30 files changed, 460 insertions, 25 deletions
diff --git a/usr/src/lib/Makefile b/usr/src/lib/Makefile
index 2418a2ee02..8eb1cee005 100644
--- a/usr/src/lib/Makefile
+++ b/usr/src/lib/Makefile
@@ -47,6 +47,7 @@ include ../Makefile.master
 
 # Build libc and its dependencies
 SUBDIRS=			\
+	ssp_ns			\
 	crt			\
 	../cmd/sgs/libconv	\
 	../cmd/sgs/libdl	\
diff --git a/usr/src/lib/Makefile.lib b/usr/src/lib/Makefile.lib
index 7eee86c18e..c1cb2513f3 100644
--- a/usr/src/lib/Makefile.lib
+++ b/usr/src/lib/Makefile.lib
@@ -182,6 +182,13 @@ INS.liblink64=	-$(RM) $@; $(SYMLINK) $(LIBLINKPATH)$(LIBLINKS)$(VERS) $@
 INS.liblinkccc64= -$(RM) $@; $(SYMLINK) $(LIBLINKPATH)$(LIBLINKSCCC)$(VERS) $@
 
 #
+# Default to adding stack protection to all libraries.
+#
+CFLAGS +=	$(CCSTACKPROTECT)
+CFLAGS64 +=	$(CCSTACKPROTECT)
+LDLIBS +=	$(LDSTACKPROTECT)
+
+#
 # If appropriate, augment POST_PROCESS_O and POST_PROCESS_SO to do CTF
 # processing.  We'd like to just conditionally append to POST_PROCESS_O and
 # POST_PROCESS_SO, but ParallelMake has a bug which causes the same value to
diff --git a/usr/src/lib/brand/lx/lx_vdso/tools/Makefile b/usr/src/lib/brand/lx/lx_vdso/tools/Makefile
index 7907aa67c4..272234b66e 100644
--- a/usr/src/lib/brand/lx/lx_vdso/tools/Makefile
+++ b/usr/src/lib/brand/lx/lx_vdso/tools/Makefile
@@ -19,6 +19,9 @@ include ../../../../../cmd/Makefile.cmd
 
 OBJS =			vdso_tool.o
 
+# Native tool, doesn't need stack protection.
+STACKPROTECT = none
+
 CLOBBERFILES +=		$(PROG)
 
 NATIVECC_CFLAGS +=	$(CFLAGS) $(CCVERBOSE)
diff --git a/usr/src/lib/libc/amd64/Makefile b/usr/src/lib/libc/amd64/Makefile
index d8919e9201..710a72e87e 100644
--- a/usr/src/lib/libc/amd64/Makefile
+++ b/usr/src/lib/libc/amd64/Makefile
@@ -267,6 +267,7 @@ COMSYSOBJS=			\
 	sigprocmsk.o		\
 	sigsendset.o		\
 	sigsuspend.o		\
+	ssp.o			\
 	statfs.o		\
 	statvfs.o		\
 	stty.o			\
@@ -279,6 +280,7 @@ COMSYSOBJS=			\
 	ulimit.o		\
 	umask.o			\
 	umount2.o		\
+	upanic.o		\
 	utssys.o		\
 	uucopy.o		\
 	vhangup.o		\
@@ -1201,6 +1203,12 @@ pics/arc4random.o :=	CPPFLAGS += -I$(SRC)/common/crypto/chacha
 pics/__clock_gettime.o := CPPFLAGS += $(COMMPAGE_CPPFLAGS)
 pics/gettimeofday.o := CPPFLAGS += $(COMMPAGE_CPPFLAGS)
 
+#
+# Disable the stack protector due to issues with bootstrapping rtld. See
+# cmd/sgs/rtld/Makefile.com for more information.
+#
+STACKPROTECT = none
+
 .KEEP_STATE:
 
 all: $(LIBS) $(LIB_PIC)
diff --git a/usr/src/lib/libc/i386/Makefile.com b/usr/src/lib/libc/i386/Makefile.com
index 293014892a..a074accf08 100644
--- a/usr/src/lib/libc/i386/Makefile.com
+++ b/usr/src/lib/libc/i386/Makefile.com
@@ -306,6 +306,7 @@ COMSYSOBJS=			\
 	ulimit.o		\
 	umask.o			\
 	umount2.o		\
+	upanic.o		\
 	utssys.o		\
 	uucopy.o		\
 	vhangup.o		\
@@ -574,6 +575,7 @@ PORTGEN=			\
 	sigsend.o		\
 	sigsetops.o		\
 	ssignal.o		\
+	ssp.o			\
 	stack.o			\
 	stpcpy.o		\
 	stpncpy.o		\
@@ -1266,6 +1268,12 @@ pics/arc4random.o :=	CPPFLAGS += -I$(SRC)/common/crypto/chacha
 pics/__clock_gettime.o := CPPFLAGS += $(COMMPAGE_CPPFLAGS)
 pics/gettimeofday.o := CPPFLAGS += $(COMMPAGE_CPPFLAGS)
 
