tequilaOS/platform_bionic
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

am 1271cdc1: Merge "Revert "stack protector: use AT_RANDOM""

Browse source 
* commit '1271cdc1c91c6ae688917bc8f4ae59d2a97b3e99':
  Revert "stack protector: use AT_RANDOM"
This commit is contained in:
Nick Kralevich 2013-01-16 13:53:25 -08:00 committed by Android Git Automerger
commit 8d01c0557b
6 changed files with 50 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
libc/bionic/libc_init_common.c
View file

@ -53,22 +53,6 @@ unsigned int __page_shift = PAGE_SHIFT;
int __system_properties_init(void); int __system_properties_init(void);
static Elf32_auxv_t* get_aux_from_elfdata(uintptr_t* elf_data) {
int argc = *elf_data;
char** argv = (char**) (elf_data + 1);
char** envp = argv + argc + 1;
// The auxiliary vector is at the end of the environment block
while(*envp != NULL) {
envp++;
}
/* The end of the environment block is marked by two NULL pointers */
envp++;
return (Elf32_auxv_t*) envp;
}
/* Init TLS for the initial thread. Called by the linker _before_ libc is mapped /* Init TLS for the initial thread. Called by the linker _before_ libc is mapped
* in memory. Beware: all writes to libc globals from this function will * in memory. Beware: all writes to libc globals from this function will
* apply to linker-private copies and will not be visible from libc later on. * apply to linker-private copies and will not be visible from libc later on.
@ -80,7 +64,7 @@ static Elf32_auxv_t* get_aux_from_elfdata(uintptr_t* elf_data) {
* This function also stores the elf_data argument in a specific TLS slot to be later * This function also stores the elf_data argument in a specific TLS slot to be later
* picked up by the libc constructor. * picked up by the libc constructor.
*/ */
void __libc_init_tls(uintptr_t* elf_data) { void __libc_init_tls(unsigned** elf_data) {
unsigned stack_top = (__get_sp() & ~(PAGE_SIZE - 1)) + PAGE_SIZE; unsigned stack_top = (__get_sp() & ~(PAGE_SIZE - 1)) + PAGE_SIZE;
unsigned stack_size = 128 * 1024; unsigned stack_size = 128 * 1024;
unsigned stack_bottom = stack_top - stack_size; unsigned stack_bottom = stack_top - stack_size;
@ -93,7 +77,6 @@ void __libc_init_tls(uintptr_t* elf_data) {
_init_thread(&thread, gettid(), &thread_attr, (void*) stack_bottom, false); _init_thread(&thread, gettid(), &thread_attr, (void*) stack_bottom, false);
static void* tls_area[BIONIC_TLS_SLOTS]; static void* tls_area[BIONIC_TLS_SLOTS];
__libc_auxv = get_aux_from_elfdata(elf_data);
__init_tls(tls_area, &thread); __init_tls(tls_area, &thread);
tls_area[TLS_SLOT_BIONIC_PREINIT] = elf_data; tls_area[TLS_SLOT_BIONIC_PREINIT] = elf_data;
} }
@ -113,7 +96,14 @@ void __libc_init_common(uintptr_t* elf_data) {
__progname = argv[0] ? argv[0] : "<unknown>"; __progname = argv[0] ? argv[0] : "<unknown>";
environ = envp; environ = envp;
__libc_auxv = get_aux_from_elfdata(elf_data); // The auxiliary vector is at the end of the environment block
while(*envp != NULL) {
envp++;
}
/* The end of the environment block is marked by two NULL pointers */
envp++;
__libc_auxv = (Elf32_auxv_t*) envp;
__system_properties_init(); // Requires 'environ'. __system_properties_init(); // Requires 'environ'.
} }

2
libc/bionic/libc_init_static.c
View file

@ -96,7 +96,7 @@ __noreturn void __libc_init(uintptr_t *elfdata,
int argc; int argc;
char **argv, **envp; char **argv, **envp;
__libc_init_tls(elfdata); __libc_init_tls(NULL);
/* Initialize the C runtime environment */ /* Initialize the C runtime environment */
__libc_init_common(elfdata); __libc_init_common(elfdata);

28
libc/private/bionic_ssp.h
View file

@ -29,8 +29,8 @@
#ifndef _PRIVATE_SSP_H #ifndef _PRIVATE_SSP_H
#define _PRIVATE_SSP_H #define _PRIVATE_SSP_H
#include <string.h> #include <errno.h>
#include <sys/auxv.h> #include <sys/cdefs.h>
__BEGIN_DECLS __BEGIN_DECLS
@ -48,11 +48,27 @@ extern void* __stack_chk_guard;
extern void __stack_chk_fail(); extern void __stack_chk_fail();
__inline__ static void* __attribute__((always_inline)) __generate_stack_chk_guard(void) { __inline__ static void* __attribute__((always_inline)) __generate_stack_chk_guard(void) {
union {
uintptr_t value;
char bytes[sizeof(uintptr_t)];
} u;
void* src = (void*) getauxval(AT_RANDOM); /* Try pulling random bytes from /dev/urandom. */
void* result; int fd = TEMP_FAILURE_RETRY(open("/dev/urandom", O_RDONLY));
memcpy(&result, src, sizeof(result)); if (fd != -1) {
return result; ssize_t byte_count = TEMP_FAILURE_RETRY(read(fd, &u.bytes, sizeof(u)));
close(fd);
if (byte_count == sizeof(u)) {
return (void*) u.value;
}
}
/* If that failed, switch to 'terminator canary'. */
u.bytes[0] = 0;
u.bytes[1] = 0;
u.bytes[2] = '\n';
u.bytes[3] = 255;
return (void*) u.value;
} }
__END_DECLS __END_DECLS

