summaryrefslogtreecommitdiff
path: root/arch
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2011-08-23 09:37:39 -0400
committerRich Felker <dalias@aerifal.cx>2011-08-23 09:37:39 -0400
commitdf0b5a49406763aa4719dfad561a5de8924ecd59 (patch)
tree0d5dc42698f2b710dd27156554b10230ba21256b /arch
parentc0f344160d22d889460573d003cf349626a38184 (diff)
downloadmusl-df0b5a49406763aa4719dfad561a5de8924ecd59.tar.gz
musl-df0b5a49406763aa4719dfad561a5de8924ecd59.tar.bz2
musl-df0b5a49406763aa4719dfad561a5de8924ecd59.tar.xz
musl-df0b5a49406763aa4719dfad561a5de8924ecd59.zip
security hardening: ensure suid programs have valid stdin/out/err
this behavior (opening fds 0-2 for a suid program) is explicitly allowed (but not required) by POSIX to protect badly-written suid programs from clobbering files they later open. this commit does add some cost in startup code, but the availability of auxv and the security flag will be useful elsewhere in the future. in particular auxv is needed for static-linked vdso support, which is still waiting to be committed (sorry nik!)
Diffstat (limited to 'arch')
-rw-r--r--arch/i386/atomic.h5
-rw-r--r--arch/x86_64/atomic.h5
2 files changed, 10 insertions, 0 deletions
diff --git a/arch/i386/atomic.h b/arch/i386/atomic.h
index 66059af9..77b0b3b7 100644
--- a/arch/i386/atomic.h
+++ b/arch/i386/atomic.h
@@ -119,5 +119,10 @@ static inline void a_spin()
__asm__ __volatile__( "pause" : : : "memory" );
}
+static inline void a_crash()
+{
+ __asm__ __volatile__( "hlt" : : : "memory" );
+}
+
#endif
diff --git a/arch/x86_64/atomic.h b/arch/x86_64/atomic.h
index 3235db16..0d3da6f8 100644
--- a/arch/x86_64/atomic.h
+++ b/arch/x86_64/atomic.h
@@ -118,5 +118,10 @@ static inline void a_spin()
__asm__ __volatile__( "pause" : : : "memory" );
}
+static inline void a_crash()
+{
+ __asm__ __volatile__( "hlt" : : : "memory" );
+}
+
#endif