* sysdeps/generic/dl-osinfo.h (_dl_setup_stack_chk_guard): Take

one parameter. If non-NULL use it to initialize return value. (_dl_setup_pointer_guard): New function. * sysdeps/unix/sysv/linux/dl-osinfo.h: Likewise. * sysdeps/generic/ldsodefs.h: Declare _dl_random. * elf/rtld.c (security_init): Pass _dl_random to _dl_setup_stack_chk_guard. Call _dl_setup_pointer_guard to initialize pointer_chk_guard. * elf/dl-sysdep.c (_dl_random): New variable. (_dl_sysdep_start): Handle AT_RANDOM. (_dl_show_auxv): Likewise. * elf/dl-support.c (_dl_random): New variable. (_dl_aux_init): Handle AT_RANDOM. * csu/libc-start.c [!SHARED] (libc_start_main): Pass _dl_random to _dl_setup_stack_chk_guard. * elf/elf.h (AT_RANDOM): Define AT_BASE_PLATFORM and AT_RANDOM.
2025-07-30 22:43:12 +03:00 · 2009-01-11 04:44:06 +00:00
parent 5b656a0d30
commit 965cb60a21
7 changed files with 112 additions and 31 deletions
--- a/20
+++ b/20
@ -1,3 +1,23 @@
 2009-01-10  Ulrich Drepper  <drepper@redhat.com>
 	* sysdeps/generic/dl-osinfo.h (_dl_setup_stack_chk_guard): Take
 	one parameter.  If non-NULL use it to initialize return value.
 	(_dl_setup_pointer_guard): New function.
 	* sysdeps/unix/sysv/linux/dl-osinfo.h: Likewise.
 	* sysdeps/generic/ldsodefs.h: Declare _dl_random.
 	* elf/rtld.c (security_init): Pass _dl_random to
 	_dl_setup_stack_chk_guard.  Call _dl_setup_pointer_guard to initialize
 	pointer_chk_guard.
 	* elf/dl-sysdep.c (_dl_random): New variable.
 	(_dl_sysdep_start): Handle AT_RANDOM.
 	(_dl_show_auxv): Likewise.
 	* elf/dl-support.c (_dl_random): New variable.
 	(_dl_aux_init): Handle AT_RANDOM.
 	* csu/libc-start.c [!SHARED] (libc_start_main): Pass _dl_random
 	to _dl_setup_stack_chk_guard.
 	* elf/elf.h (AT_RANDOM): Define AT_BASE_PLATFORM and AT_RANDOM.
 2009-01-10  Roland McGrath  <roland@redhat.com>
 	* nscd/nscd.c (parse_opt): Use argp_error for bad -i argument.
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@ -1,5 +1,5 @@
 /* Support for dynamic linking code in static libc.
-   Copyright (C) 1996-2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+   Copyright (C) 1996-2008, 2009 Free Software Foundation, Inc.
   This file is part of the GNU C Library.
   The GNU C Library is free software; you can redistribute it and/or
@ -84,6 +84,9 @@ struct r_scope_elem _dl_initial_searchlist;
 int _dl_starting_up = 1;
 #endif
 /* Random data provided by the kernel.  */
 void *_dl_random;
 /* Get architecture specific initializer.  */
 #include <dl-procinfo.c>
@ -216,6 +219,9 @@ _dl_aux_init (ElfW(auxv_t) *av)
 	__libc_enable_secure = av->a_un.a_val;
 	__libc_enable_secure_decided = 1;
 	break;
      case AT_RANDOM:
 	_dl_random = (void *) av->a_un.a_val;
 	break;
 # ifdef DL_PLATFORM_AUXV
      DL_PLATFORM_AUXV
 # endif
--- a/elf/dl-sysdep.c
+++ b/elf/dl-sysdep.c
@ -1,5 +1,5 @@
 /* Operating system support for run-time dynamic linker.  Generic Unix version.
-   Copyright (C) 1995-1998, 2000-2007, 2008 Free Software Foundation, Inc.
+   Copyright (C) 1995-1998, 2000-2008, 2009 Free Software Foundation, Inc.
   This file is part of the GNU C Library.
