diff options
author | Timo Teräs <timo.teras@iki.fi> | 2014-03-25 21:50:15 +0200 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2014-03-25 19:12:45 -0400 |
commit | 2b74315d8a31ad8fbcd369116c82e055e0ec3fb7 (patch) | |
tree | 38c6947cf66ea892c50129dc5f5090ccd4ac22cb | |
parent | 436d3723afcb1ee40eb849d56fd0472d83dd598c (diff) | |
download | musl-2b74315d8a31ad8fbcd369116c82e055e0ec3fb7.tar.gz musl-2b74315d8a31ad8fbcd369116c82e055e0ec3fb7.tar.bz2 musl-2b74315d8a31ad8fbcd369116c82e055e0ec3fb7.tar.xz musl-2b74315d8a31ad8fbcd369116c82e055e0ec3fb7.zip |
remove lazy ssp initialization
now that thread pointer is initialized always, ssp canary
initialization can be done unconditionally. this simplifies
the ldso as it does not try to detect ssp usage, and the
init function itself as it is always called exactly once.
this also merges ssp init path for shared and static linking.
-rw-r--r-- | src/env/__init_security.c | 2 | ||||
-rw-r--r-- | src/env/__stack_chk_fail.c | 18 | ||||
-rw-r--r-- | src/ldso/dynlink.c | 13 |
3 files changed, 5 insertions, 28 deletions
diff --git a/src/env/__init_security.c b/src/env/__init_security.c index 6204c5e1..da5ae948 100644 --- a/src/env/__init_security.c +++ b/src/env/__init_security.c @@ -15,9 +15,7 @@ void __init_security(size_t *aux) struct pollfd pfd[3] = { {.fd=0}, {.fd=1}, {.fd=2} }; int i; -#ifndef SHARED __init_ssp((void *)aux[AT_RANDOM]); -#endif if (aux[AT_UID]==aux[AT_EUID] && aux[AT_GID]==aux[AT_EGID] && !aux[AT_SECURE]) return; diff --git a/src/env/__stack_chk_fail.c b/src/env/__stack_chk_fail.c index 00634d38..87ac473d 100644 --- a/src/env/__stack_chk_fail.c +++ b/src/env/__stack_chk_fail.c @@ -1,24 +1,16 @@ #include <string.h> #include <stdint.h> #include "pthread_impl.h" -#include "atomic.h" uintptr_t __stack_chk_guard; void __init_ssp(void *entropy) { - /* Here the thread pointer is used without checking whether - * it is available; this will crash if it's not. However, - * this function is only meant to be called if the program - * being run uses stack protector, and in that case, it would - * crash without a thread pointer anyway, so it's better to - * crash early before there is state to be lost on crash. */ - pthread_t self = __pthread_self(); - uintptr_t canary; - if (entropy) memcpy(&canary, entropy, sizeof canary); - else canary = (uintptr_t)&canary * 1103515245; - a_cas_l(&__stack_chk_guard, 0, canary); - self->canary = __stack_chk_guard; + if (entropy) memcpy(&__stack_chk_guard, entropy, sizeof(uintptr_t)); + else __stack_chk_guard = (uintptr_t)&__stack_chk_guard * 1103515245; + + if (libc.has_thread_pointer) + __pthread_self()->canary = __stack_chk_guard; } void __stack_chk_fail(void) diff --git a/src/ldso/dynlink.c b/src/ldso/dynlink.c index 3622329c..1517281a 100644 --- a/src/ldso/dynlink.c +++ b/src/ldso/dynlink.c @@ -91,7 +91,6 @@ struct symdef { #include "reloc.h" -void __init_ssp(size_t *); int __init_tp(void *); void __init_libc(char **, char *); @@ -100,7 +99,6 @@ const char *__libc_get_version(void); static struct dso *head, *tail, *ldso, *fini_head; static char *env_path, *sys_path; static unsigned long long gencnt; -static int ssp_used; static int runtime; static int ldd_mode; static int ldso_fail; @@ -201,13 +199,6 @@ static struct symdef find_sym(struct dso *dso, const char *s, int need_def) { uint32_t h = 0, gh = 0; struct symdef def = {0}; - if (dso->ghashtab) { - gh = gnu_hash(s); - if (gh == 0x1f4039c9 && !strcmp(s, "__stack_chk_fail")) ssp_used = 1; - } else { - h = sysv_hash(s); - if (h == 0x595a4cc && !strcmp(s, "__stack_chk_fail")) ssp_used = 1; - } for (; dso; dso=dso->next) { Sym *sym; if (!dso->global) continue; @@ -1203,7 +1194,6 @@ void *__dynlink(int argc, char **argv) debug.state = 0; _dl_debug_state(); - if (ssp_used) __init_ssp((void *)aux[AT_RANDOM]); __init_libc(envp, argv[0]); atexit(do_fini); errno = 0; @@ -1285,9 +1275,6 @@ void *dlopen(const char *file, int mode) } update_tls_size(); - - if (ssp_used) __init_ssp(libc.auxv); - _dl_debug_state(); orig_tail = tail; end: |