+#
+# Disable the stack protector due to issues with bootstrapping rtld. See
+# cmd/sgs/rtld/Makefile.com for more information.
+#
+STACKPROTECT = none
+
 .KEEP_STATE:
 
 all: $(LIBS) $(LIB_PIC)
diff --git a/usr/src/lib/libc/inc/thr_uberdata.h b/usr/src/lib/libc/inc/thr_uberdata.h
index 7f08a0b8c4..65d73f9db7 100644
--- a/usr/src/lib/libc/inc/thr_uberdata.h
+++ b/usr/src/lib/libc/inc/thr_uberdata.h
@@ -1323,6 +1323,7 @@ extern	void	_flush_windows(void);
 #define	_flush_windows()
 #endif
 extern	void	set_curthread(void *);
+extern	void	ssp_init(void);
 
 /*
  * Utility function used when waking up many threads (more than MAXLWPS)
diff --git a/usr/src/lib/libc/port/gen/ssp.c b/usr/src/lib/libc/port/gen/ssp.c
new file mode 100644
index 0000000000..81d93829ea
--- /dev/null
+++ b/usr/src/lib/libc/port/gen/ssp.c
@@ -0,0 +1,67 @@
+/*
+ * This file and its contents are supplied under the terms of the
+ * Common Development and Distribution License ("CDDL"), version 1.0.
+ * You may only use this file in accordance with the terms of version
+ * 1.0 of the CDDL.
+ *
+ * A full copy of the text of the CDDL should have accompanied this
+ * source.  A copy of the CDDL is also available via the Internet at
+ * http://www.illumos.org/license/CDDL.
+ */
+
+/*
+ * Copyright 2020 Oxide Computer Company
+ */
+
+#include <upanic.h>
+#include <sys/random.h>
+
+/*
+ * This provides an implementation of the stack protector functions that are
+ * expected by gcc's ssp implementation.
+ *
+ * We attempt to initialize the stack guard with random data, which is our best
+ * protection. If that fails, we'd like to have a guard that is still meaningful
+ * and not totally predictable. The original StackGuard paper suggests using a
+ * terminator canary. To make this a little more difficult, we also use a
+ * portion of the data from gethrtime().
+ *
+ * In a 32-bit environment, we only have four bytes worth of data. We use the
+ * lower two bytes of the gethrtime() value and then use pieces of the
+ * terminator canary, '\n\0'. In a 64-bit environment we use the full four byte
+ * terminator canary and then four bytes of gethrtime.
+ */
+
+/*
+ * Use an array here so it's easier to get the length at compile time.
+ */
+static const char ssp_msg[] = "*** stack smashing detected";
+
+uintptr_t __stack_chk_guard;
+
+void
+ssp_init(void)
+{
+	if (getrandom(&__stack_chk_guard, sizeof (__stack_chk_guard), 0) !=
+	    sizeof (__stack_chk_guard)) {
+		/*
+		 * This failed, attempt to get some data that might let us get
+		 * off the ground.
+		 */
+		hrtime_t t = gethrtime();
+#ifdef	_LP32
+		const uint16_t guard = '\n' << 8 | '\0';
+		__stack_chk_guard = guard  << 16 | (uint16_t)t;
+#else
+		const uint32_t guard = '\r' << 24 | '\n' << 16 | '\0' << 8 |
+		    '\xff';
+		__stack_chk_guard = (uint64_t)guard << 32 | (uint32_t)t;
+#endif
+	}
+}
+
+void
+__stack_chk_fail(void)
+{
+	upanic(ssp_msg, sizeof (ssp_msg));
+}
diff --git a/usr/src/lib/libc/port/mapfile-vers b/usr/src/lib/libc/port/mapfile-vers
index 92a58825d4..0dec599cf6 100644
--- a/usr/src/lib/libc/port/mapfile-vers
+++ b/usr/src/lib/libc/port/mapfile-vers
@@ -78,6 +78,18 @@ $if _x86 && _ELF64
 $add amd64
 $endif
 
