From nobody Sat May 18 19:45:26 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VhZ7H5VMpz5LMpF for ; Sat, 18 May 2024 19:45:31 +0000 (UTC) (envelope-from giffunip@yahoo.com) Received: from sonic302-22.consmr.mail.ne1.yahoo.com (sonic302-22.consmr.mail.ne1.yahoo.com [66.163.186.148]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4VhZ7G5Z8cz4jRH for ; Sat, 18 May 2024 19:45:30 +0000 (UTC) (envelope-from giffunip@yahoo.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yahoo.com header.s=s2048 header.b=Ufgi0Vu2; dmarc=pass (policy=reject) header.from=yahoo.com; spf=pass (mx1.freebsd.org: domain of giffunip@yahoo.com designates 66.163.186.148 as permitted sender) smtp.mailfrom=giffunip@yahoo.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1716061528; bh=m72qXPMCj15dDMZ5FXzcjPe9q5Mh+fLHzPoKEag1a/Y=; h=Date:From:To:In-Reply-To:References:Subject:From:Subject:Reply-To; b=Ufgi0Vu2XpQjR+wprOfp4xW9RYk1lWn3udB3lhSLMO41obpvMzzGhhn6FwVFdxICQALHbo/DLq2KXNLs+ekAbx/v7yxQBAUx9F+mRarQZx8CosMSnaFVsobgUG2zpH9ERaeVWaM8F4QYmlrloe10yb2/8fbSrWUGM06afE7jEr6CMhWoeg1z7ZBovXu0tLvVule97yQ6D/bnmmxTU5N6FiOhiJY+m6G5+qOvpXtNUP8xM1YrBmlJ8+VplokIb44Vgd4Att3CLA7D5bvWxIbY4i3pxtwWjqG8yn6neFRpqL5YUallNvCQ13sZ/9o2KRUq0UlNmnVPiLtyKjc4E9DJ+A== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1716061528; bh=J0HwAKSK4jm1PqsDOgUbTFoYd81hpNY7CtiqCfao4GA=; h=X-Sonic-MF:Date:From:To:Subject:From:Subject; b=Cw2ANpAiE4yPvc4oRtpYRCMuKZBrKkiGy2g34mapaHQe00aPj5R0OMzd44hqOhk9LS5IpGG9D1ILsVngEahmhzEcQ2QegfBbq/hU66b3PAgAYM4w4W7CLX8Ton/tMlxKHhEWX5dqDErp3uBcsnxp6ponEi5nIQsw5NS8riq0n88Uj613NW3OtOu6LSykCfy10NR3rET56FRqbNtrW251PZ8BsbUtyoriEP47EQeg5YYnZta0lnZBa04EZ5nIr0mEu8oRi9F/ua9tUS9QcYRhVcNj1Y7oBvDa5te1k33rUHDR9F6DJuVVGryvLALOtiFwlV5psWT7hg3JDn817rJbuw== X-YMail-OSG: JRHEMwYVM1mYVr_Q2nKJ_zHTpwjDtz_sw3VaBoCbEvf0NmLauRCeZcig_8p8eUq o.mHc9S40LqrPR_8ps.ilOFckWTw_LfF5KQZREaZOTUGWdKfmnjcsPxSj8Nh.Jx_71Rlhw9i4w4A N6TqOrXdlseTsPPqaeeAw7kcxEIbNmMAR5X.bF_DrNAUtjhARMqRvvAz.GJbIbnPgEWzDHhNlE9b q_lgUFwqo0bovWyCJfv2dgsTQMIpguuWXImSkENdQxCSo2mRVyv6DOELU1YlUPoJYS4y0f8Ndpg1 oBkjZXTuyW7y5sKKb6teql2l9.6.RvY_ok.lRHcLoQplfvjkp8bqb5EgN5oGGV3nQf3uRWIeRBCo dYa2KBdEfk52jxtqFOGG8z5mwnyEIx.SM6FAwfB0TyEYGe5X1LWuSbymrLxy8vkZz6mZBVEG7p19 6FzoO0j5er0hS8ISlg2L3_vWRDsY4hgKqJsmnbUqI6xXyijF6tXmehKRK7P9xqmTpSp94__1MeYW HrTFJKwqUVQWKvzCtWJnSSQVHO8_0eMey7vF.aB5eacpSAdA_J0Xyh6WYt_sDvxEZBpQ6eldN77p 3lWvzcUHAaur5PdoYBflR5B1.IEeDv17alYNXg2woI6jt_MTJYaBZuMGtyFxOOBJrTB4VbgA1aVD 4xO38Rp_.PuNcZBRENj5TrnR5bFlkLJcghrJ_2RZjK9T45eKw7zOBkP5iSvat0zoa.RkUFT8_quu NACILAXA3iMdCDVCVqW1dLe0zwdKVwvUGQAz8eKubVL6bEM6WhV0XX5u3BLs6yBRNqJu9C1zogem V80l6Na4YmIHCiI7CGf.VyRqGK43oiY9Gxs2HgSIMo495pmaydTwUWM5FWhI_VxxZ0rYKR38BZyB fUT.4qLBSzLHES0e_KPh8znCd93u.6N9dqFyIKOKxphAcwFyGmRYQgiy6M6sQ5R3pfZ_C49g2Zac 4Zq0HPHbrqvJGd7YRsC1PQ4eh3PM3Ius4f5l2hTdK..o77l4ed.e1tuoxhlo7G68SGMIaX61Aflo v5drVJKndst8t.t5ugZ8LiMHSI7sa9kcgs8vOkybUkh.OUC9rMSvCMSJbIGk_xLfnMeOZe2byO9x yCi8GVgtx17C1nP_mKhhoXlSR_HDisJmwjJpPIUNYtq26uHVtYoJij6MuAA.PsONfOuqFF4.xxvt _FyNz.GhI0D0HIVMVAjGPw8quwD7HlwFHPOTz4bIEHTWIRoSReMxU36lF3intTYA85dp7MBPyYJe BLFHMx_usFwgjB.uqKyOHnKqeVnCzKICnuyP42CwxF_fxp9KoA_zr4uKfl77UGesmNFcoXgcYtuB 6dz1is0amXSlaVRZwhJmVAKHByAJmNhjyb49RQa_Iu2lu1icFND3LyPtb6t6DIUqQ2DPPrlgmqCf MBzDCH0ts9LDibbp136nxx09VXC0iuqL.SU_BirqDRx2tAwXalzrXuVOo3GG9MGDG71xmeu4fnmj WTwnrToKDpW0q1XWCDi2yxr.fSzKxxDkscQOh_XggIivucdPlLWtApQo4.srjIjUmLKnDZhIt.fp CA06vSnGCl48CdMoWQE7T29AzqJg1_opjM0Ev3GZ0DjTatCppGw7X9TTyk4nH7hxNdvTRzokO_8Z 7KmLo7bGJoqiMv8xtqHwwzbyeTMfYbGZ7CRraGm58ZpB0HinoyzFlNiJ4FZAldY2XyiNcX2JHF5h .Xsoc1EGu8ceGvL_c8NulBjxmWdx8lcY3dvDEjmRKbBSfqyOz2t7MnCs7wfsb_i.u5p7tR9TO2sf J01k75i7Cwk0PNMuA2S4D4eNH4l53txnBcVN32VBm7TCzfiAZOd2y0Jkbu4251piGOVpsPBDqx61 BOivn0sJ_.YhS7Q99Ytae18SrYCvRvdCT3dUQ6f2LRLg3ZKiLE2NLeMiAZSGFCyMRaR5HnuRW7S5 Ra22YnhEVDIJeBVviSsRYV3K94VDwszmn7pUhxvgjTJRgiaQ3bvEH2CqIy3gBqCAIajY0VpG6oWy vqnLUICSDOPOIxBPsqsnjc6C8NL59XST1O3leNdJImBIcoTX2I3VOhOI4kW6vPsK1jytbYVLZ9wo sf4h3VFRXrGebUB1wgjZ.wy3PXlCn3_bpLaBd.LeO5f6Is.hfBuvbnAim0Tlcglf1WOsR6xXTU5S gDftYbs3Mc5Afkh3BhxI- X-Sonic-MF: X-Sonic-ID: 6d02e040-2bf4-48be-a734-5787015f7638 Received: from sonic.gate.mail.ne1.yahoo.com by sonic302.consmr.mail.ne1.yahoo.com with HTTP; Sat, 18 May 2024 19:45:28 +0000 Date: Sat, 18 May 2024 19:45:26 +0000 (UTC) From: "Pedro F. Giffuni" To: "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" , Kyle Evans Message-ID: <836513301.1592591.1716061526201@mail.yahoo.com> In-Reply-To: <177052019.1587022.1716057759658@mail.yahoo.com> References: <202405130524.44D5O9mN084277@gitrepo.freebsd.org> <177052019.1587022.1716057759658@mail.yahoo.com> Subject: Re: git: be04fec42638 - main - Import _FORTIFY_SOURCE implementation from NetBSD List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_1592590_625024558.1716061526186" X-Mailer: WebService/1.1.22356 YMailNorrin X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.99)[-0.993]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; FREEMAIL_FROM(0.00)[yahoo.com]; TO_DN_EQ_ADDR_SOME(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; TO_DN_SOME(0.00)[]; DKIM_TRACE(0.00)[yahoo.com:+]; FROM_HAS_DN(0.00)[]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; MID_RHS_MATCH_FROMTLD(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; MLMMJ_DEST(0.00)[dev-commits-src-main@freebsd.org]; ASN(0.00)[asn:36646, ipnet:66.163.184.0/21, country:US]; RWL_MAILSPIKE_POSSIBLE(0.00)[66.163.186.148:from]; RCVD_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[66.163.186.148:from] X-Rspamd-Queue-Id: 4VhZ7G5Z8cz4jRH ------=_Part_1592590_625024558.1716061526186 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable It was just pointed out to me this sounded insulting .. for which I am sor= ry. It's been almost 10 years since I last looked at it and it is disappointing= to see my almost-mistake happening. This was a lot of work by Kyle and I d= idn't mean to be dismissive of it. So ]I'll just shudup and creep back into my hole, sorry for disturbing the = real work going on. Pedro. On Saturday, May 18, 2024 at 01:42:54 PM GMT-5, Pedro Giffuni wrote: =20 =20 Oh no .. please not... We went into that in a GSoC: https://wiki.freebsd.org/SummerOfCode2015/FreeBSDLibcSecurityExtensions Ultimately it proved to be useless since stack-protector-strong. The NetBSD code was not well adapted to clang either. Ask me more if you really want to dig into it, but we don't want this. Pedro. On Monday, May 13, 2024 at 12:24:13 AM GMT-5, Kyle Evans wrote: =20 =20 The branch main has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=3Dbe04fec42638f30f50b5b55fd8e3= 634c0fb89928 commit be04fec42638f30f50b5b55fd8e3634c0fb89928 Author:=C2=A0 =C2=A0 Kyle Evans AuthorDate: 2024-05-13 05:23:49 +0000 Commit:=C2=A0 =C2=A0 Kyle Evans CommitDate: 2024-05-13 05:23:49 +0000 =C2=A0 =C2=A0 Import _FORTIFY_SOURCE implementation from NetBSD =C2=A0 =C2=A0=20 =C2=A0 =C2=A0 This is a mostly-unmodified copy of the various *_chk impleme= ntations =C2=A0 =C2=A0 and headers from NetBSD, without yet modifying system headers= to start =C2=A0 =C2=A0 actually including them.=C2=A0 A future commit will also appl= y the needed =C2=A0 =C2=A0 bits to fix ssp/unistd.h. =C2=A0 =C2=A0=20 =C2=A0 =C2=A0 Reviewed by:=C2=A0 =C2=A0 imp, pauamma_gundo.com (both previo= us versions), kib =C2=A0 =C2=A0 Sponsored by:=C2=A0 Stormshield =C2=A0 =C2=A0 Sponsored by:=C2=A0 Klara, Inc. =C2=A0 =C2=A0 Differential Revision:=C2=A0 https://reviews.freebsd.org/D323= 06 --- etc/mtree/BSD.include.dist=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 2 + include/Makefile=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 |=C2=A0 2 +- include/ssp/Makefile=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2= =A0 6 ++ include/ssp/ssp.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 |=C2=A0 91 ++++++++++++++++++++++++++ include/ssp/stdio.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0= |=C2=A0 93 ++++++++++++++++++++++++++ include/ssp/string.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 | 129= ++++++++++++++++++++++++++++++++++++ include/ssp/strings.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2= =A0 67 +++++++++++++++++++ include/ssp/unistd.h=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2= =A0 54 +++++++++++++++ lib/libc/secure/Makefile.inc=C2=A0 =C2=A0 =C2=A0 |=C2=A0 11 ++++ lib/libc/secure/Symbol.map=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 18 +++++ lib/libc/secure/fgets_chk.