summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter S. Mazinger <ps.m@gmx.net>2005-10-01 15:48:22 +0000
committerPeter S. Mazinger <ps.m@gmx.net>2005-10-01 15:48:22 +0000
commit812cc95678da2eac1a405996a94ffc8bc239d9b9 (patch)
treedf5bd00edd3f816be4eaa1fca8ee563e91ce9b95
parent1db3d05e27623403bdd451488c2290ec255b4c4c (diff)
Add gcc-4.1 non-TLS __stack_chk_guard support. Run the guard setup only once.
-rw-r--r--libc/misc/internals/__uClibc_main.c40
-rw-r--r--libc/sysdeps/linux/common/Makefile16
-rw-r--r--libc/sysdeps/linux/common/ssp-local.c35
-rw-r--r--libc/sysdeps/linux/common/ssp.c33
4 files changed, 103 insertions, 21 deletions
diff --git a/libc/misc/internals/__uClibc_main.c b/libc/misc/internals/__uClibc_main.c
index c88649def..b3876ae15 100644
--- a/libc/misc/internals/__uClibc_main.c
+++ b/libc/misc/internals/__uClibc_main.c
@@ -27,8 +27,12 @@
#include <sys/sysmacros.h>
#ifdef __UCLIBC_HAS_SSP__
#include <ssp-internal.h>
+#include <stdint.h>
-unsigned long __guard = 0UL;
+/* for gcc-3.x + Etoh ssp */
+uintptr_t __guard /* segfaults with attribute_relro */;
+/* for gcc-4.1 non-TLS */
+uintptr_t __stack_chk_guard /* attribute_relro */;
#endif
/*
@@ -107,11 +111,9 @@ static int __check_suid(void)
}
#ifdef __UCLIBC_HAS_SSP__
-static __always_inline void __guard_setup(void)
+static __always_inline uintptr_t _dl_guard_setup(void)
{
- if (__guard != 0UL)
- return;
-
+ uintptr_t ret;
#ifndef __SSP_QUICK_CANARY__
size_t size;
@@ -124,10 +126,9 @@ static __always_inline void __guard_setup(void)
mib[1] = KERN_RANDOM;
mib[2] = RANDOM_ERANDOM;
- size = sizeof(unsigned long);
- if (SYSCTL(mib, 3, &__guard, &size, NULL, 0) != (-1))
- if (__guard != 0UL)
- return;
+ if (SYSCTL(mib, 3, &ret, &size, NULL, 0) != (-1))
+ if (size == (size_t) sizeof(ret))
+ return ret;
}
# endif /* ifdef __SSP_USE_ERANDOM__ */
{
@@ -141,25 +142,26 @@ static __always_inline void __guard_setup(void)
if ((fd = OPEN("/dev/erandom", O_RDONLY)) == (-1))
# endif
fd = OPEN("/dev/urandom", O_RDONLY);
- if (fd != (-1)) {
- size = READ(fd, (char *) &__guard, sizeof(__guard));
+ if (fd >= 0) {
+ size = READ(fd, &ret, sizeof(ret));
CLOSE(fd);
- if (size == sizeof(__guard))
- return;
+ if (size == (size_t) sizeof(ret))
+ return ret;
}
}
#endif /* ifndef __SSP_QUICK_CANARY__ */
/* Start with the "terminator canary". */
- __guard = 0xFF0A0D00UL;
+ ret = 0xFF0A0D00UL;
/* Everything failed? Or we are using a weakened model of the
* terminator canary */
{
struct timeval tv;
- GETTIMEOFDAY(&tv, NULL);
- __guard ^= tv.tv_usec ^ tv.tv_sec;
+ if (GETTIMEOFDAY(&tv, NULL) != (-1))
+ ret ^= tv.tv_usec ^ tv.tv_sec;
}
+ return ret;
}
#endif /* __UCLIBC_HAS_SSP__ */
@@ -198,7 +200,11 @@ void __uClibc_init(void)
#endif
#ifdef __UCLIBC_HAS_SSP__
- __guard_setup ();
+ uintptr_t stack_chk_guard = _dl_guard_setup();
+ /* for gcc-3.x + Etoh ssp */
+ __guard = stack_chk_guard;
+ /* for gcc-4.1 non-TLS */
+ __stack_chk_guard = stack_chk_guard;
#endif
#ifdef __UCLIBC_HAS_LOCALE__
diff --git a/libc/sysdeps/linux/common/Makefile b/libc/sysdeps/linux/common/Makefile
index 84b29ac53..87791724a 100644
--- a/libc/sysdeps/linux/common/Makefile
+++ b/libc/sysdeps/linux/common/Makefile