+SYMBOL_VERSION ILLUMOS_0.37 {
+   global:
+	__stack_chk_guard;
+   protected:
+	__stack_chk_fail;
+} ILLUMOS_0.36;
+
+SYMBOL_VERSION ILLUMOS_0.36 {
+    protected:
+	upanic;
+} ILLUMOS_0.35;
+
 SYMBOL_VERSION ILLUMOS_0.35 {
     protected:
 	qsort_r;
diff --git a/usr/src/lib/libc/port/sys/upanic.c b/usr/src/lib/libc/port/sys/upanic.c
new file mode 100644
index 0000000000..2edfe4c4ff
--- /dev/null
+++ b/usr/src/lib/libc/port/sys/upanic.c
@@ -0,0 +1,23 @@
+/*
+ * This file and its contents are supplied under the terms of the
+ * Common Development and Distribution License ("CDDL"), version 1.0.
+ * You may only use this file in accordance with the terms of version
+ * 1.0 of the CDDL.
+ *
+ * A full copy of the text of the CDDL should have accompanied this
+ * source.  A copy of the CDDL is also available via the Internet at
+ * http://www.illumos.org/license/CDDL.
+ */
+
+/*
+ * Copyright 2020 Oxide Computer Company
+ */
+
+#include <sys/types.h>
+#include <sys/syscall.h>
+
+void
+upanic(const void *buf, size_t len)
+{
+	(void) syscall(SYS_upanic, buf, len);
+}
diff --git a/usr/src/lib/libc/port/threads/assfail.c b/usr/src/lib/libc/port/threads/assfail.c
index 1c032d8ea7..4af2fc5664 100644
--- a/usr/src/lib/libc/port/threads/assfail.c
+++ b/usr/src/lib/libc/port/threads/assfail.c
@@ -26,10 +26,12 @@
 /*
  * Copyright (c) 2012, 2014 by Delphix. All rights reserved.
  * Copyright 2015 Joyent, Inc.
+ * Copyright 2020 Oxide Computer Company
  */
 
 #include "lint.h"
 #include "thr_uberdata.h"
+#include <upanic.h>
 
 const char *panicstr;
 ulwp_t *panic_thread;
@@ -60,35 +62,19 @@ grab_assert_lock()
 }
 
 static void
-Abort(const char *msg)
+Abort(const char *msg, size_t buflen)
 {
 	ulwp_t *self;
 	struct sigaction act;
 	sigset_t sigmask;
-	lwpid_t lwpid;
 
 	/* to help with core file debugging */
 	panicstr = msg;
 	if ((self = __curthread()) != NULL) {
 		panic_thread = self;
-		lwpid = self->ul_lwpid;
-	} else {
-		lwpid = _lwp_self();
 	}
 
-	/* set SIGABRT signal handler to SIG_DFL w/o grabbing any locks */
-	(void) memset(&act, 0, sizeof (act));
-	act.sa_sigaction = SIG_DFL;
-	(void) __sigaction(SIGABRT, &act, NULL);
-
-	/* delete SIGABRT from the signal mask */
-	(void) sigemptyset(&sigmask);
-	(void) sigaddset(&sigmask, SIGABRT);
-	(void) __lwp_sigmask(SIG_UNBLOCK, &sigmask);
-
-	(void) _lwp_kill(lwpid, SIGABRT);	/* never returns */
-	(void) kill(getpid(), SIGABRT);	/* if it does, try harder */
-	_exit(127);
+	upanic(msg, buflen);
 }
 
 /*
@@ -117,7 +103,7 @@ common_panic(const char *head, const char *why)
 	if (msg[len1 - 1] != '\n')
 		msg[len1++] = '\n';
 	(void) __write(2, msg, len1);
-	Abort(msg);
+	Abort(msg, sizeof (msg));
 }
 