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 54 ++++++++= +++++++ lib/libc/secure/gets_chk.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 74 +++++++++= ++++++++++++ lib/libc/secure/memcpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 53 ++++++++++++++= + lib/libc/secure/memmove_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 47 +++++++++++++ lib/libc/secure/memset_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 46 +++++++++++++ lib/libc/secure/snprintf_chk.c=C2=A0 =C2=A0 |=C2=A0 56 ++++++++++++++++ lib/libc/secure/sprintf_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 61 +++++++++++++= ++++ lib/libc/secure/ssp_internal.h=C2=A0 =C2=A0 |=C2=A0 37 +++++++++++ lib/libc/secure/stpcpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 55 ++++++++++++++= ++ lib/libc/secure/stpncpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 53 +++++++++++++= ++ lib/libc/secure/strcat_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 60 ++++++++++++++= +++ lib/libc/secure/strcpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 54 ++++++++++++++= + lib/libc/secure/strncat_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 70 +++++++++++++= +++++++ lib/libc/secure/strncpy_chk.c=C2=A0 =C2=A0 =C2=A0 |=C2=A0 53 +++++++++++++= ++ lib/libc/secure/vsnprintf_chk.c=C2=A0 =C2=A0 |=C2=A0 49 ++++++++++++++ lib/libc/secure/vsprintf_chk.c=C2=A0 =C2=A0 |=C2=A0 58 ++++++++++++++++ lib/libssp/Makefile=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0= |=C2=A0 20 +++++- lib/libssp/Symbol.map=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2= =A0 12 ++-- lib/libssp/Versions.def=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 5= ++ lib/libssp/__builtin_object_size.3 | 110 +++++++++++++++++++++++++++++++ lib/libssp/fortify_stubs.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 | 131 --------------= ----------------------- lib/libssp/ssp.3=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 | 130 ++++++++++++++++++++++++++++++++++++ 32 files changed, 1621 insertions(+), 140 deletions(-) diff --git a/etc/mtree/BSD.include.dist b/etc/mtree/BSD.include.dist index a6bd5880bf61..f8c83d6dde7a 100644 --- a/etc/mtree/BSD.include.dist +++ b/etc/mtree/BSD.include.dist @@ -372,6 +372,8 @@ =C2=A0 =C2=A0 =C2=A0 =C2=A0 mac_veriexec =C2=A0 =C2=A0 =C2=A0 =C2=A0 .. =C2=A0 =C2=A0 .. +=C2=A0 =C2=A0 ssp +=C2=A0 =C2=A0 .. =C2=A0 =C2=A0 sys =C2=A0 =C2=A0 =C2=A0 =C2=A0 disk =C2=A0 =C2=A0 =C2=A0 =C2=A0 .. diff --git a/include/Makefile b/include/Makefile index 19e6beb95203..32774419f162 100644 --- a/include/Makefile +++ b/include/Makefile @@ -4,7 +4,7 @@ =20 PACKAGE=3Dclibs CLEANFILES=3D osreldate.h version -SUBDIR=3D arpa protocols rpcsvc rpc xlocale +SUBDIR=3D arpa protocols rpcsvc rpc ssp xlocale .if ${MACHINE_CPUARCH} =3D=3D "amd64" SUBDIR+=3D=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 i386 INCLUDE_SUBDIRS+=3D=C2=A0=C2=A0=C2=A0 i386 diff --git a/include/ssp/Makefile b/include/ssp/Makefile new file mode 100644 index 000000000000..dff19f43c920 --- /dev/null +++ b/include/ssp/Makefile @@ -0,0 +1,6 @@ +# $FreeBSD$ + +INCS=3D=C2=A0=C2=A0=C2=A0 ssp.h stdio.h string.h strings.h unistd.h +INCSDIR=3D=C2=A0=C2=A0=C2=A0 ${INCLUDEDIR}/ssp + +.include diff --git a/include/ssp/ssp.h b/include/ssp/ssp.h new file mode 100644 index 000000000000..35a9aeee02df --- /dev/null +++ b/include/ssp/ssp.h @@ -0,0 +1,91 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: ssp.h,v 1.13 2015/09/03 20:43:47 plunky Exp = $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006, 2011 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_SSP_H_ +#define _SSP_SSP_H_ + +#include + +#if !defined(__cplusplus) +# if defined(_FORTIFY_SOURCE) && _FORTIFY_SOURCE > 0 && \ +=C2=A0 =C2=A0 (__OPTIMIZE__ > 0 || defined(__clang__)) +#=C2=A0 if _FORTIFY_SOURCE > 1 +#=C2=A0 define __SSP_FORTIFY_LEVEL 2 +#=C2=A0 else +#=C2=A0 define __SSP_FORTIFY_LEVEL 1 +#=C2=A0 endif +# else +#=C2=A0 define __SSP_FORTIFY_LEVEL 0 +# endif +#else +# define __SSP_FORTIFY_LEVEL 0 +#endif + +#define=C2=A0=C2=A0=C2=A0 __ssp_var(type)=C2=A0=C2=A0=C2=A0 __CONCAT(__ssp= _ ## type, __COUNTER__) + +/* __ssp_real is used by the implementation in libc */ +#if __SSP_FORTIFY_LEVEL =3D=3D 0 +#define __ssp_real_(fun)=C2=A0=C2=A0=C2=A0 fun +#else +#define __ssp_real_(fun)=C2=A0=C2=A0=C2=A0 __ssp_real_ ## fun +#endif +#define __ssp_real(fun)=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __ssp_real_(f= un) + +#define __ssp_inline static __inline __attribute__((__always_inline__)) + +#define __ssp_bos(ptr) __builtin_object_size(ptr, __SSP_FORTIFY_LEVEL > 1) +#define __ssp_bos0(ptr) __builtin_object_size(ptr, 0) + +#define __ssp_check(buf, len, bos) \ +=C2=A0=C2=A0=C2=A0 if (bos(buf) !=3D (size_t)-1 && len > bos(buf)) \ +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail() +#define __ssp_redirect_raw(rtype, fun, symbol, args, call, cond, bos) \ +rtype __ssp_real_(fun) args __RENAME(symbol); \ +__ssp_inline rtype fun args __RENAME(__ssp_protected_ ## fun); \ +__ssp_inline rtype fun args { \ +=C2=A0=C2=A0=C2=A0 if (cond) \ +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __ssp_check(__buf, __len, bos); \ +=C2=A0=C2=A0=C2=A0 return __ssp_real_(fun) call; \ +} + +#define __ssp_redirect(rtype, fun, args, call) \ +=C2=A0 =C2=A0 __ssp_redirect_raw(rtype, fun, fun, args, call, 1, __ssp_bos= ) +#define __ssp_redirect0(rtype, fun, args, call) \ +=C2=A0 =C2=A0 __ssp_redirect_raw(rtype, fun, fun, args, call, 1, __ssp_bos= 0) + +__BEGIN_DECLS +void __stack_chk_fail(void) __dead2; +void __chk_fail(void) __dead2; +__END_DECLS + +#endif /* _SSP_SSP_H_ */ diff --git a/include/ssp/stdio.h b/include/ssp/stdio.h new file mode 100644 index 000000000000..72e3236eac80 --- /dev/null +++ b/include/ssp/stdio.h @@ -0,0 +1,93 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: stdio.h,v 1.5 2011/07/17 20:54:34 joerg Exp = $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_STDIO_H_ +#define _SSP_STDIO_H_ + +#include + +__BEGIN_DECLS +int __sprintf_chk(char *__restrict, int, size_t, const char *__restrict, .= ..) +=C2=A0 =C2=A0 __printflike(4, 5); +int __vsprintf_chk(char *__restrict, int, size_t, const char *__restrict, +=C2=A0 =C2=A0 __va_list) +=C2=A0 =C2=A0 __printflike(4, 0); +int __snprintf_chk(char *__restrict, size_t, int, size_t, +=C2=A0 =C2=A0 const char *__restrict, ...) +=C2=A0 =C2=A0 __printflike(5, 6); +int __vsnprintf_chk(char *__restrict, size_t, int, size_t, +=C2=A0 =C2=A0 const char *__restrict, __va_list) +=C2=A0 =C2=A0 __printflike(5, 0); +char *__gets_chk(char *, size_t); +char *__fgets_chk(char *, int, size_t, FILE *); +__END_DECLS + +#if __SSP_FORTIFY_LEVEL > 0 + +#define sprintf(str, ...) ({=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___sprintf_chk(_ssp_str, 0, __ssp_bos(_ssp_str),=C2= =A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __VA_ARGS__); \ +}) + +#define vsprintf(str, fmt, ap) ({=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 =C2=A0 __builtin___vsprintf_chk(_ssp_str, 0, __ssp_bos(_ssp_str), f= mt,=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 ap);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2= =A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +}) + +#define snprintf(str, len, ...) ({=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 =C2=A0 __builtin___snprintf_chk(_ssp_str, len, 0, __ssp_bos(_ssp_st= r),=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __VA_ARGS__);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0= =C2=A0 =C2=A0=C2=A0=C2=A0 \ +}) + +#define vsnprintf(str, len, fmt, ap) ({=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 =C2=A0 __builtin___vsnprintf_chk(_ssp_str, len, 0, __ssp_bos(_ssp_s= tr),=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 fmt, ap);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 \ +}) + +#define gets(str) ({=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __gets_chk(_ssp_str, __ssp_bos(_ssp_str));=C2=A0=C2=A0=C2=A0= \ +}) + +#define fgets(str, len, fp) ({=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 