WIP finer-grained, more aggressive local PLT call checkzack/wip-check-localplt-2

10 files changed, 86 insertions, 39 deletions

diff --git a/crypt/crypt-entry.c b/crypt/crypt-entry.c
index 58691fb384..36ec54ca09 100644
--- a/crypt/crypt-entry.c
+++ b/crypt/crypt-entry.c
@@ -43,14 +43,20 @@ void _ufc_clearmem (char *start, int cnt);
 #define _ufc_clearmem(start, cnt)   memset(start, 0, cnt)
 #endif
 extern char *__md5_crypt_r (const char *key, const char *salt, char *buffer,
-			    int buflen);
-extern char *__md5_crypt (const char *key, const char *salt);
+			    int buflen)
+  attribute_hidden;
+extern char *__md5_crypt (const char *key, const char *salt)
+  attribute_hidden;
 extern char *__sha256_crypt_r (const char *key, const char *salt,
-			       char *buffer, int buflen);
-extern char *__sha256_crypt (const char *key, const char *salt);
+			       char *buffer, int buflen)
+  attribute_hidden;
+extern char *__sha256_crypt (const char *key, const char *salt)
+  attribute_hidden;
 extern char *__sha512_crypt_r (const char *key, const char *salt,
-			       char *buffer, int buflen);
-extern char *__sha512_crypt (const char *key, const char *salt);
+			       char *buffer, int buflen)
+  attribute_hidden;
+extern char *__sha512_crypt (const char *key, const char *salt)
+  attribute_hidden;
 
 /* Define our magic string to mark salt for MD5 encryption
    replacement.  This is meant to be the same as for other MD5 based
diff --git a/crypt/crypt-private.h b/crypt/crypt-private.h
index 6a54002f03..ea44afa9b4 100644
--- a/crypt/crypt-private.h
+++ b/crypt/crypt-private.h
@@ -42,35 +42,46 @@
 
 /* crypt.c */
 extern void _ufc_doit_r (ufc_long itr, struct crypt_data * __restrict __data,
-			 ufc_long *res);
+			 ufc_long *res)
+  attribute_hidden;
 
 
 /* crypt_util.c */
-extern void __init_des_r (struct crypt_data * __restrict __data);
-extern void __init_des (void);
+extern void __init_des_r (struct crypt_data * __restrict __data)
+  attribute_hidden;
+extern void __init_des (void)
+  attribute_hidden;
 
 extern bool _ufc_setup_salt_r (const char *s,
-			       struct crypt_data * __restrict __data);
+			       struct crypt_data * __restrict __data)
+  attribute_hidden;
 extern void _ufc_mk_keytab_r (const char *key,
-			      struct crypt_data * __restrict __data);
+			      struct crypt_data * __restrict __data)
+  attribute_hidden;
 extern void _ufc_dofinalperm_r (ufc_long *res,
-				struct crypt_data * __restrict __data);
+				struct crypt_data * __restrict __data)
+  attribute_hidden;
 extern void _ufc_output_conversion_r (ufc_long v1, ufc_long v2,
 				      const char *salt,
-				      struct crypt_data * __restrict __data);
+				      struct crypt_data * __restrict __data)
+  attribute_hidden;
 
 extern void __setkey_r (const char *__key,
-			     struct crypt_data * __restrict __data);
+			     struct crypt_data * __restrict __data)
+  attribute_hidden;
 extern void __encrypt_r (char * __restrict __block, int __edflag,
-			      struct crypt_data * __restrict __data);
+			      struct crypt_data * __restrict __data)
+  attribute_hidden;
 
 /* crypt-entry.c */
 extern char *__crypt_r (const char *__key, const char *__salt,
-			     struct crypt_data * __restrict __data);
+			     struct crypt_data * __restrict __data)
+  attribute_hidden;
 extern char *fcrypt (const char *key, const char *salt);
 
 extern void __b64_from_24bit (char **cp, int *buflen,
 			      unsigned int b2, unsigned int b1, unsigned int b0,
-			      int n);
+			      int n)
+  attribute_hidden;
 
 #endif  /* crypt-private.h */
diff --git a/crypt/md5-crypt.c b/crypt/md5-crypt.c
index 3cf02ff74c..bf532b167e 100644
--- a/crypt/md5-crypt.c
+++ b/crypt/md5-crypt.c
@@ -82,8 +82,10 @@ static const char md5_salt_prefix[] = "$1$";
 
 /* Prototypes for local functions.  */
 extern char *__md5_crypt_r (const char *key, const char *salt,
-			    char *buffer, int buflen);
-extern char *__md5_crypt (const char *key, const char *salt);
+			    char *buffer, int buflen)
+  attribute_hidden;
+extern char *__md5_crypt (const char *key, const char *salt)
+  attribute_hidden;
 
