diff options
author | Fangrui Song <maskray@google.com> | 2021-01-11 23:56:32 -0800 |
---|---|---|
committer | Fangrui Song <maskray@google.com> | 2021-01-11 23:56:32 -0800 |
commit | 0b11ca56fe0473a41a6e9cdc5d228c7d1e0d6d72 (patch) | |
tree | 6d9013a7b236e33deee47f247f71aa60eec06477 | |
parent | 87d583c6e8cd0e49f64da76636ebeec033298b4d (diff) | |
download | glibc-maskray/stack_chk_guard.tar.gz glibc-maskray/stack_chk_guard.tar.xz glibc-maskray/stack_chk_guard.zip |
Unconditionally define __stack_chk_guard [BZ #26817] maskray/stack_chk_guard
__stack_chk_guard is currently unavailable on architectures which define THREAD_SET_STACK_GUARD, so {gcc,clang} -fstack-protector -mstack-protector-guard=global will fail to link due to the undefined symbol. Define __stack_chk_guard to make -mstack-protector-guard=global compiled user programs work. `#define THREAD_SET_STACK_GUARD` code is moved outside of `#ifndef __ASSEMBLER__` so that cpp can preprocess elf/Versions.
22 files changed, 83 insertions, 71 deletions
diff --git a/csu/libc-start.c b/csu/libc-start.c index db859c3bed..e46d402664 100644 --- a/csu/libc-start.c +++ b/csu/libc-start.c @@ -33,11 +33,8 @@ extern void __libc_init_first (int argc, char **argv, char **envp); #include <tls.h> #ifndef SHARED # include <dl-osinfo.h> -# ifndef THREAD_SET_STACK_GUARD -/* Only exported for architectures that don't store the stack guard canary - in thread local area. */ +/* Also export to architectures which prefer -mstack-protector-guard=tls. */ uintptr_t __stack_chk_guard attribute_relro; -# endif # ifndef THREAD_SET_POINTER_GUARD /* Only exported for architectures that don't store the pointer guard value in thread local area. */ @@ -206,9 +203,8 @@ LIBC_START_MAIN (int (*main) (int, char **, char ** MAIN_AUXVEC_DECL), uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); # ifdef THREAD_SET_STACK_GUARD THREAD_SET_STACK_GUARD (stack_chk_guard); -# else - __stack_chk_guard = stack_chk_guard; # endif + __stack_chk_guard = stack_chk_guard; # ifdef DL_SYSDEP_OSCHECK { diff --git a/elf/Versions b/elf/Versions index be88c48e6d..b5a6151aa4 100644 --- a/elf/Versions +++ b/elf/Versions @@ -1,3 +1,6 @@ +%if __has_include("tls.h") +%include "tls.h" +%endif libc { GLIBC_2.0 { %ifdef EXPORT_UNWIND_FIND_FDE @@ -50,7 +53,15 @@ ld { } GLIBC_2.4 { # stack canary +%ifndef THREAD_SET_STACK_GUARD + __stack_chk_guard; +%endif + } + GLIBC_2.33 { + # stack canary +%ifdef THREAD_SET_STACK_GUARD __stack_chk_guard; +%endif } GLIBC_PRIVATE { # Those are in the dynamic linker, but used by libc.so. diff --git a/elf/rtld.c b/elf/rtld.c index 8d9add90e3..cd70428c46 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -154,11 +154,8 @@ unsigned int _dl_skip_args attribute_relro attribute_hidden; #endif rtld_hidden_data_def (_dl_argv) -#ifndef THREAD_SET_STACK_GUARD -/* Only exported for architectures that don't store the stack