aboutsummaryrefslogtreecommitdiff
path: root/nptl
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2005-06-26 18:14:26 +0000
committerUlrich Drepper <drepper@redhat.com>2005-06-26 18:14:26 +0000
commit35f1e82763326f196fd068e92343643d8ed54ee3 (patch)
tree74c6d155ca2e7c32503231b8ce186a0752bc924b /nptl
parent2f37117b013f77df863b198c3408555c49596174 (diff)
downloadglibc-35f1e82763326f196fd068e92343643d8ed54ee3.tar
glibc-35f1e82763326f196fd068e92343643d8ed54ee3.tar.gz
glibc-35f1e82763326f196fd068e92343643d8ed54ee3.tar.bz2
glibc-35f1e82763326f196fd068e92343643d8ed54ee3.zip
* Versions.def (ld): Add GLIBC_2.4.
* configure.in: Add --enable-stackguard-randomization option. (ENABLE_STACKGUARD_RANDOMIZE): New define. * config.h.in (ENABLE_STACKGUARD_RANDOMIZE): Add. * sysdeps/unix/sysv/linux/dl-osinfo.h: Include stdint.h. (_dl_setup_stack_chk_guard): New inline function. * sysdeps/generic/dl-osinfo.h: Include stdint.h. (_dl_setup_stack_chk_guard): New inline function. * elf/rtld.c (__stack_chk_guard): New variable. (dl_main): Remove all traces of TLS_INIT_TP_EXPENSIVE. Set __stack_chk_guard to _dl_setup_stack_chk_guard (), use THREAD_SET_STACK_GUARD if defined. * elf/Versions (ld): Export __stack_chk_guard@@GLIBC_2.4. * sysdeps/generic/libc-start.c (__stack_chk_guard): New variable. (__libc_start_main): Set __stack_chk_guard to _dl_setup_stack_chk_guard (), use THREAD_SET_STACK_GUARD if defined. * sysdeps/generic/libc-tls.c (__libc_setup_tls): Remove all traces of TLS_INIT_TP_EXPENSIVE. * debug/Versions (libc): Export __stack_chk_fail@@GLIBC_2.4. * debug/Makefile (routines): Add stack_chk_fail. (static-only-routines): Add stack_chk_fail_local. * debug/stack_chk_fail_local.c: New file. * debug/stack_chk_fail.c: New file. * elf/Makefile: Add rules to build and run tst-stackguard1{,-static} tests. * elf/tst-stackguard1.c: New file. * elf/tst-stackguard1-static.c: New file. * elf/stackguard-macros.h: New file.
Diffstat (limited to 'nptl')
-rw-r--r--nptl/Makefile9
-rw-r--r--nptl/pthread_create.c5
-rw-r--r--nptl/sysdeps/i386/tls.h9
-rw-r--r--nptl/sysdeps/powerpc/tls.h22
-rw-r--r--nptl/sysdeps/s390/tls.h10
-rw-r--r--nptl/sysdeps/sparc/tls.h9
-rw-r--r--nptl/sysdeps/x86_64/tls.h9
-rw-r--r--nptl/tst-stackguard1-static.c1
-rw-r--r--nptl/tst-stackguard1.c226
9 files changed, 290 insertions, 10 deletions
diff --git a/nptl/Makefile b/nptl/Makefile
index 4c3cf941d1..71361c4ba9 100644
--- a/nptl/Makefile
+++ b/nptl/Makefile
@@ -269,7 +269,8 @@ tests += tst-cancelx2 tst-cancelx3 tst-cancelx4 tst-cancelx5 \
tst-oncex3 tst-oncex4
endif
ifeq ($(build-shared),yes)