 void
@@ -246,7 +232,7 @@ lock_error(const mutex_t *mp, const char *who, void *cv, const char *msg)
 	(void) strcat(buf, "\n\n");
 	(void) __write(2, buf, strlen(buf));
 	if (udp->uberflags.uf_thread_error_detection >= 2)
-		Abort(buf);
+		Abort(buf, sizeof (buf));
 	assert_thread = NULL;
 	(void) _lwp_mutex_unlock(&assert_lock);
 	if (self != NULL)
@@ -335,7 +321,7 @@ rwlock_error(const rwlock_t *rp, const char *who, const char *msg)
 	(void) strcat(buf, "\n\n");
 	(void) __write(2, buf, strlen(buf));
 	if (udp->uberflags.uf_thread_error_detection >= 2)
-		Abort(buf);
+		Abort(buf, sizeof (buf));
 	assert_thread = NULL;
 	(void) _lwp_mutex_unlock(&assert_lock);
 	if (self != NULL)
@@ -383,7 +369,7 @@ thread_error(const char *msg)
 	(void) strcat(buf, "\n\n");
 	(void) __write(2, buf, strlen(buf));
 	if (udp->uberflags.uf_thread_error_detection >= 2)
-		Abort(buf);
+		Abort(buf, sizeof (buf));
 	assert_thread = NULL;
 	(void) _lwp_mutex_unlock(&assert_lock);
 	if (self != NULL)
@@ -455,7 +441,7 @@ __assfail(const char *assertion, const char *filename, int line_num)
 	 *	if (self != NULL)
 	 *		exit_critical(self);
 	 */
-	Abort(buf);
+	Abort(buf, sizeof (buf));
 }
 
 /*
diff --git a/usr/src/lib/libc/port/threads/thr.c b/usr/src/lib/libc/port/threads/thr.c
index 8026ffad9c..66d0e524c2 100644
--- a/usr/src/lib/libc/port/threads/thr.c
+++ b/usr/src/lib/libc/port/threads/thr.c
@@ -1308,6 +1308,11 @@ libc_init(void)
 	 */
 	if (oldself != NULL && (oldself->ul_primarymap || !primary_link_map)) {
 		__tdb_bootstrap = oldself->ul_uberdata->tdb_bootstrap;
+		/*
+		 * Each link map has its own copy of the stack protector guard
+		 * and must always be initialized.
+		 */
+		ssp_init();
 		mutex_setup();
 		atfork_init();	/* every link map needs atfork() processing */
 		init_progname();
@@ -1448,6 +1453,7 @@ libc_init(void)
 		/* tls_size was zero when oldself was allocated */
 		lfree(oldself, sizeof (ulwp_t));
 	}
+	ssp_init();
 	mutex_setup();
 	atfork_init();
 	signal_init();
diff --git a/usr/src/lib/libc/sparc/Makefile.com b/usr/src/lib/libc/sparc/Makefile.com
index da5a4b541a..217cd58dc8 100644
--- a/usr/src/lib/libc/sparc/Makefile.com
+++ b/usr/src/lib/libc/sparc/Makefile.com
@@ -322,6 +322,7 @@ COMSYSOBJS=			\
 	ulimit.o		\
 	umask.o			\
 	umount2.o		\
+	upanic.o		\
 	utssys.o		\
 	uucopy.o		\
 	vhangup.o		\
@@ -601,6 +602,7 @@ PORTGEN=			\
 	sigsend.o		\
 	sigsetops.o		\
 	ssignal.o		\
+	ssp.o			\
 	stack.o			\
 	stpcpy.o		\
 	stpncpy.o		\
@@ -1317,6 +1319,12 @@ pics/arc4random.o :=	CPPFLAGS += -I$(SRC)/common/crypto/chacha
 # Files which need extra optimization
 pics/getenv.o := sparc_COPTFLAG = -xO4
 
+#
+# Disable the stack protector due to issues with bootstrapping rtld. See
+# cmd/sgs/rtld/Makefile.com for more information.
+#
+STACKPROTECT = none
+
 .KEEP_STATE:
 
 all: $(LIBS) $(LIB_PIC)
diff --git a/usr/src/lib/libc/sparcv9/Makefile.com b/usr/src/lib/libc/sparcv9/Makefile.com
index 7f659225d0..7689a5b66e 100644
--- a/usr/src/lib/libc/sparcv9/Makefile.com
+++ b/usr/src/lib/libc/sparcv9/Makefile.com
@@ -304,6 +304,7 @@ COMSYSOBJS=			\
 	ulimit.o		\
 	umask.o			\
 	umount2.o		\
+	upanic.o		\
 	utssys.o		\
 	uucopy.o		\
 	vhangup.o		\
@@ -559,6 +560,7 @@ PORTGEN=			\
 	sigsend.o		\
 	sigsetops.o		\
 	ssignal.o		\
+	ssp.o			\
 	stack.o			\
 	stpcpy.o		\
 	stpncpy.o		\
@@ -1240,6 +1242,12 @@ pics/arc4random.o :=	CPPFLAGS += -I$(SRC)/common/crypto/chacha
 # Files which need extra optimization
 pics/getenv.o := sparcv9_COPTFLAG = -xO4
 
