diff options
author | Rich Felker <dalias@aerifal.cx> | 2012-04-24 18:07:59 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2012-04-24 18:07:59 -0400 |
commit | 60872cf9c93687e771c1b8bc41bb006bdcdc2e45 (patch) | |
tree | 5a90330df6f08de109d0f4f58347dbec642cbff6 /src | |
parent | 848d30a1e5f75988be4b291a431713e78ae09f79 (diff) | |
download | musl-60872cf9c93687e771c1b8bc41bb006bdcdc2e45.tar.gz musl-60872cf9c93687e771c1b8bc41bb006bdcdc2e45.tar.xz musl-60872cf9c93687e771c1b8bc41bb006bdcdc2e45.zip |
first attempt at enabling stack protector support
the code is written to pre-init the thread pointer in static linked programs that pull in __stack_chk_fail or dynamic-linked programs that lookup the symbol. no explicit canary is set; the canary will be whatever happens to be in the thread structure at the offset gcc hard-coded. this can be improved later.
Diffstat (limited to 'src')
-rw-r--r-- | src/env/__init_security.c | 7 | ||||
-rw-r--r-- | src/env/__stack_chk_fail.c | 14 | ||||
-rw-r--r-- | src/ldso/dynlink.c | 7 |
3 files changed, 28 insertions, 0 deletions
diff --git a/src/env/__init_security.c b/src/env/__init_security.c index 5fd12ecb..6893a252 100644 --- a/src/env/__init_security.c +++ b/src/env/__init_security.c @@ -8,11 +8,18 @@ #define AUX_CNT 24 +void dummy(void) +{ +} +weak_alias(dummy, __init_ssp); + void __init_security(size_t *auxv) { size_t i, aux[AUX_CNT] = { 0 }; struct pollfd pfd[3] = { {.fd=0}, {.fd=1}, {.fd=2} }; + __init_ssp(); + for (; auxv[0]; auxv+=2) if (auxv[0]<AUX_CNT) aux[auxv[0]] = auxv[1]; if (aux[AT_UID]==aux[AT_EUID] && aux[AT_GID]==aux[AT_EGID] && !aux[AT_SECURE]) return; diff --git a/src/env/__stack_chk_fail.c b/src/env/__stack_chk_fail.c new file mode 100644 index 00000000..bbba3511 --- /dev/null +++ b/src/env/__stack_chk_fail.c @@ -0,0 +1,14 @@ +#include "pthread_impl.h" +#include "atomic.h" + +void __init_ssp(void) +{ +#ifndef __PIC__ + __pthread_self_init(); +#endif +} + +void __stack_chk_fail(void) +{ + a_crash(); +} diff --git a/src/ldso/dynlink.c b/src/ldso/dynlink.c index 0533bbb2..d04bef62 100644 --- a/src/ldso/dynlink.c +++ b/src/ldso/dynlink.c @@ -59,9 +59,13 @@ struct dso char buf[]; }; +struct __pthread; +struct __pthread *__pthread_self_init(void); + static struct dso *head, *tail, *libc; static char *env_path, *sys_path, *r_path; static int rtld_used; +static int ssp_used; static int runtime; static jmp_buf rtld_fail; static pthread_rwlock_t lock; @@ -108,6 +112,7 @@ static void *find_sym(struct dso *dso, const char *s, int need_def) void *def = 0; if (h==0x6b366be && !strcmp(s, "dlopen")) rtld_used = 1; if (h==0x6b3afd && !strcmp(s, "dlsym")) rtld_used = 1; + if (h==0x595a4cc && !strcmp(s, "__stack_chk_fail")) ssp_used = 1; for (; dso; dso=dso->next) { Sym *sym; if (!dso->global) continue; @@ -611,6 +616,8 @@ void *__dynlink(int argc, char **argv) reclaim((void *)builtin_dsos, 0, sizeof builtin_dsos); } + if (ssp_used) __pthread_self_init(); + errno = 0; return (void *)aux[AT_ENTRY]; } |