3
libc/private/bionic_tls.h
View file

@ -29,7 +29,6 @@
#define _SYS_TLS_H #define _SYS_TLS_H
#include <sys/cdefs.h> #include <sys/cdefs.h>
#include <stdint.h>
__BEGIN_DECLS __BEGIN_DECLS
@ -135,7 +134,7 @@ extern void* __get_tls( void );
extern void* __get_stack_base(int *p_stack_size); extern void* __get_stack_base(int *p_stack_size);
/* Initialize the TLS. */ /* Initialize the TLS. */
extern void __libc_init_tls(uintptr_t* elfdata); extern void __libc_init_tls(unsigned** elfdata);
__END_DECLS __END_DECLS

8
linker/linker.cpp
View file

@ -1785,7 +1785,7 @@ static bool soinfo_link_image(soinfo* si) {
* fixed it's own GOT. It is safe to make references to externs * fixed it's own GOT. It is safe to make references to externs
* and other non-local data at this point. * and other non-local data at this point.
*/ */
static unsigned __linker_init_post_relocation(uintptr_t* elfdata, unsigned linker_base) static unsigned __linker_init_post_relocation(unsigned **elfdata, unsigned linker_base)
{ {
static soinfo linker_soinfo; static soinfo linker_soinfo;
@ -1976,7 +1976,7 @@ static unsigned __linker_init_post_relocation(uintptr_t* elfdata, unsigned linke
* Find the value of AT_BASE passed to us by the kernel. This is the load * Find the value of AT_BASE passed to us by the kernel. This is the load
* location of the linker. * location of the linker.
*/ */
static unsigned find_linker_base(uintptr_t* elfdata) { static unsigned find_linker_base(unsigned **elfdata) {
int argc = (int) *elfdata; int argc = (int) *elfdata;
char **argv = (char**) (elfdata + 1); char **argv = (char**) (elfdata + 1);
unsigned *vecs = (unsigned*) (argv + argc + 1); unsigned *vecs = (unsigned*) (argv + argc + 1);
@ -2032,8 +2032,8 @@ get_elf_exec_load_bias(const Elf32_Ehdr* elf)
* relocations, any attempt to reference an extern variable, extern * relocations, any attempt to reference an extern variable, extern
* function, or other GOT reference will generate a segfault. * function, or other GOT reference will generate a segfault.
*/ */
extern "C" unsigned __linker_init(uintptr_t* elfdata) { extern "C" unsigned __linker_init(unsigned **elfdata) {
uintptr_t linker_addr = find_linker_base(elfdata); unsigned linker_addr = find_linker_base(elfdata);
Elf32_Ehdr *elf_hdr = (Elf32_Ehdr *) linker_addr; Elf32_Ehdr *elf_hdr = (Elf32_Ehdr *) linker_addr;
Elf32_Phdr *phdr = Elf32_Phdr *phdr =
(Elf32_Phdr *)((unsigned char *) linker_addr + elf_hdr->e_phoff); (Elf32_Phdr *)((unsigned char *) linker_addr + elf_hdr->e_phoff);

16
tests/stack_protector_test.cpp
View file

@ -56,7 +56,13 @@ struct stack_protector_checker {
// Duplicate tid. gettid(2) bug? Seeing this would be very upsetting. // Duplicate tid. gettid(2) bug? Seeing this would be very upsetting.
ASSERT_TRUE(tids.find(tid) == tids.end()); ASSERT_TRUE(tids.find(tid) == tids.end());
#ifdef __GLIBC__
// glibc uses the same guard for every thread. bionic uses a different guard for each one.
#else
// Duplicate guard. Our bug. Note this is potentially flaky; we _could_ get the
// same guard for two threads, but it should be vanishingly unlikely.
ASSERT_TRUE(guards.find(guard) == guards.end());
#endif
// Uninitialized guard. Our bug. Note this is potentially flaky; we _could_ get // Uninitialized guard. Our bug. Note this is potentially flaky; we _could_ get
// four random zero bytes, but it should be vanishingly unlikely. // four random zero bytes, but it should be vanishingly unlikely.
ASSERT_NE(guard, 0U); ASSERT_NE(guard, 0U);
@ -72,7 +78,7 @@ static void* ThreadGuardHelper(void* arg) {
return NULL; return NULL;
} }
TEST(stack_protector, same_guard_per_thread) { TEST(stack_protector, guard_per_thread) {
stack_protector_checker checker; stack_protector_checker checker;
size_t thread_count = 10; size_t thread_count = 10;
for (size_t i = 0; i < thread_count; ++i) { for (size_t i = 0; i < thread_count; ++i) {
@ -84,8 +90,12 @@ TEST(stack_protector, same_guard_per_thread) {
} }
ASSERT_EQ(thread_count, checker.tids.size()); ASSERT_EQ(thread_count, checker.tids.size());
// bionic x86 and glibc uses the same guard for every thread. // glibc uses the same guard for every thread. bionic uses a different guard for each one.
#ifdef __BIONIC__
ASSERT_EQ(thread_count, checker.guards.size());
#else
ASSERT_EQ(1U, checker.guards.size()); ASSERT_EQ(1U, checker.guards.size());
#endif
} }
#endif #endif