char *_ssp_str =3D (str);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 \ +=C2=A0 =C2=A0 __fgets_chk(_ssp_str, len, __ssp_bos(_ssp_str), fp);=C2=A0= =C2=A0=C2=A0 \ +}) + +#endif /* __SSP_FORTIFY_LEVEL > 0 */ + +#endif /* _SSP_STDIO_H_ */ diff --git a/include/ssp/string.h b/include/ssp/string.h new file mode 100644 index 000000000000..996020fda778 --- /dev/null +++ b/include/ssp/string.h @@ -0,0 +1,129 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: string.h,v 1.14 2020/09/05 13:37:59 mrg Exp = $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_STRING_H_ +#define _SSP_STRING_H_ + +#include + +__BEGIN_DECLS +void *__memcpy_chk(void *, const void *, size_t, size_t); +void *__memmove_chk(void *, const void *, size_t, size_t); +void *__memset_chk(void *, int, size_t, size_t); +char *__stpcpy_chk(char *, const char *, size_t); +char *__stpncpy_chk(char *, const char *, size_t, size_t); +char *__strcat_chk(char *, const char *, size_t); +char *__strcpy_chk(char *, const char *, size_t); +char *__strncat_chk(char *, const char *, size_t, size_t); +char *__strncpy_chk(char *, const char *, size_t, size_t); +__END_DECLS + +#if __SSP_FORTIFY_LEVEL > 0 + +#define __ssp_bos_check3_typed_var(fun, dsttype, dsrvar, dst, srctype, src= var, \ +=C2=A0 =C2=A0 src, lenvar, len) ({=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 = =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 srctype srcvar =3D (src);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 dsttype dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 size_t lenvar =3D (len);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=C2=A0=C2=A0 = =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___ ## fun ## _chk(dstvar, srcvar, lenvar,=C2=A0=C2= =A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) :=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __ ## fun ## _ichk(dstvar, srcvar, lenvar));=C2=A0=C2=A0=C2= =A0 \ +}) + +#define __ssp_bos_check3_typed(fun, dsttype, dst, srctype, src, len)=C2=A0= =C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __ssp_bos_check3_typed_var(fun, dsttype, __ssp_var(dstv), ds= t,=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 srctype, __ssp_var(srcv), src, __ssp_var(lenv)= , len) + +#define __ssp_bos_check3(fun, dst, src, len)=C2=A0=C2=A0=C2=A0 =C2=A0=C2= =A0=C2=A0 \ +=C2=A0 =C2=A0 __ssp_bos_check3_typed_var(fun, void *, __ssp_var(dstv), dst= ,=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 const void *, __ssp_var(srcv), src, __ssp_var(= lenv), len) + +#define __ssp_bos_check2_var(fun, dstvar, dst, srcvar, src) ({=C2=A0=C2=A0= =C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 const void *srcvar =3D (src);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0= =C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 void *dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=C2=A0=C2=A0 = =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___ ## fun ## _chk(dstvar, srcvar,=C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) :=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __ ## fun ## _ichk(dstvar, srcvar));=C2=A0=C2=A0=C2=A0 =C2= =A0=C2=A0=C2=A0 \ +}) + +#define __ssp_bos_check2(fun, dst, src)=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __ssp_bos_check2_var(fun, __ssp_var(dstv), dst, __ssp_var(sr= cv), src) + +#define __ssp_bos_icheck3_restrict(fun, type1, type2) \ +static __inline type1 __ ## fun ## _ichk(type1 __restrict, type2 __restric= t, size_t); \ +static __inline __attribute__((__always_inline__)) type1 \ +__ ## fun ## _ichk(type1 __restrict dst, type2 __restrict src, size_t len)= { \ +=C2=A0=C2=A0=C2=A0 return __builtin___ ## fun ## _chk(dst, src, len, __ssp= _bos0(dst)); \ +} + +#define __ssp_bos_icheck3(fun, type1, type2) \ +static __inline type1 __ ## fun ## _ichk(type1, type2, size_t); \ +static __inline __attribute__((__always_inline__)) type1 \ +__ ## fun ## _ichk(type1 dst, type2 src, size_t len) { \ +=C2=A0=C2=A0=C2=A0 return __builtin___ ## fun ## _chk(dst, src, len, __ssp= _bos0(dst)); \ +} + +#define __ssp_bos_icheck2_restrict(fun, type1, type2) \ +static __inline type1 __ ## fun ## _ichk(type1, type2); \ +static __inline __attribute__((__always_inline__)) type1 \ +__ ## fun ## _ichk(type1 __restrict dst, type2 __restrict src) { \ +=C2=A0=C2=A0=C2=A0 return __builtin___ ## fun ## _chk(dst, src, __ssp_bos0= (dst)); \ +} + +__BEGIN_DECLS +__ssp_bos_icheck3_restrict(memcpy, void *, const void *) +__ssp_bos_icheck3(memmove, void *, const void *) +__ssp_bos_icheck3(memset, void *, int) +__ssp_bos_icheck2_restrict(stpcpy, char *, const char *) +__ssp_bos_icheck3_restrict(stpncpy, char *, const char *) +__ssp_bos_icheck2_restrict(strcpy, char *, const char *) +__ssp_bos_icheck2_restrict(strcat, char *, const char *) +__ssp_bos_icheck3_restrict(strncpy, char *, const char *) +__ssp_bos_icheck3_restrict(strncat, char *, const char *) +__END_DECLS + +#define memcpy(dst, src, len) __ssp_bos_check3(memcpy, dst, src, len) +#define memmove(dst, src, len) __ssp_bos_check3(memmove, dst, src, len) +#define memset(dst, val, len) \ +=C2=A0 =C2=A0 __ssp_bos_check3_typed(memset, void *, dst, int, val, len) +#define stpcpy(dst, src) __ssp_bos_check2(stpcpy, dst, src) +#define stpncpy(dst, src, len) __ssp_bos_check3(stpncpy, dst, src, len) +#define strcpy(dst, src) __ssp_bos_check2(strcpy, dst, src) +#define strcat(dst, src) __ssp_bos_check2(strcat, dst, src) +#define strncpy(dst, src, len) __ssp_bos_check3(strncpy, dst, src, len) +#define strncat(dst, src, len) __ssp_bos_check3(strncat, dst, src, len) + +#endif /* __SSP_FORTIFY_LEVEL > 0 */ +#endif /* _SSP_STRING_H_ */ diff --git a/include/ssp/strings.h b/include/ssp/strings.h new file mode 100644 index 000000000000..06c9c7cc0a09 --- /dev/null +++ b/include/ssp/strings.h @@ -0,0 +1,67 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: strings.h,v 1.3 2008/04/28 20:22:54 martin E= xp $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2007 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_STRINGS_H_ +#define _SSP_STRINGS_H_ + +#include +#include + +#if __SSP_FORTIFY_LEVEL > 0 + +#define _ssp_bcopy(srcvar, src, dstvar, dst, lenvar,=C2=A0 len) ({=C2=A0= =C2=A0=C2=A0 \ +=C2=A0 =C2=A0 const void *srcvar =3D (src);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0= =C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 void *dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 size_t lenvar =3D (len);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___memmove_chk(dstvar, srcvar, lenvar,=C2=A0=C2=A0= =C2=A0 \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) :=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __memmove_ichk(dstvar, srcvar, lenvar));=C2=A0=C2=A0=C2=A0 \ +}) + +#define=C2=A0=C2=A0=C2=A0 bcopy(src, dst, len)=C2=A0=C2=A0=C2=A0 =C2=A0=C2= =A0=C2=A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 _ssp_bcopy(__ssp_var(srcv), src, __ssp_var(dstv), dst, __ssp= _var(lenv), len) + +#define _ssp_bzero(dstvar, dst, lenvar, len) ({=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 \ +=C2=A0 =C2=A0 void *dstvar =3D (dst);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 size_t lenvar =3D (len);=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2= =A0 =C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?=C2=A0=C2=A0=C2=A0 \ +=C2=A0 =C2=A0 __builtin___memset_chk(dstvar, 0, lenvar,=C2=A0=C2=A0=C2=A0 = \ +=C2=A0 =C2=A0 =C2=A0 =C2=A0 __ssp_bos0(dstvar)) : \ +=C2=A0 =C2=A0 __memset_ichk(dstvar, 0, lenvar));=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 \ +}) + +#define=C2=A0=C2=A0=C2=A0 bzero(dst, len)=C2=A0=C2=A0=C2=A0 _ssp_bzero(__s= sp_var(dstv), dst, __ssp_var(lenv), len) + +#endif /* __SSP_FORTIFY_LEVEL > 0 */ +#endif /* _SSP_STRINGS_H_ */ diff --git a/include/ssp/unistd.h b/include/ssp/unistd.h new file mode 100644 index 000000000000..2414e2baa96b --- /dev/null +++ b/include/ssp/unistd.h @@ -0,0 +1,54 @@ +/*=C2=A0=C2=A0=C2=A0 $NetBSD: unistd.h,v 1.7 2015/06/25 18:41:03 joerg Exp= $=C2=A0=C2=A0=C2=A0 */ + +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef _SSP_UNISTD_H_ +#define _SSP_UNISTD_H_ + +#include + +#if __SSP_FORTIFY_LEVEL > 0 +__BEGIN_DECLS + +__ssp_redirect0(ssize_t, read, (int __fd, void *__buf, size_t __len), \ +=C2=A0 =C2=A0 (__fd, __buf, __len)); + +__ssp_redirect(ssize_t, readlink, (const char *__restrict __path, \ +=C2=A0 =C2=A0 char *__restrict __buf, size_t __len), (__path, __buf, __len= )); + +__ssp_redirect_raw(char *, getcwd, getcwd, (char *__buf, size_t __len), +=C2=A0 =C2=A0 (__buf, __len), __buf !