about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog20
-rw-r--r--elf/dl-support.c8
-rw-r--r--elf/dl-sysdep.c7
-rw-r--r--elf/rtld.c18
-rw-r--r--sysdeps/generic/dl-osinfo.h29
-rw-r--r--sysdeps/generic/ldsodefs.h5
-rw-r--r--sysdeps/unix/sysv/linux/dl-osinfo.h56
7 files changed, 112 insertions, 31 deletions
diff --git a/ChangeLog b/ChangeLog
index 19427d8f42..f8a5cde3ef 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,23 @@
+2009-01-10  Ulrich Drepper  <drepper@redhat.com>
+
+	* sysdeps/generic/dl-osinfo.h (_dl_setup_stack_chk_guard): Take
+	one parameter.  If non-NULL use it to initialize return value.
+	(_dl_setup_pointer_guard): New function.
+	* sysdeps/unix/sysv/linux/dl-osinfo.h: Likewise.
+	* sysdeps/generic/ldsodefs.h: Declare _dl_random.
+	* elf/rtld.c (security_init): Pass _dl_random to
+	_dl_setup_stack_chk_guard.  Call _dl_setup_pointer_guard to initialize
+	pointer_chk_guard.
+	* elf/dl-sysdep.c (_dl_random): New variable.
+	(_dl_sysdep_start): Handle AT_RANDOM.
+	(_dl_show_auxv): Likewise.
+	* elf/dl-support.c (_dl_random): New variable.
+	(_dl_aux_init): Handle AT_RANDOM.
+	* csu/libc-start.c [!SHARED] (libc_start_main): Pass _dl_random
+	to _dl_setup_stack_chk_guard.
+
+	* elf/elf.h (AT_RANDOM): Define AT_BASE_PLATFORM and AT_RANDOM.
+
 2009-01-10  Roland McGrath  <roland@redhat.com>
 
 	* nscd/nscd.c (parse_opt): Use argp_error for bad -i argument.
diff --git a/elf/dl-support.c b/elf/dl-support.c
index 6bd573ec57..59a8dd9b97 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -1,5 +1,5 @@
 /* Support for dynamic linking code in static libc.
-   Copyright (C) 1996-2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+   Copyright (C) 1996-2008, 2009 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -84,6 +84,9 @@ struct r_scope_elem _dl_initial_searchlist;
 int _dl_starting_up = 1;
 #endif
 
+/* Random data provided by the kernel.  */
+void *_dl_random;
+
 /* Get architecture specific initializer.  */
 #include <dl-procinfo.c>
 
@@ -216,6 +219,9 @@ _dl_aux_init (ElfW(auxv_t) *av)
 	__libc_enable_secure = av->a_un.a_val;
 	__libc_enable_secure_decided = 1;
 	break;
+      case AT_RANDOM:
+	_dl_random = (void *) av->a_un.a_val;
+	break;
 # ifdef DL_PLATFORM_AUXV
       DL_PLATFORM_AUXV
 # endif
diff --git a/elf/dl-sysdep.c b/elf/dl-sysdep.c
index e6f4272a63..a44bee7086 100644
--- a/elf/dl-sysdep.c
+++ b/elf/dl-sysdep.c
@@ -1,5 +1,5 @@
 /* Operating system support for run-time dynamic linker.  Generic Unix version.
-   Copyright (C) 1995-1998, 2000-2007, 2008 Free Software Foundation, Inc.
+   Copyright (C) 1995-1998, 2000-2008, 2009 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -62,6 +62,7 @@ int __libc_multiple_libcs = 0;	/* Defining this here avoids the inclusion
 void *__libc_stack_end attribute_relro = NULL;
 rtld_hidden_data_def(__libc_stack_end)
 static ElfW(auxv_t) *_dl_auxv attribute_relro;
+void *_dl_random attribute_relro = NULL;
 