 
 /* This entry point is equivalent to the `crypt' function in Unix
diff --git a/crypt/md5.h b/crypt/md5.h
index 57959bef03..fe395b9fad 100644
--- a/crypt/md5.h
+++ b/crypt/md5.h
@@ -72,6 +72,10 @@ typedef uintptr_t md5_uintptr;
 typedef unsigned long int md5_uintptr;
 #endif
 
+#ifdef _ISOMAC
+#define attribute_hidden /* nothing */
+#endif
+
 /* Structure to save state of computation between the single steps.  */
 struct md5_ctx
 {
@@ -96,21 +100,24 @@ struct md5_ctx
 
 /* Initialize structure containing state of computation.
    (RFC 1321, 3.3: Step 3)  */
-extern void __md5_init_ctx (struct md5_ctx *ctx) __THROW;
+extern void __md5_init_ctx (struct md5_ctx *ctx)
+  __THROW attribute_hidden;
 
 /* Starting with the result of former calls of this function (or the
    initialization function update the context for the next LEN bytes
    starting at BUFFER.
    It is necessary that LEN is a multiple of 64!!! */
 extern void __md5_process_block (const void *buffer, size_t len,
-				 struct md5_ctx *ctx) __THROW;
+				 struct md5_ctx *ctx)
+  __THROW attribute_hidden;
 
 /* Starting with the result of former calls of this function (or the
    initialization function update the context for the next LEN bytes
    starting at BUFFER.
    It is NOT required that LEN is a multiple of 64.  */
 extern void __md5_process_bytes (const void *buffer, size_t len,
-				 struct md5_ctx *ctx) __THROW;
+				 struct md5_ctx *ctx)
+  __THROW attribute_hidden;
 
 /* Process the remaining bytes in the buffer and put result from CTX
    in first 16 bytes following RESBUF.  The result is always in little
@@ -119,7 +126,8 @@ extern void __md5_process_bytes (const void *buffer, size_t len,
 
    IMPORTANT: On some systems it is required that RESBUF is correctly
    aligned for a 32 bits value.  */
-extern void *__md5_finish_ctx (struct md5_ctx *ctx, void *resbuf) __THROW;
+extern void *__md5_finish_ctx (struct md5_ctx *ctx, void *resbuf)
+  __THROW attribute_hidden;
 
 
 /* Put result from CTX in first 16 bytes following RESBUF.  The result is
@@ -128,19 +136,21 @@ extern void *__md5_finish_ctx (struct md5_ctx *ctx, void *resbuf) __THROW;
 
    IMPORTANT: On some systems it is required that RESBUF is correctly
    aligned for a 32 bits value.  */
-extern void *__md5_read_ctx (const struct md5_ctx *ctx, void *resbuf) __THROW;
+extern void *__md5_read_ctx (const struct md5_ctx *ctx, void *resbuf)
+  __THROW attribute_hidden;
 
 
 /* Compute MD5 message digest for bytes read from STREAM.  The
    resulting message digest number will be written into the 16 bytes
    beginning at RESBLOCK.  */
-extern int __md5_stream (FILE *stream, void *resblock) __THROW;
+extern int __md5_stream (FILE *stream, void *resblock)
+  __THROW attribute_hidden;
 
 /* Compute MD5 message digest for LEN bytes beginning at BUFFER.  The
    result is always in little endian byte order, so that a byte-wise
    output yields to the wanted ASCII representation of the message
    digest.  */
-extern void *__md5_buffer (const char *buffer, size_t len,
-			   void *resblock) __THROW;
+extern void *__md5_buffer (const char *buffer, size_t len, void *resblock)
+  __THROW attribute_hidden;
 
 #endif /* md5.h */
diff --git a/crypt/sha256-crypt.c b/crypt/sha256-crypt.c
index d1fed1d6a6..65ee6a87e0 100644
--- a/crypt/sha256-crypt.c
+++ b/crypt/sha256-crypt.c
@@ -94,8 +94,10 @@ static const char sha256_rounds_prefix[] = "rounds=";
 
 /* Prototypes for local functions.  */
 extern char *__sha256_crypt_r (const char *key, const char *salt,
-			       char *buffer, int buflen);
-extern char *__sha256_crypt (const char *key, const char *salt);
+			       char *buffer, int buflen)
+  attribute_hidden;
+extern char *__sha256_crypt (const char *key, const char *salt)
+  attribute_hidden;
 
 
 char *
diff --git a/crypt/sha256.c b/crypt/sha256.c
index 15b04086cb..3efac712d1 100644
--- a/crypt/sha256.c
+++ b/crypt/sha256.c
@@ -81,7 +81,8 @@ static const uint32_t K[64] =
     0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
   };
 