=3D 0, __ssp_bos); + +__END_DECLS + +#endif /* __SSP_FORTIFY_LEVEL > 0 */ +#endif /* _SSP_UNISTD_H_ */ diff --git a/lib/libc/secure/Makefile.inc b/lib/libc/secure/Makefile.inc index 8574c5a05dc5..3b1ad879c715 100644 --- a/lib/libc/secure/Makefile.inc +++ b/lib/libc/secure/Makefile.inc @@ -3,6 +3,17 @@ =20 .PATH: ${LIBC_SRCTOP}/secure =20 +# _FORTIFY_SOURCE +SRCS+=3D=C2=A0=C2=A0=C2=A0 gets_chk.c fgets_chk.c memcpy_chk.c memmove_chk= .c memset_chk.c \ +=C2=A0=C2=A0=C2=A0 snprintf_chk.c sprintf_chk.c stpcpy_chk.c stpncpy_chk.c= \ +=C2=A0=C2=A0=C2=A0 strcat_chk.c strcpy_chk.c strncat_chk.c strncpy_chk.c \ +=C2=A0=C2=A0=C2=A0 vsnprintf_chk.c vsprintf_chk.c + +CFLAGS.snprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-parameter +CFLAGS.sprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-parameter +CFLAGS.vsnprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-parameter +CFLAGS.vsprintf_chk.c+=3D=C2=A0=C2=A0=C2=A0 -Wno-unused-parameter + # Sources common to both syscall interfaces: SRCS+=3D=C2=A0=C2=A0=C2=A0 stack_protector.c \ =C2=A0=C2=A0=C2=A0 stack_protector_compat.c diff --git a/lib/libc/secure/Symbol.map b/lib/libc/secure/Symbol.map index 641f451b5421..7859fcee3821 100644 --- a/lib/libc/secure/Symbol.map +++ b/lib/libc/secure/Symbol.map @@ -3,3 +3,21 @@ FBSD_1.0 { =C2=A0=C2=A0=C2=A0 __stack_chk_fail; =C2=A0=C2=A0=C2=A0 __stack_chk_guard; }; + +FBSD_1.8 { +=C2=A0=C2=A0=C2=A0 __gets_chk; +=C2=A0=C2=A0=C2=A0 __fgets_chk; +=C2=A0=C2=A0=C2=A0 __memcpy_chk; +=C2=A0=C2=A0=C2=A0 __memmove_chk; +=C2=A0=C2=A0=C2=A0 __memset_chk; +=C2=A0=C2=A0=C2=A0 __snprintf_chk; +=C2=A0=C2=A0=C2=A0 __sprintf_chk; +=C2=A0=C2=A0=C2=A0 __stpcpy_chk; +=C2=A0=C2=A0=C2=A0 __stpncpy_chk; +=C2=A0=C2=A0=C2=A0 __strcat_chk; +=C2=A0=C2=A0=C2=A0 __strcpy_chk; +=C2=A0=C2=A0=C2=A0 __strncat_chk; +=C2=A0=C2=A0=C2=A0 __strncpy_chk; +=C2=A0=C2=A0=C2=A0 __vsnprintf_chk; +=C2=A0=C2=A0=C2=A0 __vsprintf_chk; +}; diff --git a/lib/libc/secure/fgets_chk.c b/lib/libc/secure/fgets_chk.c new file mode 100644 index 000000000000..72aa1d816ce1 --- /dev/null +++ b/lib/libc/secure/fgets_chk.c @@ -0,0 +1,54 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: fgets_chk.c,v 1.6 2009/02/05 05:41:51 lukem Exp $"); + +#include +#include +#include +#include + +#include +#include +#undef fgets + +char * +__fgets_chk(char * __restrict buf, int len, size_t slen, FILE *fp) +{ +=C2=A0=C2=A0=C2=A0 if (slen >=3D (size_t)INT_MAX) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (fgets(buf, len, fp)); + +=C2=A0=C2=A0=C2=A0 if (len >=3D 0 && (size_t)len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 return (fgets(buf, len, fp)); +} diff --git a/lib/libc/secure/gets_chk.c b/lib/libc/secure/gets_chk.c new file mode 100644 index 000000000000..18c1e2d18f43 --- /dev/null +++ b/lib/libc/secure/gets_chk.c @@ -0,0 +1,74 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: gets_chk.c,v 1.7 2013/10/04 20:49:16 christos Exp $"); + +#include +#include +#include +#include + +#include +#include + +char *__gets_unsafe(char *); + +char * +__gets_chk(char * __restrict buf, size_t slen) +{ +=C2=A0=C2=A0=C2=A0 char *abuf; +=C2=A0=C2=A0=C2=A0 size_t len; + +=C2=A0=C2=A0=C2=A0 if (slen >=3D (size_t)INT_MAX) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (__gets_unsafe(buf)); + +=C2=A0=C2=A0=C2=A0 if ((abuf =3D malloc(slen + 1)) =3D=3D NULL) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (__gets_unsafe(buf)); + +=C2=A0=C2=A0=C2=A0 if (fgets(abuf, (int)(slen + 1), stdin) =3D=3D NULL) { +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 free(abuf); +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 return (NULL); +=C2=A0=C2=A0=C2=A0 } + +=C2=A0=C2=A0=C2=A0 len =3D strlen(abuf); +=C2=A0=C2=A0=C2=A0 if (len > 0 && abuf[len - 1] =3D=3D '\n') +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 --len; + +=C2=A0=C2=A0=C2=A0 if (len >=3D slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 (void)memcpy(buf, abuf, len); + +=C2=A0=C2=A0=C2=A0 buf[len] =3D '\0'; +=C2=A0=C2=A0=C2=A0 free(abuf); +=C2=A0=C2=A0=C2=A0 return (buf); +} diff --git a/lib/libc/secure/memcpy_chk.c b/lib/libc/secure/memcpy_chk.c new file mode 100644 index 000000000000..99cf2d5f13ff --- /dev/null +++ b/lib/libc/secure/memcpy_chk.c @@ -0,0 +1,53 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: memcpy_chk.c,v 1.7 2015/05/13 19:57:16 joerg Exp $"); + +#include + +#include +#undef memcpy + +#include "ssp_internal.h" + +void * +__memcpy_chk(void * __restrict dst, const void * __restrict src, size_t le= n, +=C2=A0 =C2=A0 size_t slen) +{ +=C2=A0=C2=A0=C2=A0 if (len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 if (__ssp_overlap((const char *)src, (const char *)dst,= len)) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 return (memcpy(dst, src, len)); +} diff --git a/lib/libc/secure/memmove_chk.c b/lib/libc/secure/memmove_chk.c new file mode 100644 index 000000000000..07f965d608fc --- /dev/null +++ b/lib/libc/secure/memmove_chk.c @@ -0,0 +1,47 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: memmove_chk.c,v 1.6 2020/09/05 13:37:59 mrg Exp $"); + +#include + +#include +#undef memmove + +void * +__memmove_chk(void *dst, const void *src, size_t len, +=C2=A0 =C2=A0 size_t slen) +{ +=C2=A0=C2=A0=C2=A0 if (len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); +=C2=A0=C2=A0=C2=A0 return (memmove(dst, src, len)); +} diff --git a/lib/libc/secure/memset_chk.c b/lib/libc/secure/memset_chk.c new file mode 100644 index 000000000000..f337be98b46d --- /dev/null +++ b/lib/libc/secure/memset_chk.c @@ -0,0 +1,46 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: memset_chk.c,v 1.5 2014/09/17 00:39:28 joerg Exp $"); + +#include + +#include +#undef memset + +void * +__memset_chk(void * __restrict dst, int val, size_t len, size_t slen) +{ +=C2=A0=C2=A0=C2=A0 if (len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); +=C2=A0=C2=A0=C2=A0 return (memset(dst, val, len)); +} diff --git a/lib/libc/secure/snprintf_chk.c b/lib/libc/secure/snprintf_chk.= c new file mode 100644 index 000000000000..52ef874ede5b --- /dev/null +++ b/lib/libc/secure/snprintf_chk.c @@ -0,0 +1,56 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er. + * 2. Redistributions in binary form must reproduce the above copyright + *=C2=A0 =C2=A0 notice, this list of conditions and the following disclaim= er in the + *=C2=A0 =C2=A0 documentation and/or other materials provided with the dis= tribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTO= RS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIM= ITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICU= LAR + * PURPOSE ARE DISCLAIMED.=C2=A0 IN NO EVENT SHALL THE FOUNDATION OR CONTR= IBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF = THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: snprintf_chk.c,v 1.5 2008/04/28 20:23:00 martin Exp $"); + +#include +#include + +#include +#undef vsnprintf + +int +__snprintf_chk(char * __restrict buf, size_t len, int flags, size_t slen, +=C2=A0 =C2=A0 const char * __restrict fmt, ...) +{ +=C2=A0=C2=A0=C2=A0 va_list ap; +=C2=A0=C2=A0=C2=A0 int rv; + +=C2=A0=C2=A0=C2=A0 if (len > slen) +=C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 __chk_fail(); + +=C2=A0=C2=A0=C2=A0 va_start(ap, fmt); +=C2=A0=C2=A0=C2=A0 rv =3D vsnprintf(buf, len, fmt, ap); +=C2=A0=C2=A0=C2=A0 va_end(ap); + +=C2=A0=C2=A0=C2=A0 return (rv); +} diff --git a/lib/libc/secure/sprintf_chk.c b/lib/libc/secure/sprintf_chk.c new file mode 100644 index 000000000000..d4c42ccba3ce --- /dev/null +++ b/lib/libc/secure/sprintf_chk.c @@ -0,0 +1,61 @@ +/*- + * + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2006 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation *** 1063 LINES SKIPPED *** =20 ------=_Part_1592590_625024558.1716061526186 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
=
It was just pointed out to m= e this sounded insulting .. for which I am sorry.