   The GNU C Library is free software; you can redistribute it and/or
@ -62,6 +62,7 @@ int __libc_multiple_libcs = 0;	/* Defining this here avoids the inclusion
 void *__libc_stack_end attribute_relro = NULL;
 rtld_hidden_data_def(__libc_stack_end)
 static ElfW(auxv_t) *_dl_auxv attribute_relro;
 void *_dl_random attribute_relro = NULL;
 #ifndef DL_FIND_ARG_COMPONENTS
 # define DL_FIND_ARG_COMPONENTS(cookie, argc, argv, envp, auxp)	\
@ -173,6 +174,9 @@ _dl_sysdep_start (void **start_argptr,
 	GLRO(dl_sysinfo_dso) = (void *) av->a_un.a_val;
 	break;
 #endif
      case AT_RANDOM:
 	_dl_random = (void *) av->a_un.a_val;
 	break;
 #ifdef DL_PLATFORM_AUXV
      DL_PLATFORM_AUXV
 #endif
@ -294,6 +298,7 @@ _dl_show_auxv (void)
 	  [AT_SECURE - 2] =		{ "AT_SECURE:       ", dec },
 	  [AT_SYSINFO - 2] =		{ "AT_SYSINFO:      0x", hex },
 	  [AT_SYSINFO_EHDR - 2] =	{ "AT_SYSINFO_EHDR: 0x", hex },
 	  [AT_RANDOM - 2] =		{ "AT_RANDOM:       0x", hex },
 	};
      unsigned int idx = (unsigned int) (av->a_type - 2);
--- a/elf/rtld.c
+++ b/elf/rtld.c
@ -1,5 +1,5 @@
 /* Run time dynamic linker.
-   Copyright (C) 1995-2006, 2007, 2008 Free Software Foundation, Inc.
+   Copyright (C) 1995-2006, 2007, 2008, 2009 Free Software Foundation, Inc.
   This file is part of the GNU C Library.
   The GNU C Library is free software; you can redistribute it and/or
@ -841,7 +841,7 @@ static void
 security_init (void)
 {
  /* Set up the stack checker's canary.  */
-  uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
+  uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
 #ifdef THREAD_SET_STACK_GUARD
  THREAD_SET_STACK_GUARD (stack_chk_guard);
 #else
@ -851,18 +851,18 @@ security_init (void)
  /* Set up the pointer guard as well, if necessary.  */
  if (GLRO(dl_pointer_guard))
    {
-      // XXX If it is cheap, we should use a separate value.
+      uintptr_t pointer_chk_guard = _dl_setup_pointer_guard (_dl_random,
-      uintptr_t pointer_chk_guard = stack_chk_guard;
+							     stack_chk_guard);
 #ifndef HP_TIMING_NONAVAIL
      hp_timing_t now;
      HP_TIMING_NOW (now);
      pointer_chk_guard ^= now;
 #endif
 #ifdef THREAD_SET_POINTER_GUARD
      THREAD_SET_POINTER_GUARD (pointer_chk_guard);
 #endif
      __pointer_chk_guard_local = pointer_chk_guard;
    }
  /* We do not need the _dl_random value anymore.  The less
     information we leave behind, the better, so clear the
     variable.  */
  _dl_random = NULL;
 }
--- a/sysdeps/generic/dl-osinfo.h
+++ b/sysdeps/generic/dl-osinfo.h
@ -1,12 +1,29 @@
 #include <stdint.h>
 static inline uintptr_t __attribute__ ((always_inline))
-_dl_setup_stack_chk_guard (void)
+_dl_setup_stack_chk_guard (void *dl_random)
 {
-  uintptr_t ret = 0;
+  uintptr_t ret;
-  unsigned char *p = (unsigned char *) &ret;
+  if (dl_random == NULL)
-  p[sizeof (ret) - 1] = 255;
+    {
-  p[sizeof (ret) - 2] = '\n';
+      ret = 0;
-  p[0] = 0;
+      unsigned char *p = (unsigned char *) &ret;
      p[sizeof (ret) - 1] = 255;
      p[sizeof (ret) - 2] = '\n';
      p[0] = 0;
    }
  else
    memcmp (&ret, dl_random, sizeof (ret));
  return ret;
 }
 static inline uintptr_t __attribute__ ((always_inline))
 _dl_setup_pointer_guard (void *dl_random, uintptr_t stack_chk_guard)
 {
  uintptr_t ret;
  if (dl_random == NULL)
    ret = stack_chk_guard;
  else
    memcmp (&ret, (char *) dl_random + sizeof (ret), sizeof (ret));
  return ret;
 }
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@ -1,5 +1,5 @@
 /* Run-time dynamic linker data structures for loaded ELF shared objects.
