Move the stack protector to a new "secure" directory

As part of the code refactoring to support FORTIFY_SOURCE we want
a new subdirectory "secure" to keep the files related to security.
Move the stack protector functions to this new directory.

No functional change.

Differential Review:	https://reviews.freebsd.org/D3333

4 files changed, 0 insertions, 142 deletions

diff --git a/lib/libc/sys/Makefile.inc b/lib/libc/sys/Makefile.inc
index e672b69..fad970c 100644
--- a/lib/libc/sys/Makefile.inc
+++ b/lib/libc/sys/Makefile.inc
@@ -21,8 +21,6 @@ PSEUDO+= _clock_gettime.o _gettimeofday.o
 
 # Sources common to both syscall interfaces:
 SRCS+=	\
-	stack_protector.c \
-	stack_protector_compat.c \
 	__error.c \
 	interposing_table.c
 
diff --git a/lib/libc/sys/Symbol.map b/lib/libc/sys/Symbol.map
index a3a613e..45833ab 100644
--- a/lib/libc/sys/Symbol.map
+++ b/lib/libc/sys/Symbol.map
@@ -56,7 +56,6 @@ FBSD_1.0 {
 	bind;
 	chdir;
 	chflags;
-	__chk_fail;
 	chmod;
 	chown;
 	chroot;
@@ -281,8 +280,6 @@ FBSD_1.0 {
 	sigwaitinfo;
 	socket;
 	socketpair;
-	__stack_chk_fail;
-	__stack_chk_guard;
 	stat;
 	statfs;
 	swapoff;
diff --git a/lib/libc/sys/stack_protector.c b/lib/libc/sys/stack_protector.c
deleted file mode 100644
index cd5f166..0000000
--- a/lib/libc/sys/stack_protector.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* $NetBSD: stack_protector.c,v 1.4 2006/11/22 17:23:25 christos Exp $	*/
-/* $OpenBSD: stack_protector.c,v 1.10 2006/03/31 05:34:44 deraadt Exp $	*/
-/*
- * Copyright (c) 2002 Hiroaki Etoh, Federico G. Schwindt, and Miodrag Vallat.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
- * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-#include <sys/param.h>
-#include <sys/sysctl.h>
-#include <sys/types.h>
-#include <errno.h>
-#include <link.h>
-#include <signal.h>
-#include <string.h>
-#include <syslog.h>
-#include <unistd.h>
-#include "libc_private.h"
-
-extern int __sysctl(const int *name, u_int namelen, void *oldp,
-    size_t *oldlenp, void *newp, size_t newlen);
-
-long __stack_chk_guard[8] = {0, 0, 0, 0, 0, 0, 0, 0};
-static void __guard_setup(void) __attribute__((__constructor__, __used__));
-static void __fail(const char *);
-void __stack_chk_fail(void);
-void __chk_fail(void);
-
-/*LINTED used*/
-static void
-__guard_setup(void)
-{
-	static const int mib[2] = { CTL_KERN, KERN_ARND };
-	size_t len;
-	int error;
-
-	if (__stack_chk_guard[0] != 0)
-		return;
-	error = _elf_aux_info(AT_CANARY, __stack_chk_guard,
-	    sizeof(__stack_chk_guard));
-	if (error == 0 && __stack_chk_guard[0] != 0)
-		return;
-
-	len = sizeof(__stack_chk_guard);
-	if (__sysctl(mib, nitems(mib), __stack_chk_guard, &len, NULL, 0) ==
-	    -1 || len != sizeof(__stack_chk_guard)) {
-		/* If sysctl was unsuccessful, use the "terminator canary". */
-		((unsigned char *)(void *)__stack_chk_guard)[0] = 0;
-		((unsigned char *)(void *)__stack_chk_guard)[1] = 0;
-		((unsigned char *)(void *)__stack_chk_guard)[2] = '\n';
-		((unsigned char *)(void *)__stack_chk_guard)[3] = 255;
-	}
-}
-
-/*ARGSUSED*/
-static void
-__fail(const char *msg)
-{
-	struct sigaction sa;
-	sigset_t mask;
-
-	/* Immediately block all signal handlers from running code */
-	(void)sigfillset(&mask);
-	(void)sigdelset(&mask, SIGABRT);
-	(void)sigprocmask(SIG_BLOCK, &mask, NULL);
-
-	/* This may fail on a chroot jail... */
-	syslog(LOG_CRIT, "%s", msg);
-
-	(void)memset(&sa, 0, sizeof(sa));
-	(void)sigemptyset(&sa.sa_mask);
-	sa.sa_flags = 0;
-	sa.sa_handler = SIG_DFL;
-	(void)sigaction(SIGABRT, &sa, NULL);
-	(void)kill(getpid(), SIGABRT);
-	_exit(127);
-}
-
-void
-__stack_chk_fail(void)
-{
-	__fail("stack overflow detected; terminated");
-}
-
-void
-__chk_fail(void)
-{
-	__fail("buffer overflow detected; terminated");
-}
-
-#ifndef PIC
-__weak_reference(__stack_chk_fail, __stack_chk_fail_local);
-#endif
diff --git a/lib/libc/sys/stack_protector_compat.c b/lib/libc/sys/stack_protector_compat.c
deleted file mode 100644
index cacb863..0000000
--- a/lib/libc/sys/stack_protector_compat.c
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
- * Written by Alexander Kabaev <kan@FreeBSD.org>
- * The file is in public domain.
- */
-
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-void __stack_chk_fail(void);
-
-#ifdef PIC
-void
-__stack_chk_fail_local_hidden(void)
-{
-
-	__stack_chk_fail();
-}
-
-__sym_compat(__stack_chk_fail_local, __stack_chk_fail_local_hidden, FBSD_1.0);
-#endif