It's be= en almost 10 years since I last looked at it and it is disappointing to see= my almost-mistake happening. This was a lot of work by Kyle and I didn't m= ean to be dismissive of it.

So ]I'll just shudup and creep back into my hole, sorry for dis= turbing the real work going on.

Pedro.

=20
=20
On Saturday, May 18, 2024 at 01:42:54 PM GMT-5, Ped= ro Giffuni <pfg@freebsd.org> wrote:


=20 =20
Oh no .. please not...

We went into that in a GSoC:



Ultimately it proved to be useless since stack-pr= otector-strong.

The NetBSD code was not well adapted to clang either.

Ask me more if you really w= ant to dig into it, but we don't want this.

Pedro.

=

=20
=20
On Monday, May 13, 2024 at 12:24:13 AM GMT-5, Kyle = Evans <kevans@freebsd.org> wrote:


=20 =20

commit be04fec42638f30f50b5b55fd8e3634c0= fb89928
Author:    Kyle= Evans <kevans@FreeBSD.org>
=
AuthorDate: 2024-05-13 05:23:49 +0000
Commit:    Kyle Evans <keva= ns@FreeBSD.org>
CommitDate:= 2024-05-13 05:23:49 +0000

    Import _FORTIFY_SOURCE imp= lementation from NetBSD
  &nb= sp;
    This is a mostl= y-unmodified copy of the various *_chk implementations
    and headers from NetBSD, without yet mod= ifying system headers to start
&nb= sp;   actually including them.  A future commit will also apply t= he needed
    bits to fi= x ssp/unistd.h.
   
    Reviewed by:  &nbs= p; imp, pauamma_gundo.com (both previous versions), kib
<= /div>
    Sponsored by:  Stormshield
    Sponsored by:  Klara= , Inc.
    Differential = Revision:  https://reviews.freebsd.org/D32306
etc/mtree/BSD.include.dist        | = ; 2 +
include/ssp/ssp.h             = ;     |  91 ++++++++++++++++++++++++++
include/ssp/stdio.h          =       |  93 ++++++++++++++++++++++++++
include/ssp/string.h        &= nbsp;     | 129 ++++++++++++++++++++++++++++++++++++
include/ssp/strings.h      &n= bsp;       |  67 +++++++++++++++++++
=
include/ssp/unistd.h        &nb= sp;     |  54 +++++++++++++++
lib/libc/secure/Makefile.inc      |  11 += +++
lib/libc/secure/Symbol.map&nb= sp;       |  18 +++++
lib/libc/secure/fgets_chk.c        |  54= +++++++++++++++
lib/libc/secure/= gets_chk.c        |  74 +++++++++++++++++++++
lib/libc/secure/memcpy_chk.c  &= nbsp;   |  53 +++++++++++++++
lib/libc/secure/memmove_chk.c      |  47 ++++= +++++++++
lib/libc/secure/memset_= chk.c      |  46 +++++++++++++
lib/libc/secure/snprintf_chk.c    |  56 = ++++++++++++++++
lib/libc/secure/= sprintf_chk.c      |  61 +++++++++++++++++
lib/libc/secure/ssp_internal.h    = |  37 +++++++++++
lib/libc/s= ecure/stpcpy_chk.c      |  55 ++++++++++++++++
lib/libc/secure/stpncpy_chk.c  &nbs= p;   |  53 +++++++++++++++
lib/libc/secure/strcat_chk.c      |  60 ++++++++++= +++++++
lib/libc/secure/strcpy_ch= k.c      |  54 +++++++++++++++
lib/libc/secure/strncat_chk.c      | = ; 70 ++++++++++++++++++++
lib/lib= c/secure/strncpy_chk.c      |  53 +++++++++++++++
lib/libc/secure/vsnprintf_chk.c  =   |  49 ++++++++++++++
= lib/libc/secure/vsprintf_chk.c    |  58 ++++++++++++++++
lib/libssp/Makefile    &n= bsp;           |  20 +++++-
lib/libssp/Symbol.map        &= nbsp;     |  12 ++--
lib/libssp/Versions.def            | = 5 ++
lib/libssp/__builtin_objec= t_size.3 | 110 +++++++++++++++++++++++++++++++
lib/libssp/fortify_stubs.c        | 131 = -------------------------------------
lib/libssp/ssp.3               = ;   | 130 ++++++++++++++++++++++++++++++++++++
32 files changed, 1621 insertions(+), 140 deletions(-)<= br clear=3D"none">

diff --git a/etc/mtree/BSD.include.dist b/etc/mtree/BSD.include.di= st
index a6bd5880bf61..f8c83d6dde7= a 100644
--- a/etc/mtree/BSD.inclu= de.dist
+++ b/etc/mtree/BSD.includ= e.dist
@@ -372,6 +372,8 @@
        mac_veriexec=
        ..
    ..
+    ssp
+    ..
  =   sys
      &= nbsp; disk
      &= nbsp; ..
diff --git a/include/Mak= efile b/include/Makefile
index 19e= 6beb95203..32774419f162 100644
---= a/include/Makefile
+++ b/include/= Makefile
@@ -4,7 +4,7 @@