-tests += tst-atfork2 tst-tls3 tst-tls4 tst-tls5 tst-_res1 tst-fini1
+tests += tst-atfork2 tst-tls3 tst-tls4 tst-tls5 tst-_res1 tst-fini1 \
+ tst-stackguard1
tests-nolibpthread += tst-fini1
ifeq ($(have-z-execstack),yes)
tests += tst-execstack
@@ -337,7 +338,8 @@ link-libc-static := $(common-objpfx)libc.a $(static-gnulib) \
$(common-objpfx)libc.a
ifeq ($(build-static),yes)
-tests-static += tst-locale1 tst-locale2
+tests-static += tst-locale1 tst-locale2 tst-stackguard1-static
+tests += tst-stackguard1-static
xtests-static += tst-setuid1-static
endif
# These tests are linked with libc before libpthread
@@ -586,6 +588,9 @@ LDFLAGS-tst-execstack = -Wl,-z,noexecstack
$(objpfx)tst-fini1mod.so: $(shared-thread-library)
+tst-stackguard1-ARGS = --command "$(built-program-cmd) --child"
+tst-stackguard1-static-ARGS = --command "$(objpfx)tst-stackguard1-static --child"
+
# The tests here better do not run in parallel
ifneq ($(filter %tests,$(MAKECMDGOALS)),)
.NOTPARALLEL:
diff --git a/nptl/pthread_create.c b/nptl/pthread_create.c
index 18f1c034c7..122778bddf 100644
--- a/nptl/pthread_create.c
+++ b/nptl/pthread_create.c
@@ -399,6 +399,11 @@ __pthread_create_2_1 (newthread, attr, start_routine, arg)
pd->schedpolicy = self->schedpolicy;
pd->schedparam = self->schedparam;
+ /* Copy the stack guard canary. */
+#ifdef THREAD_COPY_STACK_GUARD
+ THREAD_COPY_STACK_GUARD (pd);
+#endif
+
/* Determine scheduling parameters for the thread. */
if (attr != NULL
&& __builtin_expect ((iattr->flags & ATTR_FLAG_NOTINHERITSCHED) != 0, 0)
diff --git a/nptl/sysdeps/i386/tls.h b/nptl/sysdeps/i386/tls.h
index c0331140f4..65566ff7a7 100644
--- a/nptl/sysdeps/i386/tls.h
+++ b/nptl/sysdeps/i386/tls.h
@@ -49,6 +49,7 @@ typedef struct
void *self; /* Pointer to the thread descriptor. */
int multiple_threads;
uintptr_t sysinfo;
+ uintptr_t stack_guard;
} tcbhead_t;
# define TLS_MULTIPLE_THREADS_IN_TCB 1
@@ -416,6 +417,14 @@ union user_desc_init
__res; })
+/* Set the stack guard field in TCB head. */
+#define THREAD_SET_STACK_GUARD(value) \
+ THREAD_SETMEM (THREAD_SELF, header.stack_guard, value)
+#define THREAD_COPY_STACK_GUARD(descr) \
+ ((descr)->header.stack_guard \
+ = THREAD_GETMEM (THREAD_SELF, header.stack_guard))
+
+
#endif /* __ASSEMBLER__ */
#endif /* tls.h */
diff --git a/nptl/sysdeps/powerpc/tls.h b/nptl/sysdeps/powerpc/tls.h
index a7f69074e9..b2322b09bd 100644
--- a/nptl/sysdeps/powerpc/tls.h
+++ b/nptl/sysdeps/powerpc/tls.h
@@ -65,11 +65,11 @@ typedef union dtv
/* Get the thread descriptor definition. */
# include <nptl/descr.h>
-/* This layout is actually wholly private and not affected by the ABI.