-void __sha256_process_block (const void *, size_t, struct sha256_ctx *);
+extern void __sha256_process_block (const void *, size_t, struct sha256_ctx *)
+  attribute_hidden;
 
 /* Initialize structure containing state of computation.
    (FIPS 180-2:5.3.2)  */
diff --git a/crypt/sha256.h b/crypt/sha256.h
index bf81870b6d..b92ddb068f 100644
--- a/crypt/sha256.h
+++ b/crypt/sha256.h
@@ -47,16 +47,22 @@ struct sha256_ctx
   };
 };
 
+#ifdef _ISOMAC
+#define attribute_hidden /* nothing */
+#endif
+
 /* Initialize structure containing state of computation.
    (FIPS 180-2: 5.3.2)  */
-extern void __sha256_init_ctx (struct sha256_ctx *ctx) __THROW;
+extern void __sha256_init_ctx (struct sha256_ctx *ctx)
+  __THROW attribute_hidden;
 
 /* Starting with the result of former calls of this function (or the
    initialization function update the context for the next LEN bytes
    starting at BUFFER.
    It is NOT required that LEN is a multiple of 64.  */
 extern void __sha256_process_bytes (const void *buffer, size_t len,
-				    struct sha256_ctx *ctx) __THROW;
+				    struct sha256_ctx *ctx)
+  __THROW attribute_hidden;
 
 /* Process the remaining bytes in the buffer and put result from CTX
    in first 32 bytes following RESBUF.
@@ -64,6 +70,6 @@ extern void __sha256_process_bytes (const void *buffer, size_t len,
    IMPORTANT: On some systems it is required that RESBUF is correctly
    aligned for a 32 bits value.  */
 extern void *__sha256_finish_ctx (struct sha256_ctx *ctx, void *resbuf)
-  __THROW;
+  __THROW attribute_hidden;
 
 #endif /* sha256.h */
diff --git a/crypt/sha512-crypt.c b/crypt/sha512-crypt.c
index bd099cd0e0..f86e15b241 100644
--- a/crypt/sha512-crypt.c
+++ b/crypt/sha512-crypt.c
@@ -94,8 +94,10 @@ static const char sha512_rounds_prefix[] = "rounds=";
 
 /* Prototypes for local functions.  */
 extern char *__sha512_crypt_r (const char *key, const char *salt,
-			       char *buffer, int buflen);
-extern char *__sha512_crypt (const char *key, const char *salt);
+			       char *buffer, int buflen)
+  attribute_hidden;
+extern char *__sha512_crypt (const char *key, const char *salt)
+  attribute_hidden;
 
 
 char *
diff --git a/crypt/sha512.c b/crypt/sha512.c
index ab2c7f1fbb..a35ff1a0a0 100644
--- a/crypt/sha512.c
+++ b/crypt/sha512.c
@@ -102,7 +102,8 @@ static const uint64_t K[80] =
   };
 
 void __sha512_process_block (const void *buffer, size_t len,
-			     struct sha512_ctx *ctx);
+			     struct sha512_ctx *ctx)
+  attribute_hidden;
 
 /* Initialize structure containing state of computation.
    (FIPS 180-2:5.3.3)  */
diff --git a/crypt/sha512.h b/crypt/sha512.h
index 7b27aad2d2..4f8f9e9ea0 100644
--- a/crypt/sha512.h
+++ b/crypt/sha512.h
@@ -50,16 +50,22 @@ struct sha512_ctx
   };
 };
 
+#ifdef _ISOMAC
+#define attribute_hidden /* nothing */
+#endif
+
 /* Initialize structure containing state of computation.
    (FIPS 180-2: 5.3.3)  */
-extern void __sha512_init_ctx (struct sha512_ctx *ctx) __THROW;
+extern void __sha512_init_ctx (struct sha512_ctx *ctx)
+  __THROW attribute_hidden;
 
 /* Starting with the result of former calls of this function (or the
    initialization function update the context for the next LEN bytes
    starting at BUFFER.
    It is NOT required that LEN is a multiple of 128.  */
 extern void __sha512_process_bytes (const void *buffer, size_t len,
-				    struct sha512_ctx *ctx) __THROW;
+				    struct sha512_ctx *ctx)
+  __THROW attribute_hidden;
 
 /* Process the remaining bytes in the buffer and put result from CTX
    in first 64 bytes following RESBUF.
@@ -67,6 +73,6 @@ extern void __sha512_process_bytes (const void *buffer, size_t len,
    IMPORTANT: On some systems it is required that RESBUF is correctly
    aligned for a 64 bits value.  */
 extern void *__sha512_finish_ctx (struct sha512_ctx *ctx, void *resbuf)
-  __THROW;
+  __THROW attribute_hidden;
 
 #endif /* sha512.h */