From cf7b86d7fea4a9a5072dc3ea416f6be94ab6e847 Mon Sep 17 00:00:00 2001
From: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Date: Fri, 26 Jan 2018 22:35:29 +0000
Subject: [PATCH] git-stack-protect-static

commit 99ee4d26dc07c3eadfbf6793db26ef9dfb1551e5
Author: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date:   Sun Aug 27 22:26:49 2017 +0200

    hurd: Fix static initialization with -fstack-protector-strong

    When linked statically, TLS initialization is not achieved before
    mach_init and alike, so ssp accesses to tcbhead's stack_guard would
    crash.  We can just avoid using ssp in the few functions needed before
    TLS is set up.

            * mach/Makefile (CFLAGS-mach_init.o, CFLAGS-RPC_vm_statistics.o,
            CFLAGS-RPC_vm_map.o, CFLAGS-RPC_vm_protect.o,
            CFLAGS-RPC_i386_set_gdt.o, CFLAGS-RPC_i386_set_ldt.o,
            CFLAGS-RPC_task_get_special_port.o): Add $(no-stack-protector).
            * hurd/Makefile (CFLAGS-hurdstartup.o,
            CFLAGS-RPC_exec_startup_get_info.o): Add $(no-stack-protector).


Gbp-Pq: Topic hurd-i386
Gbp-Pq: Name git-stack-protect-static.diff
---
 hurd/Makefile | 4 ++++
 mach/Makefile | 9 +++++++++
 2 files changed, 13 insertions(+)

diff --git a/hurd/Makefile b/hurd/Makefile
index a60ecf346..15f7b14a6 100644
--- a/hurd/Makefile
+++ b/hurd/Makefile
@@ -84,6 +84,10 @@ $(inlines:%=$(objpfx)%.c): $(objpfx)%-inlines.c: %.h
 	 echo '#include "$<"') > $@-new
 	mv -f $@-new $@
 generated += $(inlines:=.c)
+
+# Avoid ssp before TLS is initialized.
+CFLAGS-hurdstartup.o = $(no-stack-protector)
+CFLAGS-RPC_exec_startup_get_info.o = $(no-stack-protector)
 
 include ../mach/Machrules
 include ../Rules
diff --git a/mach/Makefile b/mach/Makefile
index 88c08ad37..958fc7a4c 100644
--- a/mach/Makefile
+++ b/mach/Makefile
@@ -53,6 +53,15 @@ server-interfaces := mach/exc
 
 # Clear any environment	value.
 generated =
+
+# Avoid ssp before TLS is initialized.
+CFLAGS-mach_init.o = $(no-stack-protector)
+CFLAGS-RPC_vm_statistics.o = $(no-stack-protector)
+CFLAGS-RPC_vm_map.o = $(no-stack-protector)
+CFLAGS-RPC_vm_protect.o = $(no-stack-protector)
+CFLAGS-RPC_i386_set_gdt.o = $(no-stack-protector)
+CFLAGS-RPC_i386_set_ldt.o = $(no-stack-protector)
+CFLAGS-RPC_task_get_special_port.o = $(no-stack-protector)
 
 # Translate GNU names for CPUs into the names used in Mach header files.
 mach-machine = $(patsubst powerpc,ppc,$(base-machine))
-- 
2.30.2