
This resolves an interesting circular dependency between gcc and glibc: 1. glibc < 2.17 depends on libgcc.a and libgcc_eh.a 2. libgcc_eh.a is only built when gcc is configured with --enable-shared 3. but building shared libraries requires crt*.o and libc.so Backport AT_RANDOM auxval changes to avoid dealing with wrong inline assembly (fallback code fails on ubuntu 23.04)
175 lines
5.5 KiB
Diff
175 lines
5.5 KiB
Diff
diff --git a/csu/libc-start.c b/csu/libc-start.c
|
|
index a14ed71616..8b3f436f46 100644
|
|
--- a/csu/libc-start.c
|
|
+++ b/csu/libc-start.c
|
|
@@ -140,7 +140,7 @@ LIBC_START_MAIN (int (*main) (int, char **, char ** MAIN_AUXVEC_DECL),
|
|
__pthread_initialize_minimal ();
|
|
|
|
/* Set up the stack checker's canary. */
|
|
- uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
|
|
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
|
|
# ifdef THREAD_SET_STACK_GUARD
|
|
THREAD_SET_STACK_GUARD (stack_chk_guard);
|
|
# else
|
|
diff --git a/elf/dl-support.c b/elf/dl-support.c
|
|
index 2c11ac6881..321ed07a18 100644
|
|
--- a/elf/dl-support.c
|
|
+++ b/elf/dl-support.c
|
|
@@ -84,6 +84,9 @@ struct r_scope_elem _dl_initial_searchlist;
|
|
int _dl_starting_up = 1;
|
|
#endif
|
|
|
|
+/* Random data provided by the kernel. */
|
|
+void *_dl_random;
|
|
+
|
|
/* Get architecture specific initializer. */
|
|
#include <dl-procinfo.c>
|
|
|
|
@@ -216,6 +219,9 @@ _dl_aux_init (ElfW(auxv_t) *av)
|
|
__libc_enable_secure = av->a_un.a_val;
|
|
__libc_enable_secure_decided = 1;
|
|
break;
|
|
+ case AT_RANDOM:
|
|
+ _dl_random = (void *) av->a_un.a_val;
|
|
+ break;
|
|
# ifdef DL_PLATFORM_AUXV
|
|
DL_PLATFORM_AUXV
|
|
# endif
|
|
diff --git a/elf/dl-sysdep.c b/elf/dl-sysdep.c
|
|
index 85e331a90f..6ce20b5150 100644
|
|
--- a/elf/dl-sysdep.c
|
|
+++ b/elf/dl-sysdep.c
|
|
@@ -62,6 +62,7 @@ int __libc_multiple_libcs = 0; /* Defining this here avoids the inclusion
|
|
void *__libc_stack_end attribute_relro = NULL;
|
|
rtld_hidden_data_def(__libc_stack_end)
|
|
static ElfW(auxv_t) *_dl_auxv attribute_relro;
|
|
+void *_dl_random attribute_relro = NULL;
|
|
|
|
#ifndef DL_FIND_ARG_COMPONENTS
|
|
# define DL_FIND_ARG_COMPONENTS(cookie, argc, argv, envp, auxp) \
|
|
@@ -173,6 +174,9 @@ _dl_sysdep_start (void **start_argptr,
|
|
GLRO(dl_sysinfo_dso) = (void *) av->a_un.a_val;
|
|
break;
|
|
#endif
|
|
+ case AT_RANDOM:
|
|
+ _dl_random = (void *) av->a_un.a_val;
|
|
+ break;
|
|
#ifdef DL_PLATFORM_AUXV
|
|
DL_PLATFORM_AUXV
|
|
#endif
|
|
@@ -293,6 +297,7 @@ _dl_show_auxv (void)
|
|
[AT_SECURE - 2] = { "AT_SECURE: ", dec },
|
|
[AT_SYSINFO - 2] = { "AT_SYSINFO: 0x", hex },
|
|
[AT_SYSINFO_EHDR - 2] = { "AT_SYSINFO_EHDR: 0x", hex },
|
|
+ [AT_RANDOM - 2] = { "AT_RANDOM: 0x", hex },
|
|
};
|
|
unsigned int idx = (unsigned int) (av->a_type - 2);
|
|
|
|
diff --git a/elf/rtld.c b/elf/rtld.c
|
|
index 7612a69324..e77ac43713 100644
|
|
--- a/elf/rtld.c
|
|
+++ b/elf/rtld.c
|
|
@@ -1816,7 +1816,7 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n",
|
|
tcbp = init_tls ();
|
|
|
|
/* Set up the stack checker's canary. */
|
|
- uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
|
|
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
|
|