 #ifndef DL_FIND_ARG_COMPONENTS
 # define DL_FIND_ARG_COMPONENTS(cookie, argc, argv, envp, auxp)	\
@@ -173,6 +174,9 @@ _dl_sysdep_start (void **start_argptr,
 	GLRO(dl_sysinfo_dso) = (void *) av->a_un.a_val;
 	break;
 #endif
+      case AT_RANDOM:
+	_dl_random = (void *) av->a_un.a_val;
+	break;
 #ifdef DL_PLATFORM_AUXV
       DL_PLATFORM_AUXV
 #endif
@@ -294,6 +298,7 @@ _dl_show_auxv (void)
 	  [AT_SECURE - 2] =		{ "AT_SECURE:       ", dec },
 	  [AT_SYSINFO - 2] =		{ "AT_SYSINFO:      0x", hex },
 	  [AT_SYSINFO_EHDR - 2] =	{ "AT_SYSINFO_EHDR: 0x", hex },
+	  [AT_RANDOM - 2] =		{ "AT_RANDOM:       0x", hex },
 	};
       unsigned int idx = (unsigned int) (av->a_type - 2);
 
diff --git a/elf/rtld.c b/elf/rtld.c
index 46bece7fa3..aa4c030f73 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -1,5 +1,5 @@
 /* Run time dynamic linker.
-   Copyright (C) 1995-2006, 2007, 2008 Free Software Foundation, Inc.
+   Copyright (C) 1995-2006, 2007, 2008, 2009 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -841,7 +841,7 @@ static void
 security_init (void)
 {
   /* Set up the stack checker's canary.  */
-  uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
+  uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
 #ifdef THREAD_SET_STACK_GUARD
   THREAD_SET_STACK_GUARD (stack_chk_guard);
 #else
@@ -851,18 +851,18 @@ security_init (void)
   /* Set up the pointer guard as well, if necessary.  */
   if (GLRO(dl_pointer_guard))
     {
-      // XXX If it is cheap, we should use a separate value.
-      uintptr_t pointer_chk_guard = stack_chk_guard;
-#ifndef HP_TIMING_NONAVAIL
-      hp_timing_t now;
-      HP_TIMING_NOW (now);
-      pointer_chk_guard ^= now;
-#endif
+      uintptr_t pointer_chk_guard = _dl_setup_pointer_guard (_dl_random,
+							     stack_chk_guard);
 #ifdef THREAD_SET_POINTER_GUARD
       THREAD_SET_POINTER_GUARD (pointer_chk_guard);
 #endif
       __pointer_chk_guard_local = pointer_chk_guard;
     }
+
+  /* We do not need the _dl_random value anymore.  The less
+     information we leave behind, the better, so clear the
+     variable.  */
+  _dl_random = NULL;
 }
 
 
diff --git a/sysdeps/generic/dl-osinfo.h b/sysdeps/generic/dl-osinfo.h
index 60b84a900d..02ec28d424 100644
--- a/sysdeps/generic/dl-osinfo.h
+++ b/sysdeps/generic/dl-osinfo.h
@@ -1,12 +1,29 @@
 #include <stdint.h>
 
 static inline uintptr_t __attribute__ ((always_inline))
-_dl_setup_stack_chk_guard (void)
+_dl_setup_stack_chk_guard (void *dl_random)
 {
-  uintptr_t ret = 0;
-  unsigned char *p = (unsigned char *) &ret;
-  p[sizeof (ret) - 1] = 255;
-  p[sizeof (ret) - 2] = '\n';
-  p[0] = 0;
+  uintptr_t ret;
+  if (dl_random == NULL)
+    {
+      ret = 0;
+      unsigned char *p = (unsigned char *) &ret;
+      p[sizeof (ret) - 1] = 255;
+      p[sizeof (ret) - 2] = '\n';
+      p[0] = 0;
+    }
+  else
+    memcmp (&ret, dl_random, sizeof (ret));
+  return ret;
+}
+
+static inline uintptr_t __attribute__ ((always_inline))
+_dl_setup_pointer_guard (void *dl_random, uintptr_t stack_chk_guard)
+{
+  uintptr_t ret;
+  if (dl_random == NULL)
+    ret = stack_chk_guard;
+  else
+    memcmp (&ret, (char *) dl_random + sizeof (ret), sizeof (ret));
   return ret;
 }
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index 4d857404a3..e00b173f49 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -1,5 +1,5 @@
 /* Run-time dynamic linker data structures for loaded ELF shared objects.
-   Copyright (C) 1995-2006, 2007, 2008 Free Software Foundation, Inc.
+   Copyright (C) 1995-2006, 2007, 2008, 2009 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -731,6 +731,9 @@ weak_extern (_dl_starting_up)
 extern int _dl_starting_up_internal attribute_hidden;
 #endif
 