- Nor does it overlap the pthread data structure, so we need nothing
- extra here at all. */
+/* The stack_guard is accessed directly by GCC -fstack-protector code,
+ so it is a part of public ABI. The dtv field is private. */
typedef struct
{
+ uintptr_t stack_guard;
dtv_t *dtv;
} tcbhead_t;
@@ -127,7 +127,7 @@ register void *__thread_register __asm__ ("r13");
/* Return the address of the dtv for the current thread. */
# define THREAD_DTV() \
- (((tcbhead_t *) (__thread_register - TLS_TCB_OFFSET))[-1].dtv)
+ (((tcbhead_t *) (__thread_register - TLS_TCB_OFFSET))[-1].dtv)
/* Return the thread descriptor for the current thread. */
# define THREAD_SELF \
@@ -136,9 +136,9 @@ register void *__thread_register __asm__ ("r13");
/* Magic for libthread_db to know how to do THREAD_SELF. */
# define DB_THREAD_SELF \
- REGISTER (32, 32, PT_THREAD_POINTER * 4, \
+ REGISTER (32, 32, PT_THREAD_POINTER * 4, \
- TLS_TCB_OFFSET - TLS_PRE_TCB_SIZE) \
- REGISTER (64, 64, PT_THREAD_POINTER * 8, \
+ REGISTER (64, 64, PT_THREAD_POINTER * 8, \
- TLS_TCB_OFFSET - TLS_PRE_TCB_SIZE)
/* Read member of the thread descriptor directly. */
@@ -156,6 +156,16 @@ register void *__thread_register __asm__ ("r13");
# define THREAD_SETMEM_NC(descr, member, idx, value) \
((void)(descr), (THREAD_SELF)->member[idx] = (value))
+/* Set the stack guard field in TCB head. */
+# define THREAD_SET_STACK_GUARD(value) \
+ (((tcbhead_t *) ((char *) __thread_register \
+ - TLS_TCB_OFFSET))[-1].stack_guard = (value))
+# define THREAD_COPY_STACK_GUARD(descr) \
+ (((tcbhead_t *) ((char *) (descr) \
+ + TLS_PRE_TCB_SIZE))[-1].stack_guard \
+ = ((tcbhead_t *) ((char *) __thread_register \
+ - TLS_TCB_OFFSET))[-1].stack_guard)
+
/* l_tls_offset == 0 is perfectly valid on PPC, so we have to use some
different value to mean unset l_tls_offset. */
# define NO_TLS_OFFSET -1
diff --git a/nptl/sysdeps/s390/tls.h b/nptl/sysdeps/s390/tls.h
index 060dde39df..f90b35b1e5 100644
--- a/nptl/sysdeps/s390/tls.h
+++ b/nptl/sysdeps/s390/tls.h
@@ -48,9 +48,8 @@ typedef struct
dtv_t *dtv;
void *self; /* Pointer to the thread descriptor. */
int multiple_threads;
-# ifdef NEED_DL_SYSINFO
uintptr_t sysinfo;
-# endif
+ uintptr_t stack_guard;
} tcbhead_t;
# ifndef __s390x__
@@ -158,6 +157,13 @@ typedef struct
#define THREAD_SETMEM_NC(descr, member, idx, value) \
descr->member[idx] = (value)
+/* Set the stack guard field in TCB head. */
+#define THREAD_SET_STACK_GUARD(value) \
+ THREAD_SETMEM (THREAD_SELF, header.stack_guard, value)
+#define THREAD_COPY_STACK_GUARD(descr) \
+ ((descr)->header.stack_guard \
+ = THREAD_GETMEM (THREAD_SELF, header.stack_guard))
+
#endif /* __ASSEMBLER__ */
#endif /* tls.h */
diff --git a/nptl/sysdeps/sparc/tls.h b/nptl/sysdeps/sparc/tls.h
index 54b54859d9..ddc4848554 100644
--- a/nptl/sysdeps/sparc/tls.h
+++ b/nptl/sysdeps/sparc/tls.h
@@ -46,6 +46,8 @@ typedef struct
dtv_t *dtv;
void *self;
int multiple_threads;
+ uintptr_t sysinfo;
+ uintptr_t stack_guard;
} tcbhead_t;
#else /* __ASSEMBLER__ */
