From ab95290c787fb6e22bf03f23059b97559e1ad7d7 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Tue, 13 Jun 2000 07:33:12 +0000 Subject: Update. 2000-06-13 Ulrich Drepper * misc/sys/cdefs.h: Define __bounded and __unbounded if __BOUNDED_POINTERS__ is not defined. 2000-06-07 Greg McGary * sysdeps/generic/bp-sym.h: New file. * sysdeps/generic/bp-start.h: New file. * sysdeps/i386/elf/start.S: Designate BP symbols. * sysdeps/generic/libc-start.c: Wrap bounds around argv & envp and each of their string members. 2000-06-07 Greg McGary * sysdeps/unix/make-syscalls.sh: Add comments to output that aid debugging & comprehension. Map simple syscall signatures to number of args. Generate BP syscall thunk definitions. * sysdeps/generic/bp-thunks.h: New file. * sysdeps/unix/syscalls.list: Replace arg-count with simple return+arg signature. * sysdeps/unix/common/syscalls.list: Likewise. * sysdeps/unix/inet/syscalls.list: Likewise. * sysdeps/unix/mman/syscalls.list: Likewise. * sysdeps/unix/sysv/syscalls.list: Likewise. * sysdeps/unix/sysv/linux/syscalls.list: Likewise. * sysdeps/unix/sysv/linux/i386/syscalls.list: Likewise. 2000-06-07 Greg McGary * Makeconfig (CPPFLAGS-.ob): pass -fbounded-pointers for all files *.[cS]. (CFLAGS-.ob): Don't optimize sibling calls. (bppfx): New variable. * Makerules (elide-bp-thunks): New variable. (elide-routines.*): Elide BP-* files for all but *.ob. (sources): Include bp-thunks. * iconv/gconv_simple.c: Remove unnecessary prototype. * iconv/gconv_trans.c: Pretty print. --- sysdeps/generic/bp-start.h | 70 ++++++++++++++ sysdeps/generic/bp-sym.h | 28 ++++++ sysdeps/generic/bp-thunks.h | 225 +++++++++++++++++++++++++++++++++++++++++++ sysdeps/generic/libc-start.c | 25 +++-- 4 files changed, 341 insertions(+), 7 deletions(-) create mode 100644 sysdeps/generic/bp-start.h create mode 100644 sysdeps/generic/bp-sym.h create mode 100644 sysdeps/generic/bp-thunks.h (limited to 'sysdeps/generic') diff --git a/sysdeps/generic/bp-start.h b/sysdeps/generic/bp-start.h new file mode 100644 index 0000000000..3c440fdaba --- /dev/null +++ b/sysdeps/generic/bp-start.h @@ -0,0 +1,70 @@ +/* Copyright (C) 2000 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the GNU C Library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. */ + + +#if __BOUNDED_POINTERS__ + + /* The command-line arg vector and environment vector come to us from + the OS as an unbounded pointer to an array of unbounded strings. + The user's main expects argv and __environ to be bounded pointers + to arrays of bounded strings. */ +# define INIT_ARGV_and_ENVIRON \ + do { \ + int envc; \ + for (envc = 0; *ubp_ev; ubp_ev++, envc++) \ + ; \ + ubp_ev -= envc; \ + \ + /* GKM FIXME: we could save some space by allocating only enough for \ + the additional low & high words, and destructively rewriting \ + argv in place. */ \ + __ptrvalue (argv) = __ptrlow (argv) \ + = alloca ((argc + envc + 2) * sizeof (*argv)); \ + __ptrhigh (argv) = __ptrvalue (argv) + argc + 1; \ + __ptrvalue (__environ) = __ptrlow (__environ) = __ptrhigh (argv); \ + __ptrhigh (__environ) = __ptrvalue (__environ) + envc + 1; \ + boundify_vector (__environ, ubp_ev); \ + boundify_vector (argv, ubp_av); \ + } while (0) + + +/* Copy an unbounded vector of unbounded strings into a bounded + counterpart. */ + +static void +boundify_vector (char **dest, char *__unbounded *__unbounded src) +{ + char *__unbounded s; + for (; *src; src++, dest++) + { + __ptrvalue (*dest) = __ptrlow (*dest) = *src; + __ptrhigh (*dest) = src[1]; + } + *dest = 0; + /* The OS lays out strings contiguously in vector order, + so */ + for (s = __ptrvalue (dest[-1]); *s; s++) + ; + __ptrhigh (dest[-1]) = ++s; +} + +#else + +# define INIT_ARGV_and_ENVIRON __environ = ubp_ev + +#endif diff --git a/sysdeps/generic/bp-sym.h b/sysdeps/generic/bp-sym.h new file mode 100644 index 0000000000..d2b3bd06c5 --- /dev/null +++ b/sysdeps/generic/bp-sym.h @@ -0,0 +1,28 @@ +/* Bounded-pointer symbol modifier. + Copyright (C) 2000 Free Software Foundation, Inc. + Contributed by Greg McGary + + This file is part of the GNU C Library. Its master source is NOT part of + the C library, however. The master source lives in the GNU MP Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the GNU C Library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. */ + +#define BP_SYM(name) _BP_SYM (name) +#if __BOUNDED_POINTERS__ +# define _BP_SYM(name) __BP_##name +#else +# define _BP_SYM(name) name +#endif diff --git a/sysdeps/generic/bp-thunks.h b/sysdeps/generic/bp-thunks.h new file mode 100644 index 0000000000..eb0a47b2c1 --- /dev/null +++ b/sysdeps/generic/bp-thunks.h @@ -0,0 +1,225 @@ +/* Bounded-pointer thunk definitions. + Copyright (C) 2000 Free Software Foundation, Inc. + Contributed by Greg McGary + + This file is part of the GNU C Library. Its master source is NOT part of + the C library, however. The master source lives in the GNU MP Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the GNU C Library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. */ + +#ifndef _bpthunks_h_ +#define _bpthunks_h_ + +#include + +#define BP_ALIAS(STRONG, ALIAS) weak_alias (__BP_##STRONG, __BP_##ALIAS) + +#define PV(P) __ptrvalue (P) +#define SV(S) __ptrvalue (S) +#define PB(P) __ptrlow (P) +#define PE(P) __ptrhigh (P) +#define voidp void *__bounded +#define charp char *__bounded + +/* GKM FIXME: Add code to check bounds. Right now, they only strip bounds, */ + +#define BP_THUNK_i_iiip(NAME) __unbounded { \ + extern int NAME (int, int, int, void *); \ + int __BP_##NAME (int i0, int i1, int i2, voidp p3) \ + { return NAME (i0, i1, i2, PV (p3)); } } + +#define BP_THUNK_i_iiipi(NAME) __unbounded { \ + extern int NAME (int, int, int, void *, int); \ + int __BP_##NAME (int i0, int i1, int i2, voidp p3, int i4) \ + { return NAME (i0, i1, i2, PV (p3), i4); } } + +#define BP_THUNK_i_iiipp(NAME) __unbounded { \ + extern int NAME (int, int, int, void *, void *); \ + int __BP_##NAME (int i0, int i1, int i2, voidp p3, voidp p4) \ + { return NAME (i0, i1, i2, PV (p3), PV (p4)); } } + +#define BP_THUNK_i_iip(NAME) __unbounded { \ + extern int NAME (int, int, void *); \ + int __BP_##NAME (int i0, int i1, voidp p2) \ + { return NAME (i0, i1, PV (p2)); } } + +#define BP_THUNK_i_iipi(NAME) __unbounded { \ + extern int NAME (int, int, void *, int); \ + int __BP_##NAME (int i0, int i1, voidp p2, int i3) \ + { return NAME (i0, i1, PV (p2), i3); } } + +#define BP_THUNK_i_iipp(NAME) __unbounded { \ + extern int NAME (int, int, void *, void *); \ + int __BP_##NAME (int i0, int i1, voidp p2, voidp p3) \ + { return NAME (i0, i1, PV (p2), PV (p3)); } } + +#define BP_THUNK_i_ip(NAME) __unbounded { \ + extern int NAME (int, void *); \ + int __BP_##NAME (int i0, voidp p1) \ + { return NAME (i0, PV (p1)); } } + +#define BP_THUNK_i_ipi(NAME) __unbounded { \ + extern int NAME (int, void *, int); \ + int __BP_##NAME (int i0, voidp p1, int i2) \ + { return NAME (i0, PV (p1), i2); } } + +#define BP_THUNK_i_ipii(NAME) __unbounded { \ + extern int NAME (int, void *, int, int); \ + int __BP_##NAME (int i0, voidp p1, int i2, int i3) \ + { return NAME (i0, PV (p1), i2, i3); } } + +#define BP_THUNK_i_ipiii(NAME) __unbounded { \ + extern