guard canary - in thread local area. */ +/* Also export to architectures which prefer -mstack-protector-guard=tls. */ uintptr_t __stack_chk_guard attribute_relro; -#endif /* Only exported for architectures that don't store the pointer guard value in thread local area. */ @@ -865,9 +862,8 @@ security_init (void) uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random); #ifdef THREAD_SET_STACK_GUARD THREAD_SET_STACK_GUARD (stack_chk_guard); -#else - __stack_chk_guard = stack_chk_guard; #endif + __stack_chk_guard = stack_chk_guard; /* Set up the pointer guard as well, if necessary. */ uintptr_t pointer_chk_guard diff --git a/sysdeps/i386/nptl/tls.h b/sysdeps/i386/nptl/tls.h index 86ee1ef302..c16c2fe665 100644 --- a/sysdeps/i386/nptl/tls.h +++ b/sysdeps/i386/nptl/tls.h @@ -68,6 +68,13 @@ _Static_assert (offsetof (tcbhead_t, __private_ss) == 0x30, the SSE memory functions. */ #define STACK_ALIGN 16 +/* Set the stack guard field in TCB head. Referenced by elf/Versions. */ +#define THREAD_SET_STACK_GUARD(value) \ + THREAD_SETMEM (THREAD_SELF, header.stack_guard, value) +#define THREAD_COPY_STACK_GUARD(descr) \ + ((descr)->header.stack_guard \ + = THREAD_GETMEM (THREAD_SELF, header.stack_guard)) + #ifndef __ASSEMBLER__ /* Get system call information. */ # include <sysdep.h> @@ -358,14 +365,6 @@ tls_fill_user_desc (union user_desc_init *desc, }}) -/* Set the stack guard field in TCB head. */ -#define THREAD_SET_STACK_GUARD(value) \ - THREAD_SETMEM (THREAD_SELF, header.stack_guard, value) -#define THREAD_COPY_STACK_GUARD(descr) \ - ((descr)->header.stack_guard \ - = THREAD_GETMEM (THREAD_SELF, header.stack_guard)) - - /* Set the pointer guard field in the TCB head. */ #define THREAD_SET_POINTER_GUARD(value) \ THREAD_SETMEM (THREAD_SELF, header.pointer_guard, value) diff --git a/sysdeps/ia64/nptl/tls.h b/sysdeps/ia64/nptl/tls.h index 66d9bf3189..11f9a421c0 100644 --- a/sysdeps/ia64/nptl/tls.h +++ b/sysdeps/ia64/nptl/tls.h @@ -46,6 +46,13 @@ register struct pthread *__thread_self __asm__("r13"); /* Alignment requirement for the stack. */ #define STACK_ALIGN 16 +/* Set the stack guard field in TCB head. Referenced by elf/Versions. */ +#define THREAD_SET_STACK_GUARD(value) \ + (((uintptr_t *) __thread_self)[-1] = (value)) +#define THREAD_COPY_STACK_GUARD(descr) \ + (((uintptr_t *) ((char *) (descr) + TLS_PRE_TCB_SIZE))[-1] \ + = ((uintptr_t *) __thread_self)[-1]) + #ifndef __ASSEMBLER__ /* Get system call information. */ # include <sysdep.h> @@ -138,13 +145,6 @@ register struct pthread *__thread_self __asm__("r13"); #define THREAD_SETMEM_NC(descr, member, idx, value) \ descr->member[idx] = (value) -/* Set the stack guard field in TCB head. */ -#define THREAD_SET_STACK_GUARD(value) \ - (((uintptr_t *) __thread_self)[-1] = (value)) -#define THREAD_COPY_STACK_GUARD(descr) \ - (((uintptr_t *) ((char *) (descr) + TLS_PRE_TCB_SIZE))[-1] \ - = ((uintptr_t *) __thread_self)[-1]) - /* Set the pointer guard field in TCB head. */ #define THREAD_GET_POINTER_GUARD() \ (((uintptr_t *) __thread_self)[-2]) diff --git a/sysdeps/mach/hurd/i386/ld.abilist b/sysdeps/mach/hurd/i386/ld.abilist index 751664bcda..b3f2fdc5d5 100644 --- a/sysdeps/mach/hurd/i386/ld.abilist +++ b/sysdeps/mach/hurd/i386/ld.abilist @@ -16,4 +16,5 @@ GLIBC_2.2.6 _r_debug D 0x14 GLIBC_2.2.6 abort F GLIBC_2.3 ___tls_get_addr F GLIBC_2.3 __tls_get_addr F +GLIBC_2.33 __stack_chk_guard D 0x4 GLIBC_2.33 __x86_get_cpu_features F diff --git a/sysdeps/mach/hurd/i386/tls.h b/sysdeps/mach/hurd/i386/tls.h index 057b2613f3..1413ee63b2 100644 --- a/sysdeps/mach/hurd/i386/tls.h +++ b/sysdeps/mach/hurd/i386/tls.h @@ -79,6 +79,13 @@ typedef struct "Segment Base".) On such machines, a cache line is 64 bytes. */ #define TCB_ALIGNMENT 64 +/* Set the stack guard field in TCB head. Referenced by elf/Versions. */ +#define THREAD_SET_STACK_GUARD(value) \ + THREAD_SETMEM (THREAD_SELF, stack_guard, value) +#define THREAD_COPY_STACK_GUARD(descr) \ + ((descr)->stack_guard \ + = THREAD_GETMEM (THREAD_SELF, stack_guard)) + #ifndef __ASSEMBLER__ /* Use i386-specific RPCs to arrange that %gs segment register prefix @@ -296,13 +303,6 @@ out: _dtv; }) -/* Set the stack guard field in TCB head. */ -#define THREAD_SET_STACK_GUARD(value) \ - THREAD_SETMEM (THREAD_SELF, stack_guard, value) -#define THREAD_COPY_STACK_GUARD(descr) \ - ((descr)->stack_guard \ - = THREAD_GETMEM (THREAD_SELF, stack_guard)) - /* Set the pointer guard field in the TCB head. */ #define THREAD_SET_POINTER_GUARD(value) \ THREAD_SETMEM (THREAD_SELF, pointer_guard, value) diff --git a/sysdeps/powerpc/nptl/tls.h b/sysdeps/powerpc/nptl/tls.h index 6c779b6609..db56e04f81 100644 --- a/sysdeps/powerpc/nptl/tls.h +++ b/sysdeps/powerpc/nptl/tls.h @@ -33,6 +33,16 @@ # include <asm/ptrace.h> #endif /* __ASSEMBLER__ */ +/* Set the stack guard field in TCB head. Used by elf/Versions. */ +# define THREAD_SET_STACK_GUARD(value) \ + (((tcbhead_t *) ((char *) __thread_register \ + - TLS_TCB_OFFSET))[-1].stack_guard = (value)) +# define THREAD_COPY_STACK_GUARD(descr) \ + (((tcbhead_t *) ((char *) (descr) \ + + TLS_PRE_TCB_SIZE))[-1].stack_guard \ + = ((tcbhead_t *) ((char *) __thread_register \ + - TLS_TCB_OFFSET))[-1].stack_guard) + #ifndef __powerpc64__ /* Register r2 (tp) is reserved by the ABI as "thread pointer". */ # define PT_THREAD_POINTER PT_R2 @@ -192,16 +202,6 @@ typedef struct ((void)(descr), (THREAD_SELF)->member[idx] = (value)) /* Set the stack guard field in TCB head. */ -# define THREAD_SET_STACK_GUARD(value) \ - (((tcbhead_t *) ((char *) __thread_register \ - - TLS_TCB_OFFSET))[-1].stack_guard = (value)) -# define THREAD_COPY_STACK_GUARD(descr) \ - (((tcbhead_t *) ((char *) (descr) \ - + TLS_PRE_TCB_SIZE))[-1].stack_guard \ - = ((tcbhead_t *) ((char *) __thread_register \ - - TLS_TCB_OFFSET))[-1].stack_guard) - -/* Set the stack guard field in TCB head. */ # define THREAD_GET_POINTER_GUARD() \ (((tcbhead_t *) ((char *) __thread_register \ - TLS_TCB_OFFSET))[-1].pointer_guard) diff --git a/sysdeps/s390/nptl/tls.h b/sysdeps/s390/nptl/tls.h index efb52515e0..f01d835ea4 100644 --- a/sysdeps/s390/nptl/tls.h +++ b/sysdeps/s390/nptl/tls.h @@ -57,6 +57,18 @@ typedef struct the SSE memory functions. */ #define STACK_ALIGN 16 +/* Set the stack guard field in TCB head. Referenced by elf/Versions. */ +#define THREAD_SET_STACK_GUARD(value) \ + do \ + { \ + __asm__ __volatile__ ("" : : : "a0", "a1"); \ + THREAD_SETMEM (THREAD_SELF, header.stack_guard, value); \ + } \ + while (0) +#define THREAD_COPY_STACK_GUARD(descr) \ + ((descr)->header.stack_guard \ + = THREAD_GETMEM (THREAD_SELF, header.stack_guard)) + #ifndef __ASSEMBLER__ /* Get system call information. */ # include <sysdep.h> @@ -145,18 +157,6 @@ typedef struct #define THREAD_SETMEM_NC(descr, member, idx, value) \ descr->member[idx] = (value) -/* Set the stack guard field in TCB head. */ -#define THREAD_SET_STACK_GUARD(value) \ - do \ - { \ - __asm__ __volatile__ ("" : : : "a0", "a1"); \ - THREAD_SETMEM (THREAD_SELF, header.stack_guard, value); \ - } \ - while (0) -#define THREAD_COPY_STACK_GUARD(descr) \ - ((descr)->header.stack_guard \ - = THREAD_GETMEM (THREAD_SELF, header.stack_guard)) - /* s390 doesn't have HP_TIMING_*, so for the time being use stack_guard as pointer_guard. */ #define THREAD_GET_POINTER_GUARD() \ diff --git a/sysdeps/sparc/nptl/tls.h b/sysdeps/sparc/nptl/tls.h index dd1eb82a59..764fae5dd4 100644 --- a/sysdeps/sparc/nptl/tls.h +++ b/sysdeps/sparc/nptl/tls.h @@ -51,6 +51,12 @@ typedef struct # include <tcb-offsets.h> #endif /* __ASSEMBLER__ */ +/* Set the stack guard field in TCB head. Referenced by elf/Versions. */ +#define THREAD_SET_STACK_GUARD(value) \ + THREAD_SETMEM (THREAD_SELF, header.stack_guard, value) +# define THREAD_COPY_STACK_GUARD(descr) \ + ((descr)->header.stack_guard \ + = THREAD_GETMEM (THREAD_SELF, header.stack_guard)) #ifndef __ASSEMBLER__ /* Get system call information. */ @@ -122,13 +128,6 @@ register struct pthread *__thread_self __asm__("%g7"); #define THREAD_SETMEM_NC(descr, member, idx, value) \ descr->member[idx] = (value) -/* Set the stack guard field in TCB head. */ -#define THREAD_SET_STACK_GUARD(value) \ - THREAD_SETMEM (THREAD_SELF, header.stack_guard, value) -# define THREAD_COPY_STACK_GUARD(descr) \ - ((descr)->header.stack_guard \ - = THREAD_GETMEM (THREAD_SELF, header.stack_guard)) - /* Get/set the stack guard field in TCB head. */ #define THREAD_GET_POINTER_GUARD() \ THREAD_GETMEM (THREAD_SELF, header.pointer_guard) diff --git a/sysdeps/unix/sysv/linux/i386/ld.abilist b/sysdeps/unix/sysv/linux/i386/ld.abilist index 04655651b0..58968d772e 100644 --- a/sysdeps/unix/sysv/linux/i386/ld.abilist +++ b/sysdeps/unix/sysv/linux/i386/ld.abilist @@ -3,4 +3,5 @@ GLIBC_2.1 __libc_stack_end D 0x4 GLIBC_2.1 _dl_mcount F GLIBC_2.3 ___tls_get_addr F GLIBC_2.3 __tls_get_addr F +GLIBC_2.33 __stack_chk_guard D 0x4 GLIBC_2.33 __x86_get_cpu_features F diff --git a/sysdeps/unix/sysv/linux/ia64/ld.abilist b/sysdeps/unix/sysv/linux/ia64/ld.abilist index 33f91199bf..782a31dda4 100644 --- a/sysdeps/unix/sysv/linux/ia64/ld.abilist +++ b/sysdeps/unix/sysv/linux/ia64/ld.abilist @@ -2,3 +2,4 @@ GLIBC_2.2 __libc_stack_end D 0x8 GLIBC_2.2 _dl_mcount F GLIBC_2.2 _r_debug D 0x28 GLIBC_2.3 __tls_get_addr F +GLIBC_2.33 __stack_chk_guard D 0x8 diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/ld.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc32/ld.abilist index 4bbfba7a61..5f0f61ffe8 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/ld.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/ld.abilist @@ -4,3 +4,4 @@ GLIBC_2.1 _dl_mcount F GLIBC_2.22 __tls_get_addr_opt F GLIBC_2.23 __parse_hwcap_and_convert_at_platform F GLIBC_2.3 __tls_get_addr F +GLIBC_2.33 __stack_chk_guard D 0x4 diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/ld.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/ld.abilist index 283fb4510b..2789aacf98 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/ld.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/ld.abilist @@ -4,3 +4,4 @@ GLIBC_2.3 __libc_stack_end D 0x8 GLIBC_2.3 __tls_get_addr F GLIBC_2.3 _dl_mcount F GLIBC_2.3 _r_debug D 0x28 +GLIBC_2.33 __stack_chk_guard D 0x8 diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/ld.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/ld.abilist index b1f313c7cd..819d9b8f77 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/ld.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/ld.abilist @@ -4,3 +4,4 @@ GLIBC_2.17 _dl_mcount F GLIBC_2.17 _r_debug D 0x28 GLIBC_2.22 __tls_get_addr_opt F GLIBC_2.23 __parse_hwcap_and_convert_at_platform F +GLIBC_2.33 __stack_chk_guard D 0x8 diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/ld.abilist b/sysdeps/unix/sysv/linux/s390/s390-32/ld.abilist index b56f005beb..f0d850a208 100644 --- a/sysdeps/unix/sysv/linux/s390/s390-32/ld.abilist +++ b/sysdeps/unix/sysv/linux/s390/s390-32/ld.abilist @@ -2,3 +2,4 @@ GLIBC_2.0 _r_debug D 0x14 GLIBC_2.1 __libc_stack_end D 0x4 GLIBC_2.1 _dl_mcount F GLIBC_2.3 __tls_get_offset F +GLIBC_2.33 __stack_chk_guard D 0x4 diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/ld.abilist b/sysdeps/unix/sysv/linux/s390/s390-64/ld.abilist index 6f788a086d..29a2bafdf8 100644 --- a/sysdeps/unix/sysv/linux/s390/s390-64/ld.abilist +++ b/sysdeps/unix/sysv/linux/s390/s390-64/ld.abilist @@ -2,3 +2,4 @@ GLIBC_2.2 __libc_stack_end D 0x8 GLIBC_2.2 _dl_mcount F GLIBC_2.2 _r_debug D 0x28 GLIBC_2.3 __tls_get_offset F +GLIBC_2.33 __stack_chk_guard D 0x8 diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/ld.abilist