@@ -126,6 +128,13 @@ register struct pthread *__thread_self __asm__("%g7");
#define THREAD_SETMEM_NC(descr, member, idx, value) \
descr->member[idx] = (value)
+/* Set the stack guard field in TCB head. */
+#define THREAD_SET_STACK_GUARD(value) \
+ THREAD_SETMEM (THREAD_SELF, header.stack_guard, value)
+# define THREAD_COPY_STACK_GUARD(descr) \
+ ((descr)->header.stack_guard \
+ = THREAD_GETMEM (THREAD_SELF, header.stack_guard))
+
#endif /* !ASSEMBLER */
#endif /* tls.h */
diff --git a/nptl/sysdeps/x86_64/tls.h b/nptl/sysdeps/x86_64/tls.h
index 3fc9b384aa..516827b8e1 100644
--- a/nptl/sysdeps/x86_64/tls.h
+++ b/nptl/sysdeps/x86_64/tls.h
@@ -47,6 +47,8 @@ typedef struct
dtv_t *dtv;
void *self; /* Pointer to the thread descriptor. */
int multiple_threads;
+ uintptr_t sysinfo;
+ uintptr_t stack_guard;
} tcbhead_t;
#else /* __ASSEMBLER__ */
@@ -320,6 +322,13 @@ typedef struct
__res; })
+/* Set the stack guard field in TCB head. */
+# define THREAD_SET_STACK_GUARD(value) \
+ THREAD_SETMEM (THREAD_SELF, header.stack_guard, value)
+# define THREAD_COPY_STACK_GUARD(descr) \
+ ((descr)->header.stack_guard \
+ = THREAD_GETMEM (THREAD_SELF, header.stack_guard))
+
#endif /* __ASSEMBLER__ */
#endif /* tls.h */
diff --git a/nptl/tst-stackguard1-static.c b/nptl/tst-stackguard1-static.c
new file mode 100644
index 0000000000..db1e21554d
--- /dev/null
+++ b/nptl/tst-stackguard1-static.c
@@ -0,0 +1 @@
+#include "tst-stackguard1.c"
diff --git a/nptl/tst-stackguard1.c b/nptl/tst-stackguard1.c
new file mode 100644
index 0000000000..15c30aeb6b
--- /dev/null
+++ b/nptl/tst-stackguard1.c
@@ -0,0 +1,226 @@
+/* Copyright (C) 2005 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+ Contributed by Jakub Jelinek <jakub@redhat.com>, 2005.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+#include <errno.h>
+#include <pthread.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/wait.h>
+#include <elf/stackguard-macros.h>
+#include <unistd.h>
+
+static const char *command;
+static bool child;
+static uintptr_t stack_chk_guard_copy;
+static bool stack_chk_guard_copy_set;
+static int fds[2];
+
+static void __attribute__ ((constructor))
+con (void)
+{
+ stack_chk_guard_copy = STACK_CHK_GUARD;
+ stack_chk_guard_copy_set = true;
+}
+
+static int
+uintptr_t_cmp (const void *a, const void *b)
+{
+ if (*(uintptr_t *) a < *(uintptr_t *) b)
+ return 1;
+ if (*(uintptr_t *) a > *(uintptr_t *) b)
+ return -1;
+ return 0;
+}
+
+static void *
+tf (void *arg)
+{
+ if (stack_chk_guard_copy != STACK_CHK_GUARD)
+ {
+ puts ("STACK_CHK_GUARD changed in thread");
+ return (void *) 1L;
+ }
+ return NULL;
+}
+
+static int
+do_test (void)
+{
+ if (!stack_chk_guard_copy_set)
+ {
+ puts ("constructor has not been run");
+ return 1;
+ }
+
+ if (stack_chk_guard_copy != STACK_CHK_GUARD)
+ {
+ puts ("STACK_CHK_GUARD changed between constructor and do_test");
+ return 1;
+ }
+
+ if (child)
+ {
+ int i;
+ pthread_t th[4];
+ void *ret;
+ for (i = 0; i < 4; ++i)
+ if (pthread_create (&th[i], NULL, tf, NULL))
+ {
+ puts ("thread creation failed");