+/* Random data provided by the kernel.  */
+extern void *_dl_random attribute_hidden;
+
 /* OS-dependent function to open the zero-fill device.  */
 extern int _dl_sysdep_open_zero_fill (void); /* dl-sysdep.c */
 
diff --git a/sysdeps/unix/sysv/linux/dl-osinfo.h b/sysdeps/unix/sysv/linux/dl-osinfo.h
index 5271d4e4de..415002b1b2 100644
--- a/sysdeps/unix/sysv/linux/dl-osinfo.h
+++ b/sysdeps/unix/sysv/linux/dl-osinfo.h
@@ -1,5 +1,5 @@
 /* Operating system specific code for generic dynamic loader functions.  Linux.
-   Copyright (C) 2000-2002,2004-2007,2008 Free Software Foundation, Inc.
+   Copyright (C) 2000-2002,2004-2008, 2009 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -60,22 +60,52 @@ dl_fatal (const char *str)
   } while (0)
 
 static inline uintptr_t __attribute__ ((always_inline))
-_dl_setup_stack_chk_guard (void)
+_dl_setup_stack_chk_guard (void *dl_random)
 {
   uintptr_t ret;
-#ifdef ENABLE_STACKGUARD_RANDOMIZE
-  int fd = __open ("/dev/urandom", O_RDONLY);
-  if (fd >= 0)
+#ifndef __ASSUME_AT_RANDOM
+  if (__builtin_expect (dl_random == NULL, 0))
     {
-      ssize_t reslen = __read (fd, &ret, sizeof (ret));
-      __close (fd);
-      if (reslen == (ssize_t) sizeof (ret))
-	return ret;
+# ifdef ENABLE_STACKGUARD_RANDOMIZE
+      int fd = __open ("/dev/urandom", O_RDONLY);
+      if (fd >= 0)
+	{
+	  ssize_t reslen = __read (fd, &ret, sizeof (ret));
+	  __close (fd);
+	  if (reslen == (ssize_t) sizeof (ret))
+	    return ret;
+	}
+# endif
+      ret = 0;
+      unsigned char *p = (unsigned char *) &ret;
+      p[sizeof (ret) - 1] = 255;
+      p[sizeof (ret) - 2] = '\n';
     }
+  else
 #endif
-  ret = 0;
-  unsigned char *p = (unsigned char *) &ret;
-  p[sizeof (ret) - 1] = 255;
-  p[sizeof (ret) - 2] = '\n';
+    /* We need in the moment only 8 bytes on 32-bit platforms and 16
+       bytes on 64-bit platforms.  Therefore we can use the data
+       directly and not use the kernel-provided data to seed a PRNG.  */
+    memcpy (&ret, dl_random, sizeof (ret));
+  return ret;
+}
+
+static inline uintptr_t __attribute__ ((always_inline))
+_dl_setup_pointer_guard (void *dl_random, uintptr_t stack_chk_guard)
+{
+  uintptr_t ret;
+#ifndef __ASSUME_AT_RANDOM
+  if (dl_random == NULL)
+    {
+      ret = stack_chk_guard;
+# ifndef HP_TIMING_NONAVAIL
+      hp_timing_t now;
+      HP_TIMING_NOW (now);
+      ret ^= now;
+# endif
+    }
+  else
+#endif
+    memcpy (&ret, (char *) dl_random + sizeof (ret), sizeof (ret));
   return ret;
 }