@@ -25,21 +25,31 @@ ifeq ($(strip $(EXCLUDE_BRK)),y)
SRCS := $(filter-out sbrk.c,$(SRCS))
endif
+SRCS := $(filter-out ssp-local.c,$(SRCS))
ifneq ($(strip $(UCLIBC_HAS_SSP)),y)
SRCS := $(filter-out ssp.c,$(SRCS))
+NONSHARED_OBJ_LIST=
+else
+NONSHARED_OBJ_LIST=../../../nonshared_obj.sysdeps.common
endif
ssp.o: CFLAGS += $(SSP_DISABLE_FLAGS)
+ssp-local.o: CFLAGS += $(SSP_DISABLE_FLAGS)
OBJS = $(patsubst %.c,%.o, $(SRCS))
+NONSHARED_OBJS = ssp-local.o
+
OBJ_LIST=../../../obj.sysdeps.common
-all: $(OBJ_LIST)
+all: $(OBJ_LIST) $(NONSHARED_OBJ_LIST)
$(OBJ_LIST): $(OBJS)
echo $(patsubst %, sysdeps/linux/common/%, $(OBJS)) > $(OBJ_LIST)
-$(OBJS): %.o : %.c
+$(NONSHARED_OBJ_LIST): $(NONSHARED_OBJS)
+ echo $(patsubst %, sysdeps/linux/common/%, $(NONSHARED_OBJS)) > $(NONSHARED_OBJ_LIST)
+
+$(OBJS) $(NONSHARED_OBJS): %.o : %.c
$(CC) $(CFLAGS) -c $< -o $@
$(STRIPTOOL) -x -R .note -R .comment $*.o
@@ -47,4 +57,4 @@ headers:
$(LN) -fs ../libc/sysdeps/linux/common/fpu_control.h $(TOPDIR)/include/
clean:
- $(RM) *.[oa] *~ core
+ $(RM) *.o *~ core
diff --git a/libc/sysdeps/linux/common/ssp-local.c b/libc/sysdeps/linux/common/ssp-local.c
new file mode 100644
index 000000000..a835ced0e
--- /dev/null
+++ b/libc/sysdeps/linux/common/ssp-local.c
@@ -0,0 +1,35 @@
+/* Copyright (C) 2005 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+/*
+ * Peter S. Mazinger ps.m[@]gmx.net
+ * copied stack_chk_fail_local.c from glibc and adapted for uClibc
+ */
+
+#include <features.h>
+
+extern void __stack_chk_fail (void) __attribute__ ((noreturn));
+
+/* On some architectures, this helps needless PIC pointer setup
+ that would be needed just for the __stack_chk_fail call. */
+
+void __attribute__ ((noreturn)) attribute_hidden
+__stack_chk_fail_local (void)
+{
+ __stack_chk_fail ();
+}
diff --git a/libc/sysdeps/linux/common/ssp.c b/libc/sysdeps/linux/common/ssp.c
index 899910c96..7791a0104 100644
--- a/libc/sysdeps/linux/common/ssp.c
+++ b/libc/sysdeps/linux/common/ssp.c
@@ -61,12 +61,43 @@ void __attribute__ ((noreturn)) __stack_smash_handler(char func[], int damaged _
void __attribute__ ((noreturn)) __stack_smash_handler(char func[], int damaged)
{
extern char *__progname;
- const char message[] = ": stack smashing attack in function ";
+ static const char message[] = ": stack smashing attack in function ";
block_signals();
ssp_write(STDERR_FILENO, __progname, message, func);
+ /* The loop is added only to keep gcc happy. */
+ while(1)
+ terminate();
+}
+
+void __attribute__ ((noreturn)) __stack_chk_fail(void)
+{
+ extern char *__progname;
+ static const char msg1[] = "stack smashing detected: ";
+ static const char msg3[] = " terminated";
+
+ block_signals();
+
+ ssp_write(STDERR_FILENO, msg1, __progname, msg3);
+
+ /* The loop is added only to keep gcc happy. */
+ while(1)
+ terminate();
+}
+
+void __attribute__ ((noreturn)) __chk_fail(void)
+{
+ extern char *__progname;
+ static const char msg1[] = "buffer overflow detected: ";
+ static const char msg3[] = " terminated";
+
+ block_signals();
+
+ ssp_write(STDERR_FILENO, msg1, __progname, msg3);
+
+ /* The loop is added only to keep gcc happy. */
while(1)
terminate();
}