int NAME (int, void *, int, int, int); \ + int __BP_##NAME (int i0, voidp p1, int i2, int i3, int i4) \ + { return NAME (i0, PV (p1), i2, i3, i4); } } + +#define BP_THUNK_i_ipiipi(NAME) __unbounded { \ + extern int NAME (int, void *, int, int, void *, int); \ + int __BP_##NAME (int i0, voidp p1, int i2, int i3, voidp p4, int i5) \ + { return NAME (i0, PV (p1), i2, i3, PV (p4), i5); } } + +#define BP_THUNK_i_ipiipp(NAME) __unbounded { \ + extern int NAME (int, void *, int, int, void *, void *); \ + int __BP_##NAME (int i0, voidp p1, int i2, int i3, voidp p4, voidp p5) \ + { return NAME (i0, PV (p1), i2, i3, PV (p4), PV (p5)); } } + +#define BP_THUNK_i_ipip(NAME) __unbounded { \ + extern int NAME (int, void *, int, void *); \ + int __BP_##NAME (int i0, voidp p1, int i2, voidp p3) \ + { return NAME (i0, PV (p1), i2, PV (p3)); } } + +#define BP_THUNK_i_ipp(NAME) __unbounded { \ + extern int NAME (int, void *, void *); \ + int __BP_##NAME (int i0, voidp p1, voidp p2) \ + { return NAME (i0, PV (p1), PV (p2)); } } + +#define BP_THUNK_i_ippi(NAME) __unbounded { \ + extern int NAME (int, void *, void *, int); \ + int __BP_##NAME (int i0, voidp p1, voidp p2, int i3) \ + { return NAME (i0, PV (p1), PV (p2), i3); } } + +#define BP_THUNK_i_ipppp(NAME) __unbounded { \ + extern int NAME (int, void *, void *, void *, void *); \ + int __BP_##NAME (int i0, voidp p1, voidp p2, voidp p3, voidp p4) \ + { return NAME (i0, PV (p1), PV (p2), PV (p3), PV (p4)); } } + +#define BP_THUNK_i_isi(NAME) __unbounded { \ + extern int NAME (int, char *, int); \ + int __BP_##NAME (int i0, charp s1, int i2) \ + { return NAME (i0, SV (s1), i2); } } + +#define BP_THUNK_i_isip(NAME) __unbounded { \ + extern int NAME (int, char *, int, void *); \ + int __BP_##NAME (int i0, charp s1, int i2, voidp p3) \ + { return NAME (i0, SV (s1), i2, PV (p3)); } } + +#define BP_THUNK_i_p(NAME) __unbounded { \ + extern int NAME (void *); \ + int __BP_##NAME (voidp p0) \ + { return NAME (PV (p0)); } } + +#define BP_THUNK_i_pi(NAME) __unbounded { \ + extern int NAME (void *, int); \ + int __BP_##NAME (voidp p0, int i1) \ + { return NAME (PV (p0), i1); } } + +#define BP_THUNK_i_pii(NAME) __unbounded { \ + extern int NAME (void *, int, int); \ + int __BP_##NAME (voidp p0, int i1, int i2) \ + { return NAME (PV (p0), i1, i2); } } + +#define BP_THUNK_i_piii(NAME) __unbounded { \ + extern int NAME (void *, int, int, int); \ + int __BP_##NAME (voidp p0, int i1, int i2, int i3) \ + { return NAME (PV (p0), i1, i2, i3); } } + +#define BP_THUNK_i_pp(NAME) __unbounded { \ + extern int NAME (void *, void *); \ + int __BP_##NAME (voidp p0, voidp p1) \ + { return NAME (PV (p0), PV (p1)); } } + +#define BP_THUNK_i_pppi(NAME) __unbounded { \ + extern int NAME (void *, void *, void *, int); \ + int __BP_##NAME (voidp p0, voidp p1, voidp p2, int i3) \ + { return NAME (PV (p0), PV (p1), PV (p2), i3); } } + +#define BP_THUNK_i_s(NAME) __unbounded { \ + extern int NAME (char *); \ + int __BP_##NAME (charp s0) \ + { return NAME (SV (s0)); } } + +#define BP_THUNK_i_si(NAME) __unbounded { \ + extern int NAME (char *, int); \ + int __BP_##NAME (charp s0, int i1) \ + { return NAME (SV (s0), i1); } } + +#define BP_THUNK_i_sii(NAME) __unbounded { \ + extern int NAME (char *, int, int); \ + int __BP_##NAME (charp s0, int i1, int i2) \ + { return NAME (SV (s0), i1, i2); } } + +#define BP_THUNK_i_sipip(NAME) __unbounded { \ + extern int NAME (char *, int, void *, int, void *); \ + int __BP_##NAME (charp s0, int i1, voidp p2, int i3, voidp p4) \ + { return NAME (SV (s0), i1, PV (p2), i3, PV (p4)); } } + +#define