+#
+# Disable the stack protector due to issues with bootstrapping rtld. See
+# cmd/sgs/rtld/Makefile.com for more information.
+#
+STACKPROTECT = none
+
 .KEEP_STATE:
 
 all: $(LIBS) $(LIB_PIC)
diff --git a/usr/src/lib/libdisasm/Makefile.com b/usr/src/lib/libdisasm/Makefile.com
index 2173e5bb2c..e88d62335f 100644
--- a/usr/src/lib/libdisasm/Makefile.com
+++ b/usr/src/lib/libdisasm/Makefile.com
@@ -124,6 +124,12 @@ CERRWARN +=	$(CNOWARN_UNINIT)
 # not linted
 SMATCH=off
 
+#
+# The standalone environment currently does not support the stack
+# protector.
+#
+STACKPROTECT = none
+
 # We want the thread-specific errno in the library, but we don't want it in
 # the standalone.  $(DTS_ERRNO) is designed to add -D_TS_ERRNO to $(CPPFLAGS),
 # in order to enable this feature.  Conveniently, -D_REENTRANT does the same
diff --git a/usr/src/lib/libdtrace/Makefile.com b/usr/src/lib/libdtrace/Makefile.com
index e2296ca468..9a68e6729d 100644
--- a/usr/src/lib/libdtrace/Makefile.com
+++ b/usr/src/lib/libdtrace/Makefile.com
@@ -143,7 +143,7 @@ SMATCH=off
 YYCFLAGS =
 LDLIBS += -lgen -lproc -lrtld_db -lnsl -lsocket -lctf -lelf -lc -lzonecfg
 DRTILDLIBS = $(LDLIBS.lib) -lc
-LIBDAUDITLIBS = $(LDLIBS.lib) -lmapmalloc -lc -lproc
+LIBDAUDITLIBS = $(LDLIBS.lib) -lmapmalloc -lc -lproc $(LDSTACKPROTECT)
 
 yydebug := YYCFLAGS += -DYYDEBUG
 
@@ -157,6 +157,14 @@ ROOTDLIBS = $(DLIBSRCS:%=$(ROOTDLIBDIR)/%)
 ROOTDOBJS = $(ROOTDLIBDIR)/$(DRTIOBJ) $(ROOTDLIBDIR)/$(LIBDAUDIT)
 ROOTDOBJS64 = $(ROOTDLIBDIR64)/$(DRTIOBJ) $(ROOTDLIBDIR64)/$(LIBDAUDIT)
 
+#
+# We do not build drti.o with the stack protector as otherwise
+# everything that uses dtrace -G may have a surprise stack protector
+# requirement right now. While in theory this could be handled by libc,
+# this will make the overall default transition smoother.
+#
+$(DRTIOBJ) := STACKPROTECT = none
+
 $(ROOTDLIBDIR)/%.d := FILEMODE=444
 $(ROOTDLIBDIR)/%.o := FILEMODE=444
 $(ROOTDLIBDIR64)/%.o :=	FILEMODE=444
diff --git a/usr/src/lib/libproc/common/Pcontrol.c b/usr/src/lib/libproc/common/Pcontrol.c
index b68adfb044..eda2737d91 100644
--- a/usr/src/lib/libproc/common/Pcontrol.c
+++ b/usr/src/lib/libproc/common/Pcontrol.c
@@ -1318,6 +1318,8 @@ Psecflags(struct ps_prochandle *P, prsecflags_t **psf)
 
 	if ((ret = P->ops.pop_secflags(P, psf, P->data)) == 0) {
 		if ((*psf)->pr_version != PRSECFLAGS_VERSION_1) {
+			free(*psf);
+			*psf = NULL;
 			errno = EINVAL;
 			return (-1);
 		}
diff --git a/usr/src/lib/libproc/common/Pcontrol.h b/usr/src/lib/libproc/common/Pcontrol.h
index 550b6779dd..6121a7e79b 100644
--- a/usr/src/lib/libproc/common/Pcontrol.h
+++ b/usr/src/lib/libproc/common/Pcontrol.h
@@ -172,6 +172,7 @@ typedef struct core_info {	/* information specific to core files */
 	priv_impl_info_t *core_ppii;	/* NOTE entry for core_privinfo */
 	char *core_zonename;	/* zone name from core file */
 	prsecflags_t *core_secflags; /* secflags from core file */
+	prupanic_t *core_upanic; /* upanic from core file */
 #if defined(__i386) || defined(__amd64)
 	struct ssd *core_ldt;	/* LDT entries from core file */
 	uint_t core_nldt;	/* number of LDT entries in core file */
diff --git a/usr/src/lib/libproc/common/Pcore.c b/usr/src/lib/libproc/common/Pcore.c
index cd539876b1..39424fad67 100644
--- a/usr/src/lib/libproc/common/Pcore.c
+++ b/usr/src/lib/libproc/common/Pcore.c
@@ -245,6 +245,8 @@ Pfini_core(struct ps_prochandle *P, void *data)
 			free(core->core_zonename);
 		if (core->core_secflags != NULL)
 			free(core->core_secflags);
+		if (core->core_upanic != NULL)
+			free(core->core_upanic);
 #ifdef __x86
 		if (core->core_ldt != NULL)
 			free(core->core_ldt);
@@ -1201,6 +1203,34 @@ err:
 	return (-1);
 }
 