PACKAGE=3Dclibs
CLEANFILES=3D o= sreldate.h version
-SUBDIR=3D arpa= protocols rpcsvc rpc xlocale
+SUB= DIR=3D arpa protocols rpcsvc rpc ssp xlocale
.if ${MACHINE_CPUARCH} =3D=3D "amd64"
<= div dir=3D"ltr"> SUBDIR+=3D        i386
INCLUDE_SUBDIRS+=3D    = i386
diff --git a/include/ssp/Make= file b/include/ssp/Makefile
new fi= le mode 100644
index 000000000000.= .dff19f43c920
--- /dev/null
+++ b/include/ssp/Makefile
@@ -0,0 +1,6 @@
+# $FreeBSD$
+
+INCS=3D    ssp.h stdio.h s= tring.h strings.h unistd.h
+INCSDI= R=3D    ${INCLUDEDIR}/ssp
+
+.include <bsd.prog.= mk>
diff --git a/include/ssp/ss= p.h b/include/ssp/ssp.h
new file m= ode 100644
index 000000000000..35a= 9aeee02df
--- /dev/null
+++ b/include/ssp/ssp.h
=
@@ -0,0 +1,91 @@
+/*    $NetBSD: ssp.h,v 1.13 2015/09/03 20:43:47 plunk= y Exp $    */
+
+/*-
+ *
+ * SPDX-License-Iden= tifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006, 2011 The NetBSD Fo= undation, Inc.
+ * All rights rese= rved.
+ *
=
+ * This code is derived from software contributed to The = NetBSD Foundation
+ * by Christos = Zoulas.
+ *
+ * Redistribution and use in source and binary forms, w= ith or without
+ * modification, a= re permitted provided that the following conditions
+ * are met:
+ *= 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of cond= itions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright=
+ *    notice, this lis= t of conditions and the following disclaimer in the
+ *    documentation and/or other materials pro= vided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY TH= E NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BU= T NOT LIMITED
+ * TO, THE IMPLIED = WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHAL= L THE FOUNDATION OR CONTRIBUTORS
+= * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDIN= G, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUS= INESS
+ * INTERRUPTION) HOWEVER CA= USED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE= OR OTHERWISE)
+ * ARISING IN ANY = WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifn= def _SSP_SSP_H_
+#define _SSP_SSP_= H_
+
+#include <sys/cdefs.h>
+
+#if !defined(__cpluspl= us)
+# if defined(_FORTIFY_SOURCE)= && _FORTIFY_SOURCE > 0 && \
+    (__OPTIMIZE__ > 0 || defined(__clang__))
+#  if _FORTIFY_SOURCE > 1<= br clear=3D"none">
+#  define __SSP_FORTIFY_LEV= EL 2
+#  else
+#  define __SSP_FORTIFY_LEVEL 1
+#  endif
+# else
+#  def= ine __SSP_FORTIFY_LEVEL 0
+# endif=
+#else
+# define __SSP_FORTIFY_LEVEL 0
+#endif
+
+#define __ssp_bos(ptr) __builtin_object_size(ptr, __SS= P_FORTIFY_LEVEL > 1)
+#define _= _ssp_bos0(ptr) __builtin_object_size(ptr, 0)
+
+#define __ssp_check(= buf, len, bos) \
+  &nbs= p; if (bos(buf) !=3D (size_t)-1 && len > bos(buf)) \
+        __chk_= fail()
+#define __ssp_redirect_raw= (rtype, fun, symbol, args, call, cond, bos) \
+rtype __ssp_real_(fun) args __RENAME(symbol); \
+__ssp_inline rtype fun args __RENAME(__ssp_prot= ected_ ## fun); \
+__ssp_inline rt= ype fun args { \
+  &nbs= p; if (cond) \
+   =     __ssp_check(__buf, __len, bos); \
+    return __ssp_real_(fun) call; \
+}
+
+#define __ssp_redirect= (rtype, fun, args, call) \
+ =   __ssp_redirect_raw(rtype, fun, fun, args, call, 1, __ssp_bos)
+#define __ssp_redirect0(rtype, fun, ar= gs, call) \
+    __ssp_r= edirect_raw(rtype, fun, fun, args, call, 1, __ssp_bos0)
<= /div>
+
+__BEGIN_D= ECLS
+void __stack_chk_fail(void) = __dead2;
+void __chk_fail(void) __= dead2;
+__END_DECLS
+
+#end= if /* _SSP_SSP_H_ */
diff --git a/= include/ssp/stdio.h b/include/ssp/stdio.h
new file mode 100644
inde= x 000000000000..72e3236eac80
--- /= dev/null
+++ b/include/ssp/stdio.h=
@@ -0,0 +1,93 @@
+/*    $NetBSD: stdio.h,v 1.5 2011/= 07/17 20:54:34 joerg Exp $    */
+
+/*-
+ *
+ = * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 T= he NetBSD Foundation, Inc.
+ * All= rights reserved.
+ *
+ * This code is derived from software contrib= uted to The NetBSD Foundation
+ * = by Christos Zoulas.
+ *
+ * Redistribution and use in source and b= inary forms, with or without
+ * m= odification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above cop= yright
+ *    notice, th= is list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the = above copyright
+ *    n= otice, this list of conditions and the following disclaimer in the
+ *    documentation and/or othe= r materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS= PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES= , INCLUDING, BUT NOT LIMITED
+ * T= O, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  I= N NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, = EXEMPLARY, OR
+ * CONSEQUENTIAL DA= MAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR = PROFITS; OR BUSINESS
+ * INTERRUPT= ION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLU= DING NEGLIGENCE OR OTHERWISE)
+ * = ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE<= br clear=3D"none">
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef _SSP_STDIO_H_
+= #define _SSP_STDIO_H_
+
+#include <ssp/ssp.h>
+
+__BE= GIN_DECLS
+int __sprintf_chk(char = *__restrict, int, size_t, const char *__restrict, ...)
+    __printflike(4, 5);
<= /div>
+int __vsprintf_chk(char *__restrict, int, size_t, co= nst char *__restrict,
+  &nbs= p; __va_list)
+    __pri= ntflike(4, 0);
+int __snprintf_chk= (char *__restrict, size_t, int, size_t,
+    const char *__restrict, ...)
<= div dir=3D"ltr">+    __printflike(5, 6);
=
+int __vsnprintf_chk(char *__restrict, size_t, int, size_t= ,
+    const char *__re= strict, __va_list)
+    = __printflike(5, 0);
+char *__gets_= chk(char *, size_t);
+char *__fget= s_chk(char *, int, size_t, FILE *);
+__END_DECLS
+
+#if __SSP_FORTIFY_LEVEL > 0
<= /div>
+
+#define s= printf(str, ...) ({    \
+    char *_ssp_str =3D (str);    \
+    __builtin___sprintf_chk(_ss= p_str, 0, __ssp_bos(_ssp_str),        \
+        __VA_ARGS_= _); \
+})
=
+
+#define vsprin= tf(str, fmt, ap) ({    \
+    char *_ssp_str =3D (str);     &nbs= p;  \
+    __builti= n___vsprintf_chk(_ssp_str, 0, __ssp_bos(_ssp_str), fmt,    \=
+        ap);=                = \
+})
+
+#define snprintf(= str, len, ...) ({    \
+    char *_ssp_str =3D (str);      =   \
+    __builtin_= __snprintf_chk(_ssp_str, len, 0, __ssp_bos(_ssp_str),    \
+        __VA_A= RGS__);            \
+})
+
+#define vsnprintf(str, len, = fmt, ap) ({    \
+&= nbsp;   char *_ssp_str =3D (str);       = \
+    __builtin___vsnp= rintf_chk(_ssp_str, len, 0, __ssp_bos(_ssp_str),    \
+        fmt, ap);&n= bsp;           \
=
+})
+
+#define gets(str) ({   =         \
+  char *_ssp_str =3D (str);      &= nbsp; \
+    __gets_chk(= _ssp_str, __ssp_bos(_ssp_str));    \
+})
+
+#define fgets(str, len, fp) ({  = ;      \
+&nbs= p;   char *_ssp_str =3D (str);        \<= br clear=3D"none">
+    __fgets_chk(_ssp_st= r, len, __ssp_bos(_ssp_str), fp);    \
+})
+
+#endif /* __SSP_FORTIFY_LEVEL > 0 */
+
+#endif /* _SSP_STDIO_H_ */
diff --git a/include/ssp/string.h b/include/ssp/string.h
new file mode 100644
index 000000000000..996020fda778
--- /dev/null
+++ b/in= clude/ssp/string.h
@@ -0,0 +1,129 = @@
+/*    $NetBSD: = string.h,v 1.14 2020/09/05 13:37:59 mrg Exp $    */
+
+/*-
+ *
=
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * C= opyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived fr= om software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and us= e in source and binary forms, with or without
+ * modification, are permitted provided that the following con= ditions
+ * are met:
+ * 1. Redistributions of source code must reta= in the above copyright
+ *  &= nbsp; notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form mus= t reproduce the above copyright
+ = *    notice, this list of conditions and the following disclaimer= in the
+ *    documenta= tion and/or other materials provided with the distribution.
+ *
+ * = THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IM= PLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FO= R A PARTICULAR
+ * PURPOSE ARE DIS= CLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCID= ENTAL, SPECIAL, EXEMPLARY, OR
+ * = CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS O= F USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER= IN
+ * CONTRACT, STRICT LIABILITY= , OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF= ADVISED OF THE
+ * POSSIBILITY OF= SUCH DAMAGE.
+ */
+#ifndef _SSP_STRING_H_
<= div dir=3D"ltr">+#define _SSP_STRING_H_
+
+#include <ssp/ssp.h>= ;
+
+__BEGIN_DECLS
+void *_= _memcpy_chk(void *, const void *, size_t, size_t);
=
+void *__memmove_chk(void *, const void *, size_t, size_t)= ;
+void *__memset_chk(void *, int,= size_t, size_t);
+char *__stpcpy_= chk(char *, const char *, size_t);
+char *__stpncpy_chk(char *, const char *, size_t, size_t);
+char *__strcat_chk(char *, const char *, size_t= );
+char *__strcpy_chk(char *, con= st char *, size_t);
+char *__strnc= at_chk(char *, const char *, size_t, size_t);
+char *__strncpy_chk(char *, const char *, size_t, size_t);
+__END_DECLS
