
<= div dir=3D"ltr">+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Fo= undation, Inc.
+ * All rights reserved.
=
+ *
+ * This code is derived fro= m software contributed to The NetBSD Foundation
*= ** 1063 LINES SKIPPED ***
------=_Part_1587021_1250298158.1716057759643--