+static int
+note_upanic(struct ps_prochandle *P, size_t nbytes)
+{
+	core_info_t *core = P->data;
+	prupanic_t *pru;
+
+	if (core->core_upanic != NULL)
+		return (0);
+
+	if (sizeof (*pru) != nbytes) {
+		dprintf("Pgrab_core: NT_UPANIC changed size."
+		    "  Need to handle a version change?\n");
+		return (-1);
+	}
+
+	if (nbytes != 0 && ((pru = malloc(nbytes)) != NULL)) {
+		if (read(P->asfd, pru, nbytes) != nbytes) {
+			dprintf("Pgrab_core: failed to read NT_UPANIC\n");
+			free(pru);
+			return (-1);
+		}
+
+		core->core_upanic = pru;
+	}
+
+	return (0);
+}
+
 /*ARGSUSED*/
 static int
 note_notsup(struct ps_prochandle *P, size_t nbytes)
@@ -1266,6 +1296,7 @@ static int (*nhdlrs[])(struct ps_prochandle *, size_t) = {
 	note_spymaster,		/* 23	NT_SPYMASTER		*/
 	note_secflags,		/* 24	NT_SECFLAGS		*/
 	note_lwpname,		/* 25	NT_LWPNAME		*/
+	note_upanic		/* 26	NT_UPANIC		*/
 };
 
 static void
@@ -2880,3 +2911,37 @@ Pgrab_core(const char *core, const char *aout, int gflag, int *perr)
 
 	return (NULL);
 }
+
+int
+Pupanic(struct ps_prochandle *P, prupanic_t **pru)
+{
+	core_info_t *core;
+
+	if (P->state != PS_DEAD) {
+		errno = ENODATA;
+		return (-1);
+	}
+
+	core = P->data;
+	if (core->core_upanic == NULL) {
+		errno = ENOENT;
+		return (-1);
+	}
+
+	if (core->core_upanic->pru_version != PRUPANIC_VERSION_1) {
+		errno = EINVAL;
+		return (-1);
+	}
+
+	if ((*pru = calloc(1, sizeof (prupanic_t))) == NULL)
+		return (-1);
+	(void) memcpy(*pru, core->core_upanic, sizeof (prupanic_t));
+
+	return (0);
+}
+
+void
+Pupanic_free(prupanic_t *pru)
+{
+	free(pru);
+}
diff --git a/usr/src/lib/libproc/common/libproc.h b/usr/src/lib/libproc/common/libproc.h
index cdf789a621..a73f8af647 100644
--- a/usr/src/lib/libproc/common/libproc.h
+++ b/usr/src/lib/libproc/common/libproc.h
@@ -792,6 +792,12 @@ extern int proc_finistdio(void);
 typedef int proc_fdinfo_f(void *, const prfdinfo_t *);
 extern int Pfdinfo_iter(struct ps_prochandle *, proc_fdinfo_f *, void *);
 