=
+
+#if __SSP_FORT= IFY_LEVEL > 0
+
+#define __ssp_bos_check3_typed_var(fun, dsttype,= dsrvar, dst, srctype, srcvar, \
+=     src, lenvar, len) ({        &nb= sp;       \
+    srctype srcvar =3D (src);      &= nbsp;         \
+    dsttype dstvar =3D (dst);    &nbs= p;           \
+    size_t lenvar =3D (len);  &nb= sp;             \
+    ((__ssp_bos0(dstvar) !=3D (size= _t)-1) ?        \
+    __builtin___ ## fun ## _chk(dstvar, srcvar, le= nvar,    \
+  =       __ssp_bos0(dstvar)) :      &n= bsp;         \
+    __ ## fun ## _ichk(dstvar, srcvar, lenvar)); = ;   \
+})
+
+#def= ine __ssp_bos_check3_typed(fun, dsttype, dst, srctype, src, len)  = ;  \
+    __ssp_bos= _check3_typed_var(fun, dsttype, __ssp_var(dstv), dst,    \
+        srctyp= e, __ssp_var(srcv), src, __ssp_var(lenv), len)
+
+#define __ssp_bos_= check3(fun, dst, src, len)        \
+    __ssp_bos_check3_typed_var(= fun, void *, __ssp_var(dstv), dst,    \
+        const void *, __ssp_var(s= rcv), src, __ssp_var(lenv), len)
+=
+#define __ssp_bos_check2_var(fun= , dstvar, dst, srcvar, src) ({        \
+    const void *srcvar =3D (= src);              &= nbsp; \
+    void *dstva= r =3D (dst);             =    \
+    ((__= ssp_bos0(dstvar) !=3D (size_t)-1) ?        \<= br clear=3D"none">
+    __builtin___ ## fun= ## _chk(dstvar, srcvar,        \
+        __ssp_bos0(dstva= r)) :              &= nbsp; \
+    __ ## fun #= # _ichk(dstvar, srcvar));        \
+})
+
+#define __ssp_bos_check2(fun= , dst, src)            \
+    __ssp_bos_check2_var(fun= , __ssp_var(dstv), dst, __ssp_var(srcv), src)
+
+#define __ssp_bos_i= check3_restrict(fun, type1, type2) \
+static __inline type1 __ ## fun ## _ichk(type1 __restrict, type2 __rest= rict, size_t); \
+static __inline = __attribute__((__always_inline__)) type1 \
+__ ## fun ## _ichk(type1 __restrict dst, type2 __restrict src, si= ze_t len) { \
+    = return __builtin___ ## fun ## _chk(dst, src, len, __ssp_bos0(dst)); \
+}
+
+#define __ssp_bos_icheck3(= fun, type1, type2) \
+static __inl= ine type1 __ ## fun ## _ichk(type1, type2, size_t); \
+static __inline __attribute__((__always_inline__)) typ= e1 \
+__ ## fun ## _ichk(type1 dst= , type2 src, size_t len) { \
+&nbs= p;   return __builtin___ ## fun ## _chk(dst, src, len, __ssp_bos0= (dst)); \
+}
+
+#define __s= sp_bos_icheck2_restrict(fun, type1, type2) \
+static __inline type1 __ ## fun ## _ichk(type1, type2); \
+static __inline __attribute__((__alway= s_inline__)) type1 \
+__ ## fun ##= _ichk(type1 __restrict dst, type2 __restrict src) { \
+    return __builtin___ ## fun ## _chk= (dst, src, __ssp_bos0(dst)); \
+}<= br clear=3D"none">
+
+__BEGIN_DECLS
+__ssp_bos= _icheck3_restrict(memcpy, void *, const void *)
+__ssp_bos_icheck3(memmove, void *, const void *)
+__ssp_bos_icheck3(memset, void *, int)
+__ssp_bos_icheck2_restrict(stpcpy, cha= r *, const char *)
+__ssp_bos_iche= ck3_restrict(stpncpy, char *, const char *)
+__ssp_bos_icheck2_restrict(strcpy, char *, const char *)
+__ssp_bos_icheck2_restrict(strcat, char = *, const char *)
+__ssp_bos_icheck= 3_restrict(strncpy, char *, const char *)
+__ssp_bos_icheck3_restrict(strncat, char *, const char *)
+__END_DECLS
+
+#define memcpy(dst= , src, len) __ssp_bos_check3(memcpy, dst, src, len)
+#define memmove(dst, src, len) __ssp_bos_check3(memmove,= dst, src, len)
+#define memset(ds= t, val, len) \
+    __ss= p_bos_check3_typed(memset, void *, dst, int, val, len)
+#define stpcpy(dst, src) __ssp_bos_check2(stpcpy, dst= , src)
+#define stpncpy(dst, src, = len) __ssp_bos_check3(stpncpy, dst, src, len)
+#define strcpy(dst, src) __ssp_bos_check2(strcpy, dst, src)
+#define strcat(dst, src) __ssp_bos_= check2(strcat, dst, src)
+#define = strncpy(dst, src, len) __ssp_bos_check3(strncpy, dst, src, len)
+#define strncat(dst, src, len) __ssp_bos_che= ck3(strncat, dst, src, len)
+
+#endif /* __SSP_FORTIFY_LEVEL > 0 = */
+#endif /* _SSP_STRING_H_ */
diff --git a/include/ssp/strings.h b= /include/ssp/strings.h
new file mo= de 100644
index 000000000000..06c9= c7cc0a09
--- /dev/null
+++ b/include/ssp/strings.h
@@ -0,0 +1,67 @@
+/*    $NetBSD: strings.h,v 1.3 2008/04/28 20:22:54= martin Exp $    */
+
+/*-
+ *
+ * SPDX-Licens= e-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2007 The NetBSD Fou= ndation, Inc.
+ * All rights reser= ved.
+ *
<= div dir=3D"ltr">+ * This code is derived from software contributed to The N= etBSD Foundation
+ * by Christos Z= oulas.
+ *
+ * Redistribution and use in source and binary forms, wi= th or without
+ * modification, ar= e permitted provided that the following conditions
=
+ * are met:
+ * = 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of cond= itions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright=
+ *    notice, this lis= t of conditions and the following disclaimer in the
+ *    documentation and/or other materials pro= vided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY TH= E NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BU= T NOT LIMITED
+ * TO, THE IMPLIED = WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHAL= L THE FOUNDATION OR CONTRIBUTORS
+= * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDIN= G, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUS= INESS
+ * INTERRUPTION) HOWEVER CA= USED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE= OR OTHERWISE)
+ * ARISING IN ANY = WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifn= def _SSP_STRINGS_H_
+#define _SSP_= STRINGS_H_
+
+#include <ssp/ssp.h>
+#include <string.h>
+
+#if __SSP_FORTIFY_LEVE= L > 0
+
+#define _ssp_bcopy(srcvar, src, dstvar, dst, lenvar,&nbs= p; len) ({    \
+&n= bsp;   const void *srcvar =3D (src);      &nb= sp;     \
+  &= nbsp; void *dstvar =3D (dst);         &n= bsp;  \
+    size_t= lenvar =3D (len);            = \
+    ((__ssp_bos0(dstv= ar) !=3D (size_t)-1) ?    \
+    __builtin___memmove_chk(dstvar, srcvar, lenvar,&nbs= p;   \
+    &n= bsp;   __ssp_bos0(dstvar)) :        &nbs= p;   \
+    __= memmove_ichk(dstvar, srcvar, lenvar));    \
+})
+
+#define    bcopy(src,= dst, len)            \
+    _ssp_bcopy(__ssp_var(srcv= ), src, __ssp_var(dstv), dst, __ssp_var(lenv), len)
+
+#define _ssp_= bzero(dstvar, dst, lenvar, len) ({        \
+    void *dstvar =3D (ds= t);            \
+    size_t lenvar =3D (len); &n= bsp;          \
=
+    ((__ssp_bos0(dstvar) !=3D (size_t)-1) ?&nbs= p;   \
+    __= builtin___memset_chk(dstvar, 0, lenvar,    \
+        __ssp_bos0(dstvar)) = : \
+    __memset_ichk(d= stvar, 0, lenvar));        \
+})
+
+#define    bzero(dst,= len)    _ssp_bzero(__ssp_var(dstv), dst, __ssp_var(lenv), l= en)
+
+#endif /* __SSP_FORTIFY_LEVEL > 0 */
+#endif /* _SSP_STRINGS_H_ */
<= div dir=3D"ltr">diff --git a/include/ssp/unistd.h b/include/ssp/unistd.h
new file mode 100644
index 000000000000..2414e2baa96b
--- /dev/null
+++ b/include/ssp/unistd.h
@@= -0,0 +1,54 @@
+/*  &nbs= p; $NetBSD: unistd.h,v 1.7 2015/06/25 18:41:03 joerg Exp $   = ; */
+
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
=
+ *
+ * This code= is derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistr= ibution and use in source and binary forms, with or without
+ * modification, are permitted provided that the= following conditions
+ * are met:=
+ * 1. Redistributions of source = code must retain the above copyright
+ *    notice, this list of conditions and the following discl= aimer.
+ * 2. Redistributions in b= inary form must reproduce the above copyright
+ *    notice, this list of conditions and the follow= ing disclaimer in the
+ *  &n= bsp; documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND = CONTRIBUTORS
+ * ``AS IS'' AND ANY= EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY = AND FITNESS FOR A PARTICULAR
+ * P= URPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTO= RS
+ * BE LIABLE FOR ANY DIRECT, I= NDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCURE= MENT OF
+ * SUBSTITUTE GOODS OR SE= RVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
=
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIAB= ILITY, WHETHER IN
+ * CONTRACT, ST= RICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOF= TWARE, EVEN IF ADVISED OF THE
+ * = POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef _SSP_UNISTD_H_
+#define _SSP_UNISTD_H_
+
+#include &l= t;ssp/ssp.h>
+
+#if __SSP_FORTIFY_LEVEL > 0
=
+__BEGIN_DECLS
+
+__ssp_redirect0(ssize_t, re= ad, (int __fd, void *__buf, size_t __len), \
+    (__fd, __buf, __len));
+
+__ssp_redirect(s= size_t, readlink, (const char *__restrict __path, \
+    char *__restrict __buf, size_t __len), (__= path, __buf, __len));
+
+__ssp_redirect_raw(char *, getcwd, getcwd= , (char *__buf, size_t __len),
+&n= bsp;   (__buf, __len), __buf !=3D 0, __ssp_bos);
+
+__END_DECLS=
+
+#endif /* __SSP_FORTIFY_LEVEL > 0 */
=
+#endif /* _SSP_UNISTD_H_ */
diff --git a/lib/libc/secure/Makefile.inc b/lib/libc/secure/Mak= efile.inc
index 8574c5a05dc5..3b1a= d879c715 100644
--- a/lib/libc/sec= ure/Makefile.inc
+++ b/lib/libc/se= cure/Makefile.inc
@@ -3,6 +3,17 @@=