#ifdef THREAD_SET_STACK_GUARD
|
|
THREAD_SET_STACK_GUARD (stack_chk_guard);
|
|
#else
|
|
diff --git a/sysdeps/generic/dl-osinfo.h b/sysdeps/generic/dl-osinfo.h
|
|
index 60b84a900d..02ec28d424 100644
|
|
--- a/sysdeps/generic/dl-osinfo.h
|
|
+++ b/sysdeps/generic/dl-osinfo.h
|
|
@@ -1,12 +1,29 @@
|
|
#include <stdint.h>
|
|
|
|
static inline uintptr_t __attribute__ ((always_inline))
|
|
-_dl_setup_stack_chk_guard (void)
|
|
+_dl_setup_stack_chk_guard (void *dl_random)
|
|
{
|
|
- uintptr_t ret = 0;
|
|
- unsigned char *p = (unsigned char *) &ret;
|
|
- p[sizeof (ret) - 1] = 255;
|
|
- p[sizeof (ret) - 2] = '\n';
|
|
- p[0] = 0;
|
|
+ uintptr_t ret;
|
|
+ if (dl_random == NULL)
|
|
+ {
|
|
+ ret = 0;
|
|
+ unsigned char *p = (unsigned char *) &ret;
|
|
+ p[sizeof (ret) - 1] = 255;
|
|
+ p[sizeof (ret) - 2] = '\n';
|
|
+ p[0] = 0;
|
|
+ }
|
|
+ else
|
|
+ memcmp (&ret, dl_random, sizeof (ret));
|
|
+ return ret;
|
|
+}
|
|
+
|
|
+static inline uintptr_t __attribute__ ((always_inline))
|
|
+_dl_setup_pointer_guard (void *dl_random, uintptr_t stack_chk_guard)
|
|
+{
|
|
+ uintptr_t ret;
|
|
+ if (dl_random == NULL)
|
|
+ ret = stack_chk_guard;
|
|
+ else
|
|
+ memcmp (&ret, (char *) dl_random + sizeof (ret), sizeof (ret));
|
|
return ret;
|
|
}
|
|
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
|
|
index 958a099b82..c4d2874085 100644
|
|
--- a/sysdeps/generic/ldsodefs.h
|
|
+++ b/sysdeps/generic/ldsodefs.h
|
|
@@ -726,6 +726,9 @@ weak_extern (_dl_starting_up)
|
|
extern int _dl_starting_up_internal attribute_hidden;
|
|
#endif
|
|
|
|
+/* Random data provided by the kernel. */
|
|
+extern void *_dl_random attribute_hidden;
|
|
+
|
|
/* OS-dependent function to open the zero-fill device. */
|
|
extern int _dl_sysdep_open_zero_fill (void); /* dl-sysdep.c */
|
|
|
|
diff --git a/sysdeps/unix/sysv/linux/dl-osinfo.h b/sysdeps/unix/sysv/linux/dl-osinfo.h
|
|
index 082790f63b..d90f228942 100644
|
|
--- a/sysdeps/unix/sysv/linux/dl-osinfo.h
|
|
+++ b/sysdeps/unix/sysv/linux/dl-osinfo.h
|
|
@@ -154,22 +154,20 @@ _dl_discover_osversion (void)
|
|
} while (0)
|
|
|
|
static inline uintptr_t __attribute__ ((always_inline))
|
|
-_dl_setup_stack_chk_guard (void)
|
|
+_dl_setup_stack_chk_guard (void *dl_random)
|
|
{
|
|
uintptr_t ret;
|
|
-#ifdef ENABLE_STACKGUARD_RANDOMIZE
|
|
- int fd = __open ("/dev/urandom", O_RDONLY);
|
|
- if (fd >= 0)
|
|
- {
|
|
- ssize_t reslen = __read (fd, &ret, sizeof (ret));
|
|
- __close (fd);
|
|
- if (reslen == (ssize_t) sizeof (ret))
|
|
- return ret;
|
|
- }
|
|
-#endif
|
|
- ret = 0;
|
|
- unsigned char *p = (unsigned char *) &ret;
|
|
- p[sizeof (ret) - 1] = 255;
|
|
- p[sizeof (ret) - 2] = '\n';
|
|
+ /* We need in the moment only 8 bytes on 32-bit platforms and 16
|
|
+ bytes on 64-bit platforms. Therefore we can use the data
|
|
+ directly and not use the kernel-provided data to seed a PRNG. */
|
|
+ memcpy (&ret, dl_random, sizeof (ret));
|
|
+ return ret;
|
|
+}
|
|
+
|
|
+static inline uintptr_t __attribute__ ((always_inline))
|
|
+_dl_setup_pointer_guard (void *dl_random, uintptr_t stack_chk_guard)
|
|
+{
|
|
+ uintptr_t ret;
|
|
+ memcpy (&ret, (char *) dl_random + sizeof (ret), sizeof (ret));
|
|
return ret;
|
|
}
|