b/sysdeps/unix/sysv/linux/sparc/sparc32/ld.abilist index 0c6610e3c2..345118a148 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc32/ld.abilist +++ b/sysdeps/unix/sysv/linux/sparc/sparc32/ld.abilist @@ -2,3 +2,4 @@ GLIBC_2.0 _r_debug D 0x14 GLIBC_2.1 __libc_stack_end D 0x4 GLIBC_2.1 _dl_mcount F GLIBC_2.3 __tls_get_addr F +GLIBC_2.33 __stack_chk_guard D 0x4 diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/ld.abilist b/sysdeps/unix/sysv/linux/sparc/sparc64/ld.abilist index 33f91199bf..782a31dda4 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc64/ld.abilist +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/ld.abilist @@ -2,3 +2,4 @@ GLIBC_2.2 __libc_stack_end D 0x8 GLIBC_2.2 _dl_mcount F GLIBC_2.2 _r_debug D 0x28 GLIBC_2.3 __tls_get_addr F +GLIBC_2.33 __stack_chk_guard D 0x8 diff --git a/sysdeps/unix/sysv/linux/x86_64/64/ld.abilist b/sysdeps/unix/sysv/linux/x86_64/64/ld.abilist index e632c6198e..6741524283 100644 --- a/sysdeps/unix/sysv/linux/x86_64/64/ld.abilist +++ b/sysdeps/unix/sysv/linux/x86_64/64/ld.abilist @@ -2,4 +2,5 @@ GLIBC_2.2.5 __libc_stack_end D 0x8 GLIBC_2.2.5 _dl_mcount F GLIBC_2.2.5 _r_debug D 0x28 GLIBC_2.3 __tls_get_addr F +GLIBC_2.33 __stack_chk_guard D 0x8 GLIBC_2.33 __x86_get_cpu_features F diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/ld.abilist b/sysdeps/unix/sysv/linux/x86_64/x32/ld.abilist index 9d9d0befde..a995a30818 100644 --- a/sysdeps/unix/sysv/linux/x86_64/x32/ld.abilist +++ b/sysdeps/unix/sysv/linux/x86_64/x32/ld.abilist @@ -2,4 +2,5 @@ GLIBC_2.16 __libc_stack_end D 0x4 GLIBC_2.16 __tls_get_addr F GLIBC_2.16 _dl_mcount F GLIBC_2.16 _r_debug D 0x14 +GLIBC_2.33 __stack_chk_guard D 0x4 GLIBC_2.33 __x86_get_cpu_features F diff --git a/sysdeps/x86_64/nptl/tls.h b/sysdeps/x86_64/nptl/tls.h index 20f0958780..064927b210 100644 --- a/sysdeps/x86_64/nptl/tls.h +++ b/sysdeps/x86_64/nptl/tls.h @@ -94,6 +94,13 @@ _Static_assert (offsetof (tcbhead_t, __glibc_unused2) == 0x80, /* Alignment requirement for the stack. */ #define STACK_ALIGN 16 +/* Set the stack guard field in TCB head. Used by elf/Versions. */ +# define THREAD_SET_STACK_GUARD(value) \ + THREAD_SETMEM (THREAD_SELF, header.stack_guard, value) +# define THREAD_COPY_STACK_GUARD(descr) \ + ((descr)->header.stack_guard \ + = THREAD_GETMEM (THREAD_SELF, header.stack_guard)) + #ifndef __ASSEMBLER__ /* Get system call information. */ @@ -303,14 +310,6 @@ _Static_assert (offsetof (tcbhead_t, __glibc_unused2) == 0x80, }}) -/* Set the stack guard field in TCB head. */ -# define THREAD_SET_STACK_GUARD(value) \ - THREAD_SETMEM (THREAD_SELF, header.stack_guard, value) -# define THREAD_COPY_STACK_GUARD(descr) \ - ((descr)->header.stack_guard \ - = THREAD_GETMEM (THREAD_SELF, header.stack_guard)) - - /* Set the pointer guard field in the TCB head. */ # define THREAD_SET_POINTER_GUARD(value) \ THREAD_SETMEM (THREAD_SELF, header.pointer_guard, value) |