.PATH: ${LIBC_SRCTOP}/secure

+# _FORTIFY_SOURCE
+SRCS+=3D    gets_chk.c fg= ets_chk.c memcpy_chk.c memmove_chk.c memset_chk.c \
+    snprintf_chk.c sprintf_chk.c stpcpy_c= hk.c stpncpy_chk.c \
+  =   strcat_chk.c strcpy_chk.c strncat_chk.c strncpy_chk.c \
+    vsnprintf_chk.c vsprintf_c= hk.c
+
+CFLAGS.snprintf_chk.c+=3D    -Wno-unused-para= meter
+CFLAGS.sprintf_chk.c+=3D&nb= sp;   -Wno-unused-parameter
+CFLAGS.vsnprintf_chk.c+=3D    -Wno-unused-parameter
+CFLAGS.vsprintf_chk.c+=3D  = ;  -Wno-unused-parameter
+
# Sources common to both syscall in= terfaces:
SRCS+=3D  &nb= sp; stack_protector.c \
 &nb= sp;  stack_protector_compat.c
diff --git a/lib/libc/secure/Symbol.map b/lib/libc/secure/Symbol.map
index 641f451b5421..7859fcee3821 100644=
--- a/lib/libc/secure/Symbol.map<= br clear=3D"none">
+++ b/lib/libc/secure/Symbol.map
@@ -3,3 +3,21 @@ FBSD_1.0 {
    __stack_chk_fail;
    __stack_chk_guard= ;
};
+
+FBSD_1.8 {
+    __gets_chk;
+    __fgets_chk;
+    __memcpy_chk;
+    __memmove_chk;
+    __memset_chk;
+    __snprintf_chk;
+    __sprintf_chk;
+    __stpcpy_chk;
+    __stpncpy_chk;
+    __strcat_chk;
+    __strcpy_chk;
+    __strncat_chk;
+    __strncpy_chk;
+    __vsnprintf_chk= ;
+    __vsprintf_c= hk;
+};
diff --git a/lib/libc/secure/fgets_chk.c b/lib/libc/secure/f= gets_chk.c
new file mode 100644
index 000000000000..72aa1d816ce1
--- /dev/null
+++ b/lib/libc/secure/fgets_chk.c
@@ -0,0 +1,54 @@
+/*-
+ *
=
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * C= opyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived fr= om software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution and us= e in source and binary forms, with or without
+ * modification, are permitted provided that the following con= ditions
+ * are met:
+ * 1. Redistributions of source code must reta= in the above copyright
+ *  &= nbsp; notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form mus= t reproduce the above copyright
+ = *    notice, this list of conditions and the following disclaimer= in the
+ *    documenta= tion and/or other materials provided with the distribution.
+ *
+ * = THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IM= PLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FO= R A PARTICULAR
+ * PURPOSE ARE DIS= CLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCID= ENTAL, SPECIAL, EXEMPLARY, OR
+ * = CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS O= F USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER= IN
+ * CONTRACT, STRICT LIABILITY= , OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF= ADVISED OF THE
+ * POSSIBILITY OF= SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
<= /div>
+__RCSID("$NetBSD: fgets_chk.c,v 1.6 2009/02/05 05:41= :51 lukem Exp $");
+
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+=
+#include <ssp/stdio.h>
+#include <ssp/string.h>
+#undef fgets
+
+char *
+__fgets_chk(char * __restrict buf, int le= n, size_t slen, FILE *fp)
+{
+    if (slen >=3D (s= ize_t)INT_MAX)
+   =     return (fgets(buf, len, fp));
<= div dir=3D"ltr">+
+  &nb= sp; if (len >=3D 0 && (size_t)len > slen)
<= /div>
+        __chk_fail();<= br clear=3D"none">
+
+    return (fgets(buf, len, fp));
+}
diff -= -git a/lib/libc/secure/gets_chk.c b/lib/libc/secure/gets_chk.c
new file mode 100644
<= div dir=3D"ltr">index 000000000000..18c1e2d18f43
--- /dev/null
+++ b= /lib/libc/secure/gets_chk.c
@@ -0,= 0 +1,74 @@
+/*-
=
+ *
+ * SPD= X-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The Ne= tBSD Foundation, Inc.
+ * All righ= ts reserved.
+ *
+ * This code is derived from software contributed = to The NetBSD Foundation
+ * by Ch= ristos Zoulas.
+ *
+ * Redistribution and use in source and binary f= orms, with or without
+ * modifica= tion, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list = of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above co= pyright
+ *    notice, t= his list of conditions and the following disclaimer in the
+ *    documentation and/or other materi= als provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDE= D BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
<= div dir=3D"ltr">+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUD= ING, BUT NOT LIMITED
+ * TO, THE I= MPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EV= ENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMP= LARY, OR
+ * CONSEQUENTIAL DAMAGES= (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFI= TS; OR BUSINESS
+ * INTERRUPTION) = HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING = NEGLIGENCE OR OTHERWISE)
+ * ARISI= NG IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: gets_chk.c,v 1.7 2013/10/04 20:49:16 christos Exp $");<= br clear=3D"none">
+
+#include <limits.h>
+#include <stdio.h>
+#incl= ude <stdlib.h>
+#include <= ;string.h>
+
=
+#include <ssp/stdio.h>
+#include <ssp/string.h>
<= div dir=3D"ltr">+
+char *__gets_un= safe(char *);
+
=
+char *
+__= gets_chk(char * __restrict buf, size_t slen)
+{
+    = char *abuf;
+    si= ze_t len;
+
+    if (slen >=3D (size_t)INT_MAX)
+      &nbs= p; return (__gets_unsafe(buf));
+<= br clear=3D"none">
+    if ((abuf =3D = malloc(slen + 1)) =3D=3D NULL)
+&n= bsp;       return (__gets_unsafe(buf));
+
+    if (fgets(abuf, (int)(slen + 1), stdin) =3D=3D NULL) {=
+      &= nbsp; free(abuf);
+  &nb= sp;     return (NULL);
+    }
+
+    len =3D strlen(abuf)= ;
+    if (len >= 0 && abuf[len - 1] =3D=3D '\n')
+        --len;
+
+ &nbs= p;  if (len >=3D slen)
+&n= bsp;       __chk_fail();
<= div dir=3D"ltr">+
+  &nb= sp; (void)memcpy(buf, abuf, len);
= +
+    buf[len] =3D= '\0';
+    free(ab= uf);
+    return (b= uf);
+}
diff --git a/lib/libc/secure/memcpy_chk.c b/lib/libc/secure/= memcpy_chk.c
new file mode 100644<= br clear=3D"none">
index 000000000000..99cf2d5f13ff
--- /dev/null
+++ b/lib/libc/secure/memcpy_chk.c
@@ -0,0 +1,53 @@
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ = * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived= from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribution an= d use in source and binary forms, with or without
<= div dir=3D"ltr">+ * modification, are permitted provided that the following= conditions
+ * are met:
+ * 1. Redistributions of source code must= retain the above copyright
+ *&nb= sp;   notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary for= m must reproduce the above copyright
+ *    notice, this list of conditions and the following discl= aimer in the
+ *    docu= mentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIB= UTORS
+ * ``AS IS'' AND ANY EXPRES= S OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FIT= NESS FOR A PARTICULAR
+ * PURPOSE = ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT= , INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF=
+ * SUBSTITUTE GOODS OR SERVICES;= LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, = WHETHER IN
+ * CONTRACT, STRICT LI= ABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, = EVEN IF ADVISED OF THE
+ * POSSIBI= LITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: memcpy_chk.c,v 1.7 2015/05/= 13 19:57:16 joerg Exp $");
+
+#include <string.h>
+
+#i= nclude <ssp/string.h>
+#unde= f memcpy
+
+#include "ssp_internal.h"
+
+void *
+__memcpy_chk(void * __restrict dst, const void= * __restrict src, size_t len,
+&n= bsp;   size_t slen)
+{
+    if (len > slen)
+      &nb= sp; __chk_fail();
+
+    if (__ssp_overlap((const cha= r *)src, (const char *)dst, len))
= +        __chk_fail();
+
+  =   return (memcpy(dst, src, len));
+}
diff --git a/lib/libc/secu= re/memmove_chk.c b/lib/libc/secure/memmove_chk.c
new file mode 100644
index 000000000000..07f965d608fc
--- /dev/null
+++ b/lib/libc/secu= re/memmove_chk.c
@@ -0,0 +1,47 @@<= br clear=3D"none">
+/*-
+ *
+ * SPDX-License-I= dentifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Founda= tion, Inc.
+ * All rights reserved= .
+ *
+ * This code is derived from software contributed to The NetB= SD Foundation
+ * by Christos Zoul= as.
+ *
+ * Redistribution and use in source and binary forms, with = or without
+ * modification, are p= ermitted provided that the following conditions
+ * are met:
+ * 1. = Redistributions of source code must retain the above copyright
+ *    notice, this list of conditio= ns and the following disclaimer.
+= * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of= conditions and the following disclaimer in the
+ *    documentation and/or other materials provide= d with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NE= TBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NO= T LIMITED
+ * TO, THE IMPLIED WARR= ANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL TH= E FOUNDATION OR CONTRIBUTORS
+ * B= E LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, B= UT NOT LIMITED TO, PROCUREMENT OF
= + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINES= S
+ * INTERRUPTION) HOWEVER CAUSED= AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR = OTHERWISE)
+ * ARISING IN ANY WAY = OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
<= /div>
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#include= <sys/cdefs.h>
+__RCSID("$Ne= tBSD: memmove_chk.c,v 1.6 2020/09/05 13:37:59 mrg Exp $");
+
+#inclu= de <string.h>
+
+#include <ssp/string.h>
+#undef memmove
+
+void *
+__memmove_chk(void *dst, const void *src, size_t= len,
+    size_t slen)<= br clear=3D"none">
+{
+    if (len > slen)
+        __chk_fail();
+    return (memmove(dst, = src, len));
+}
<= /div>
diff --git a/lib/libc/secure/memset_chk.c b/lib/libc/= secure/memset_chk.c
new file mode = 100644
index 000000000000..f337be9= 8b46d
--- /dev/null
+++ b/lib/libc/secure/memset_chk.c
@@ -0,0 +1,46 @@
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
<= /div>
+ * All rights reserved.
+ *
+ * This code is = derived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistribut= ion and use in source and binary forms, with or without
<= /div>
+ * modification, are permitted provided that the fol= lowing conditions
+ * are met:
+ * 1. Redistributions of source code= must retain the above copyright
+= *    notice, this list of conditions and the following disclaime= r.
+ * 2. Redistributions in binar= y form must reproduce the above copyright
+ *    notice, this list of conditions and the following= disclaimer in the
+ *   = ; documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND C= ONTRIBUTORS
+ * ``AS IS'' AND ANY = EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY A= ND FITNESS FOR A PARTICULAR
+ * PU= RPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTOR= S
+ * BE LIABLE FOR ANY DIRECT, IN= DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREM= ENT OF
+ * SUBSTITUTE GOODS OR SER= VICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
<= div dir=3D"ltr">+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABI= LITY, WHETHER IN
+ * CONTRACT, STR= ICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFT= WARE, EVEN IF ADVISED OF THE
+ * P= OSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: memset_chk.c,v 1.5 20= 14/09/17 00:39:28 joerg Exp $");
+=
+#include <string.h>
+
+#include <ssp/string.h>
= +#undef memset
+
+void *
+_= _memset_chk(void * __restrict dst, int val, size_t len, size_t slen)
+{
+    if (len > slen)
+        __chk_fail();
+    return (memset(dst, val, le= n));
+}
diff --git a/lib/libc/secure/snprintf_chk.c b/lib/libc/secur= e/snprintf_chk.c
new file mode 100= 644
index 000000000000..52ef874ede= 5b
--- /dev/null
+++ b/lib/libc/secure/snprintf_chk.c
@@ -0,0 +1,56 @@
+/*-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is d= erived from software contributed to The NetBSD Foundation
+ * by Christos Zoulas.
+ *
+ * Redistributi= on and use in source and binary forms, with or without
+ * modification, are permitted provided that the foll= owing conditions
+ * are met:
+ * 1. Redistributions of source code = must retain the above copyright
+ = *    notice, this list of conditions and the following disclaimer= .
+ * 2. Redistributions in binary= form must reproduce the above copyright
+ *    notice, this list of conditions and the following= disclaimer in the
+ *   = ; documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND C= ONTRIBUTORS
+ * ``AS IS'' AND ANY = EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY A= ND FITNESS FOR A PARTICULAR
+ * PU= RPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTOR= S
+ * BE LIABLE FOR ANY DIRECT, IN= DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREM= ENT OF
+ * SUBSTITUTE GOODS OR SER= VICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
<= div dir=3D"ltr">+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABI= LITY, WHETHER IN
+ * CONTRACT, STR= ICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFT= WARE, EVEN IF ADVISED OF THE
+ * P= OSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: snprintf_chk.c,v 1.5 = 2008/04/28 20:23:00 martin Exp $");
+
+#include <stdarg.h>
+#include <stdio.h>
+
+#= include <ssp/stdio.h>
+#unde= f vsnprintf
+
+int
+__snpri= ntf_chk(char * __restrict buf, size_t len, int flags, size_t slen,
+    const char * __restrict fmt= , ...)
+{
=
+    va_list ap;
+    int rv;
+
+    if = (len > slen)
+   = ;     __chk_fail();
+
+    va_start(ap= , fmt);
+    rv =3D= vsnprintf(buf, len, fmt, ap);
+&n= bsp;   va_end(ap);
+
+    return (rv);
+}
diff --git a/lib/libc/secure/sprintf_chk.c b/lib/libc/secure/sprintf_= chk.c
new file mode 100644
index 000000000000..d4c42ccba3ce
--- /dev/null
+++ b/lib/libc/secure/sprintf_chk.c
@@ -0,0 +1,61 @@
+/= *-
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
<= /div>
+ *
+ * Copy= right (c) 2006 The NetBSD Foundation, Inc.
+ * All rights reserved.
= + *
+ * This code is derived from = software contributed to The NetBSD Foundation
*** 1063 LINES SKIPPED ***
------=_Part_1592590_625024558.1716061526186--