BP_THUNK_i_sp(NAME) __unbounded { \ + extern int NAME (char *, void *); \ + int __BP_##NAME (charp s0, voidp p1) \ + { return NAME (SV (s0), PV (p1)); } } + +#define BP_THUNK_i_spi(NAME) __unbounded { \ + extern int NAME (char *, void *, int); \ + int __BP_##NAME (charp s0, voidp p1, int i2) \ + { return NAME (SV (s0), PV (p1), i2); } } + +#define BP_THUNK_i_spp(NAME) __unbounded { \ + extern int NAME (char *, void *, void *); \ + int __BP_##NAME (charp s0, voidp p1, voidp p2) \ + { return NAME (SV (s0), PV (p1), PV (p2)); } } + +#define BP_THUNK_i_ss(NAME) __unbounded { \ + extern int NAME (char *, char *); \ + int __BP_##NAME (charp s0, charp s1) \ + { return NAME (SV (s0), s1); } } + +#define BP_THUNK_i_sssip(NAME) __unbounded { \ + extern int NAME (char *, char *, char *, int, void *); \ + int __BP_##NAME (charp s0, charp s1, charp s2, int i3, voidp p4) \ + { return NAME (SV (s0), SV (s1), SV (s2), i3, PV (p4)); } } + +/* sstk */ +#define BP_THUNK_p_i(NAME) __unbounded { \ + extern void *NAME (int); \ + voidp __BP_##NAME (int i0) \ + { charp m; PV (m) = PB (m) = NAME (i0); \ + PE (m) = PV (m) + i0; return m; } } + +/* mremap */ +#define BP_THUNK_p_piii(NAME) __unbounded { \ + extern void *NAME (void *, int, int, int); \ + voidp __BP_##NAME (voidp p0, int i1, int i2, int i3) \ + { charp m; PV (m) = PB (m) = NAME (PV (p0), i1, i2, i3); \ + PE (m) = PV (m) + i2; return m; } } + +/* mmap */ +#define BP_THUNK_p_piiiii(NAME) __unbounded { \ + extern void *NAME (void *, int, int, int, int, int); \ + voidp __BP_##NAME (voidp p0, int i1, int i2, int i3, int i4, int i5) \ + { charp m; PV (m) = PB (m) = NAME (PV (p0), i1, i2, i3, i4, i5); \ + PE (m) = PV (m) + i1; return m; } } + +#endif /* _bpthunks_h_ */ diff --git a/sysdeps/generic/libc-start.c b/sysdeps/generic/libc-start.c index f5486f91e1..a9517c3218 100644 --- a/sysdeps/generic/libc-start.c +++ b/sysdeps/generic/libc-start.c @@ -19,22 +19,34 @@ #include #include #include +#include +#include extern void __libc_init_first (int argc, char **argv, char **envp); extern int _dl_starting_up; weak_extern (_dl_starting_up) extern int __libc_multiple_libcs; -extern void *__libc_stack_end; +extern void *__unbounded __libc_stack_end; /* Prototype for local function. */ extern void __libc_check_standard_fds (void); int -__libc_start_main (int (*main) (int, char **, char **), int argc, - char **argv, void (*init) (void), void (*fini) (void), - void (*rtld_fini) (void), void *stack_end) +/* GKM FIXME: GCC: this should get __BP_ prefix by virtue of the + BPs in the arglist of startup_info.main and startup_info.init. */ +BP_SYM (__libc_start_main) (int (*main) (int, char **, char **), + int argc, char *__unbounded *__unbounded ubp_av, + void (*init) (void), void (*fini) (void), + void (*rtld_fini) (void), void *__unbounded stack_end) { + char *__unbounded *__unbounded ubp_ev = &ubp_av[argc + 1]; +#if __BOUNDED_POINTERS__ + char **argv; +#else +# define argv ubp_av +#endif + #ifndef SHARED /* The next variable is only here to work around a bug in gcc <= 2.7.2.2. If the address would be taken inside the expression the optimizer @@ -44,12 +56,11 @@ __libc_start_main (int (*main) (int, char **, char **), int argc, __libc_multiple_libcs = dummy_addr && !_dl_starting_up; #endif + INIT_ARGV_and_ENVIRON; + /* Store the lowest stack address. */ __libc_stack_end = stack_end; - /* Set the global _environ variable correctly. */ - __environ = &argv[argc + 1]; - #ifndef SHARED /* Some security at this point. Prevent starting a SUID binary where the standard file descriptors are not opened. We have to do this -- cgit v1.2.3