+/*
+ * NT_UPANIC information.
+ */
+extern int Pupanic(struct ps_prochandle *, prupanic_t **);
+extern void Pupanic_free(prupanic_t *);
+
 #ifdef	__cplusplus
 }
 #endif
diff --git a/usr/src/lib/libproc/common/mapfile-vers b/usr/src/lib/libproc/common/mapfile-vers
index 1da5918393..61934de499 100644
--- a/usr/src/lib/libproc/common/mapfile-vers
+++ b/usr/src/lib/libproc/common/mapfile-vers
@@ -307,6 +307,8 @@ SYMBOL_VERSION SUNWprivate_1.1 {
 	Punsetflags;
 	Pupdate_maps;
 	Pupdate_syms;
+	Pupanic;
+	Pupanic_free;
 	Pwait;
 	Pwrite;
 	Pxcreate;
diff --git a/usr/src/lib/libproc/common/proc_names.c b/usr/src/lib/libproc/common/proc_names.c
index 314b01fbcd..65332da273 100644
--- a/usr/src/lib/libproc/common/proc_names.c
+++ b/usr/src/lib/libproc/common/proc_names.c
@@ -24,6 +24,7 @@
  * Copyright (c) 2015, Joyent, Inc.  All rights reserved.
  * Copyright 2019, Carlos Neira <cneirabustos@gmail.com>
  * Copyright 2019 OmniOS Community Edition (OmniOSce) Association.
+ * Copyright 2020 Oxide Computer Company
  */
 
 #include <stdio.h>
@@ -241,7 +242,7 @@ static const char *const systable[] = {
 	"writev",		/* 122 */
 	"preadv",		/* 123 */
 	"pwritev",		/* 124 */
-	NULL,			/* 125 */
+	"upanic",		/* 125 */
 	"getrandom",		/* 126 */
 	"mmapobj",		/* 127 */
 	"setrlimit",		/* 128 */
diff --git a/usr/src/lib/libsaveargs/Makefile.com b/usr/src/lib/libsaveargs/Makefile.com
index 3f23249570..6e47b2839c 100644
--- a/usr/src/lib/libsaveargs/Makefile.com
+++ b/usr/src/lib/libsaveargs/Makefile.com
@@ -60,6 +60,12 @@ LINKTEST_OBJ = objs/linktest_stand.o
 CLOBBERFILES_standalone = $(LINKTEST_OBJ)
 CLOBBERFILES += $(CLOBBERFILES_$(CURTYPE))
 
+#
+# The standalone environment currently does not support the stack
+# protector.
+#
+$(STANDLIBRARY) := STACKPROTECT = none
+
 LIBS_standalone	= $(STANDLIBRARY)
 LIBS_library = $(DYNLIB)
 LIBS = $(LIBS_$(CURTYPE))
diff --git a/usr/src/lib/libumem/Makefile.com b/usr/src/lib/libumem/Makefile.com
index 876940f995..aabff24f69 100644
--- a/usr/src/lib/libumem/Makefile.com
+++ b/usr/src/lib/libumem/Makefile.com
@@ -155,6 +155,12 @@ CFLAGS += $(CFLAGS_$(CURTYPE)) $(CFLAGS_common)
 CFLAGS64_standalone = $(STAND_FLAGS_64)
 CFLAGS64 += $(CCVERBOSE) $(CFLAGS64_$(CURTYPE)) $(CFLAGS64_common)
 