+ return 1;
+ }
+ for (i = 0; i < 4; ++i)
+ if (pthread_join (th[i], &ret))
+ {
+ puts ("thread join failed");
+ return 1;
+ }
+ else if (ret != NULL)
+ return 1;
+
+ write (2, &stack_chk_guard_copy, sizeof (stack_chk_guard_copy));
+ return 0;
+ }
+
+ if (command == NULL)
+ {
+ puts ("missing --command or --child argument");
+ return 1;
+ }
+
+#define N 16
+ uintptr_t child_stack_chk_guards[N + 1];
+ child_stack_chk_guards[N] = stack_chk_guard_copy;
+ int i;
+ for (i = 0; i < N; ++i)
+ {
+ if (pipe (fds) < 0)
+ {
+ printf ("couldn't create pipe: %m\n");
+ return 1;
+ }
+
+ pid_t pid = fork ();
+ if (pid < 0)
+ {
+ printf ("fork failed: %m\n");
+ return 1;
+ }
+
+ if (!pid)
+ {
+ if (stack_chk_guard_copy != STACK_CHK_GUARD)
+ {
+ puts ("STACK_CHK_GUARD changed after fork");
+ exit (1);
+ }
+
+ close (fds[0]);
+ close (2);
+ dup2 (fds[1], 2);
+ close (fds[1]);
+
+ system (command);
+ exit (0);
+ }
+
+ close (fds[1]);
+
+ if (TEMP_FAILURE_RETRY (read (fds[0], &child_stack_chk_guards[i],
+ sizeof (uintptr_t))) != sizeof (uintptr_t))
+ {
+ puts ("could not read stack_chk_guard value from child");
+ return 1;
+ }
+
+ close (fds[0]);
+
+ pid_t termpid;
+ int status;
+ termpid = TEMP_FAILURE_RETRY (waitpid (pid, &status, 0));
+ if (termpid == -1)
+ {
+ printf ("waitpid failed: %m\n");
+ return 1;
+ }
+ else if (termpid != pid)
+ {
+ printf ("waitpid returned %ld != %ld\n",
+ (long int) termpid, (long int) pid);
+ return 1;
+ }
+ else if (!WIFEXITED (status) || WEXITSTATUS (status))
+ {
+ puts ("child hasn't exited with exit status 0");
+ return 1;
+ }
+ }
+
+ qsort (child_stack_chk_guards, N + 1, sizeof (uintptr_t), uintptr_t_cmp);
+
+ uintptr_t default_guard = 0;
+ unsigned char *p = (unsigned char *) &default_guard;
+ p[sizeof (uintptr_t) - 1] = 255;
+ p[sizeof (uintptr_t) - 2] = '\n';
+ p[0] = 0;
+
+ /* Test if the stack guard canaries are either randomized,
+ or equal to the default stack guard canary value.
+ Even with randomized stack guards it might happen
+ that the random number generator generates the same
+ values, but if that happens in more than half from
+ the 16 runs, something is very wrong. */
+ int ndifferences = 0;
+ int ndefaults = 0;
+ for (i = 0; i < N; ++i)
+ {
+ if (child_stack_chk_guards[i] != child_stack_chk_guards[i+1])
+ ndifferences++;
+ else if (child_stack_chk_guards[i] == default_guard)
+ ndefaults++;
+ }
+
+ printf ("differences %d defaults %d\n", ndifferences, ndefaults);
+
+ if (ndifferences < N / 2 && ndefaults < N / 2)
+ {
+ puts ("stack guard canaries are not randomized enough");
+ puts ("nor equal to the default canary value");
+ return 1;
+ }
+
+ return 0;
+}
+
+#define OPT_COMMAND 10000
+#define OPT_CHILD 10001
+#define CMDLINE_OPTIONS \
+ { "command", required_argument, NULL, OPT_COMMAND }, \
+ { "child", no_argument, NULL, OPT_CHILD },
+#define CMDLINE_PROCESS \
+ case OPT_COMMAND: \
+ command = optarg; \
+ break; \
+ case OPT_CHILD: \
+ child = true; \
+ break;
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"