-   Copyright (C) 1995-2006, 2007, 2008 Free Software Foundation, Inc.
+   Copyright (C) 1995-2006, 2007, 2008, 2009 Free Software Foundation, Inc.
   This file is part of the GNU C Library.
   The GNU C Library is free software; you can redistribute it and/or
@ -731,6 +731,9 @@ weak_extern (_dl_starting_up)
 extern int _dl_starting_up_internal attribute_hidden;
 #endif
 /* Random data provided by the kernel.  */
 extern void *_dl_random attribute_hidden;
 /* OS-dependent function to open the zero-fill device.  */
 extern int _dl_sysdep_open_zero_fill (void); /* dl-sysdep.c */
--- a/sysdeps/unix/sysv/linux/dl-osinfo.h
+++ b/sysdeps/unix/sysv/linux/dl-osinfo.h
@ -1,5 +1,5 @@
 /* Operating system specific code for generic dynamic loader functions.  Linux.
-   Copyright (C) 2000-2002,2004-2007,2008 Free Software Foundation, Inc.
+   Copyright (C) 2000-2002,2004-2008, 2009 Free Software Foundation, Inc.
   This file is part of the GNU C Library.
   The GNU C Library is free software; you can redistribute it and/or
@ -60,22 +60,52 @@ dl_fatal (const char *str)
  } while (0)
 static inline uintptr_t __attribute__ ((always_inline))
-_dl_setup_stack_chk_guard (void)
+_dl_setup_stack_chk_guard (void *dl_random)
 {
  uintptr_t ret;
-#ifdef ENABLE_STACKGUARD_RANDOMIZE
+#ifndef __ASSUME_AT_RANDOM
-  int fd = __open ("/dev/urandom", O_RDONLY);
+  if (__builtin_expect (dl_random == NULL, 0))
  if (fd >= 0)
    {
-      ssize_t reslen = __read (fd, &ret, sizeof (ret));
+# ifdef ENABLE_STACKGUARD_RANDOMIZE
-      __close (fd);
+      int fd = __open ("/dev/urandom", O_RDONLY);
-      if (reslen == (ssize_t) sizeof (ret))
+      if (fd >= 0)
-	return ret;
+	{
 	  ssize_t reslen = __read (fd, &ret, sizeof (ret));
 	  __close (fd);
 	  if (reslen == (ssize_t) sizeof (ret))
 	    return ret;
 	}
 # endif
      ret = 0;
      unsigned char *p = (unsigned char *) &ret;
      p[sizeof (ret) - 1] = 255;
      p[sizeof (ret) - 2] = '\n';
    }
  else
 #endif
-  ret = 0;
+    /* We need in the moment only 8 bytes on 32-bit platforms and 16
-  unsigned char *p = (unsigned char *) &ret;
+       bytes on 64-bit platforms.  Therefore we can use the data
-  p[sizeof (ret) - 1] = 255;
+       directly and not use the kernel-provided data to seed a PRNG.  */
-  p[sizeof (ret) - 2] = '\n';
+    memcpy (&ret, dl_random, sizeof (ret));
  return ret;
 }
 static inline uintptr_t __attribute__ ((always_inline))
 _dl_setup_pointer_guard (void *dl_random, uintptr_t stack_chk_guard)
 {
  uintptr_t ret;
 #ifndef __ASSUME_AT_RANDOM
  if (dl_random == NULL)
    {
      ret = stack_chk_guard;
 # ifndef HP_TIMING_NONAVAIL
      hp_timing_t now;
      HP_TIMING_NOW (now);
      ret ^= now;
 # endif
    }
  else
 #endif
    memcpy (&ret, (char *) dl_random + sizeof (ret), sizeof (ret));
  return ret;
 }