+#
+# For the standalone environment, disable the stack protector for the
+# time being.
+#
+$(STANDLIBRARY) := STACKPROTECT = none
+
 # false positive for umem_alloc_sizes_add()
 pics/umem.o := SMOFF += index_overflow
 objs/umem.o := SMOFF += index_overflow
diff --git a/usr/src/lib/ssp_ns/Makefile b/usr/src/lib/ssp_ns/Makefile
new file mode 100644
index 0000000000..e04e271f66
--- /dev/null
+++ b/usr/src/lib/ssp_ns/Makefile
@@ -0,0 +1,37 @@
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source.  A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+#
+
+#
+# Copyright 2020 Oxide Computer Company
+#
+
+include		../Makefile.lib
+
+SUBDIRS =	$(MACH)
+$(BUILD64)SUBDIRS +=	$(MACH64)
+
+all :=		TARGET = all
+clean :=	TARGET = clean
+clobber :=	TARGET = clobber
+install :=	TARGET = install
+
+.KEEP_STATE:
+
+all clean clobber: $(SUBDIRS)
+
+install:	$(SUBDIRS)
+
+$(SUBDIRS):  FRC
+	@cd $@; pwd; $(MAKE) $(TARGET)
+
+FRC:
+
+include ../Makefile.targ
diff --git a/usr/src/lib/ssp_ns/Makefile.com b/usr/src/lib/ssp_ns/Makefile.com
new file mode 100644
index 0000000000..aaa9aa52a9
--- /dev/null
+++ b/usr/src/lib/ssp_ns/Makefile.com
@@ -0,0 +1,46 @@
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source.  A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+#
+
+#
+# Copyright 2020 Oxide Computer Company
+#
+
+LIBRARY =	libssp_ns.a
+VERS =		.1
+OBJECTS =	ssp_ns.o
+
+include ../../Makefile.lib
+
+#
+# We need to build an archive file; however, this is going to show up
+# and be used in libraries and otherwise. So we need to still build it
+# as position independent code. The Makefile system doesn't want to
+# build a PIC file that's going into a .a file by default, so we have to
+# do a little bit here.
+#
+LIBS =		$(LIBRARY)
+SRCDIR =	../common
+CFLAGS +=	$($(MACH)_C_PICFLAGS)
+
+#
+# Disable stack protection for the things providing the stack
+# protection.
+#
+STACKPROTECT = none
+
+CLOBBERFILES +=	$(LIBRARY)
+
+.KEEP_STATE:
+
+all:	$(LIBS)
+
+
+include ../../Makefile.targ
diff --git a/usr/src/lib/ssp_ns/amd64/Makefile b/usr/src/lib/ssp_ns/amd64/Makefile
new file mode 100644
index 0000000000..59bd9673ce
--- /dev/null
+++ b/usr/src/lib/ssp_ns/amd64/Makefile
@@ -0,0 +1,19 @@
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source.  A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+#
+
+#
+# Copyright 2020 Oxide Computer Company
+#
+
+include ../Makefile.com
+include ../../Makefile.lib.64
+
+install: all $(ROOTLIBS64)
diff --git a/usr/src/lib/ssp_ns/common/ssp_ns.c b/usr/src/lib/ssp_ns/common/ssp_ns.c
new file mode 100644
index 0000000000..bf7c45cd90
--- /dev/null
+++ b/usr/src/lib/ssp_ns/common/ssp_ns.c
@@ -0,0 +1,37 @@
+/*
+ * This file and its contents are supplied under the terms of the
+ * Common Development and Distribution License ("CDDL"), version 1.0.
+ * You may only use this file in accordance with the terms of version
+ * 1.0 of the CDDL.
+ *
+ * A full copy of the text of the CDDL should have accompanied this
+ * source.  A copy of the CDDL is also available via the Internet at
+ * http://www.illumos.org/license/CDDL.
+ */
+
+/*
+ * Copyright 2020 Oxide Computer Company
+ */
+
+#include <sys/ccompile.h>
+
+/*
+ * To impement gcc's stack protector library, the compiler emits a function call
+ * to a symbol which can be called absolutely. As a result, to make that happen,
+ * we mimic what gcc does with libssp and create an archive file that can be
+ * used in the specs file to pull this in directly. This is a bit of a pain, but
+ * that's the best we can do given the architecture that we have.
+ *
+ * Warning: This is a static archive. Nothing beyond the call for
+ * __stack_chk_fail_local and calls to committed interfaces should be here. As
+ * this implementation will be linked into programs, one should exercise care to
+ * make sure we don't expose anything else here.
+ */
+
+extern void __stack_chk_fail(void);
+
+void __HIDDEN
+__stack_chk_fail_local(void)
+{
+	__stack_chk_fail();
+}
diff --git a/usr/src/lib/ssp_ns/i386/Makefile b/usr/src/lib/ssp_ns/i386/Makefile
new file mode 100644
index 0000000000..c5a17a19d7
--- /dev/null
+++ b/usr/src/lib/ssp_ns/i386/Makefile
@@ -0,0 +1,18 @@
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source.  A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+#
+
+#
+# Copyright 2020 Oxide Computer Company
+#
+
+include ../Makefile.com
+
+install: all $(ROOTLIBS)
diff --git a/usr/src/lib/ssp_ns/sparc/Makefile b/usr/src/lib/ssp_ns/sparc/Makefile
new file mode 100644
index 0000000000..c5a17a19d7
--- /dev/null
+++ b/usr/src/lib/ssp_ns/sparc/Makefile
@@ -0,0 +1,18 @@
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source.  A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+#
+
+#
+# Copyright 2020 Oxide Computer Company
+#
+
+include ../Makefile.com
+
+install: all $(ROOTLIBS)
diff --git a/usr/src/lib/ssp_ns/sparcv9/Makefile b/usr/src/lib/ssp_ns/sparcv9/Makefile
new file mode 100644
index 0000000000..59bd9673ce
--- /dev/null
+++ b/usr/src/lib/ssp_ns/sparcv9/Makefile
@@ -0,0 +1,19 @@
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source.  A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+#
+
+#
+# Copyright 2020 Oxide Computer Company
+#
+
+include ../Makefile.com
+include ../../Makefile.lib.64
+
+install: all $(ROOTLIBS64)