1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
|
diff --git a/csu/libc-start.c b/csu/libc-start.c
index 194db6b1ec..f85ec9604e 100644
--- a/csu/libc-start.c
+++ b/csu/libc-start.c
@@ -151,8 +151,8 @@ LIBC_START_MAIN (int (*main) (int, char **, char ** MAIN_AUXVEC_DECL),
# ifndef SHARED
/* Set up the stack checker's canary. */
- uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
-# ifdef THREAD_SET_STACK_GUARD
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
+# ifdef THREAD_SET_STACK_GUARD
THREAD_SET_STACK_GUARD (stack_chk_guard);
# else
__stack_chk_guard = stack_chk_guard;
diff --git a/elf/dl-support.c b/elf/dl-support.c
index 4b7be6bc27..f62867abf1 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -84,6 +84,9 @@ struct r_scope_elem _dl_initial_searchlist;
int _dl_starting_up = 1;
#endif
+/* Random data provided by the kernel. */
+void *_dl_random;
+
/* Get architecture specific initializer. */
#include <dl-procinfo.c>
@@ -218,6 +221,9 @@ _dl_aux_init (ElfW(auxv_t) *av)
__libc_enable_secure = av->a_un.a_val;
__libc_enable_secure_decided = 1;
break;
+ case AT_RANDOM:
+ _dl_random = (void *) av->a_un.a_val;
+ break;
}
if (seen == 0xf)
{
diff --git a/elf/dl-sysdep.c b/elf/dl-sysdep.c
index 68e08f480a..133ba0d29f 100644
--- a/elf/dl-sysdep.c
+++ b/elf/dl-sysdep.c
@@ -62,6 +62,7 @@ int __libc_multiple_libcs = 0; /* Defining this here avoids the inclusion
void *__libc_stack_end attribute_relro = NULL;
rtld_hidden_data_def(__libc_stack_end)
static ElfW(auxv_t) *_dl_auxv attribute_relro;
+void *_dl_random attribute_relro = NULL;
#ifndef DL_FIND_ARG_COMPONENTS
# define DL_FIND_ARG_COMPONENTS(cookie, argc, argv, envp, auxp) \
@@ -173,6 +174,9 @@ _dl_sysdep_start (void **start_argptr,
GLRO(dl_sysinfo_dso) = (void *) av->a_un.a_val;
break;
#endif
+ case AT_RANDOM:
+ _dl_random = (void *) av->a_un.a_val;
+ break;
#ifdef DL_PLATFORM_AUXV
DL_PLATFORM_AUXV
#endif
@@ -293,6 +297,7 @@ _dl_show_auxv (void)
[AT_SECURE - 2] = { "AT_SECURE: ", dec },
[AT_SYSINFO - 2] = { "AT_SYSINFO: 0x", hex },
[AT_SYSINFO_EHDR - 2] = { "AT_SYSINFO_EHDR: 0x", hex },
+ [AT_RANDOM - 2] = { "AT_RANDOM: 0x", hex },
};
unsigned int idx = (unsigned int) (av->a_type - 2);
diff --git a/elf/rtld.c b/elf/rtld.c
index a357a46987..a02a319677 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -1837,7 +1837,7 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n",
#endif
/* Set up the stack checker's canary. */
- uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (_dl_random);
#ifdef THREAD_SET_STACK_GUARD
THREAD_SET_STACK_GUARD (stack_chk_guard);
#else
diff --git a/sysdeps/generic/dl-osinfo.h b/sysdeps/generic/dl-osinfo.h
index 60b84a900d..02ec28d424 100644
--- a/sysdeps/generic/dl-osinfo.h
+++ b/sysdeps/generic/dl-osinfo.h
@@ -1,12 +1,29 @@
#include <stdint.h>
static inline uintptr_t __attribute__ ((always_inline))
-_dl_setup_stack_chk_guard (void)
+_dl_setup_stack_chk_guard (void *dl_random)
{
- uintptr_t ret = 0;
- unsigned char *p = (unsigned char *) &ret;
- p[sizeof (ret) - 1] = 255;
- p[sizeof (ret) - 2] = '\n';
- p[0] = 0;
+ uintptr_t ret;
+ if (dl_random == NULL)
+ {
+ ret = 0;
+ unsigned char *p = (unsigned char *) &ret;
+ p[sizeof (ret) - 1] = 255;
+ p[sizeof (ret) - 2] = '\n';
+ p[0] = 0;
+ }
+ else
+ memcmp (&ret, dl_random, sizeof (ret));
+ return ret;
+}
+
+static inline uintptr_t __attribute__ ((always_inline))
+_dl_setup_pointer_guard (void *dl_random, uintptr_t stack_chk_guard)
+{
+ uintptr_t ret;
+ if (dl_random == NULL)
+ ret = stack_chk_guard;
+ else
+ memcmp (&ret, (char *) dl_random + sizeof (ret), sizeof (ret));
return ret;
}
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index eee6141c6a..54789c0639 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -740,6 +740,9 @@ weak_extern (_dl_starting_up)
extern int _dl_starting_up_internal attribute_hidden;
#endif
+/* Random data provided by the kernel. */
+extern void *_dl_random attribute_hidden;
+
/* OS-dependent function to open the zero-fill device. */
extern int _dl_sysdep_open_zero_fill (void); /* dl-sysdep.c */
diff --git a/sysdeps/unix/sysv/linux/dl-osinfo.h b/sysdeps/unix/sysv/linux/dl-osinfo.h
index 0738501a56..d796651ff4 100644
--- a/sysdeps/unix/sysv/linux/dl-osinfo.h
+++ b/sysdeps/unix/sysv/linux/dl-osinfo.h
@@ -159,22 +159,20 @@ _dl_discover_osversion (void)
} while (0)
static inline uintptr_t __attribute__ ((always_inline))
-_dl_setup_stack_chk_guard (void)
+_dl_setup_stack_chk_guard (void *dl_random)
{
uintptr_t ret;
-#ifdef ENABLE_STACKGUARD_RANDOMIZE
- int fd = __open ("/dev/urandom", O_RDONLY);
- if (fd >= 0)
- {
- ssize_t reslen = __read (fd, &ret, sizeof (ret));
- __close (fd);
- if (reslen == (ssize_t) sizeof (ret))
- return ret;
- }
-#endif
- ret = 0;
- unsigned char *p = (unsigned char *) &ret;
- p[sizeof (ret) - 1] = 255;
- p[sizeof (ret) - 2] = '\n';
+ /* We need in the moment only 8 bytes on 32-bit platforms and 16
+ bytes on 64-bit platforms. Therefore we can use the data
+ directly and not use the kernel-provided data to seed a PRNG. */
+ memcpy (&ret, dl_random, sizeof (ret));
+ return ret;
+}
+
+static inline uintptr_t __attribute__ ((always_inline))
+_dl_setup_pointer_guard (void *dl_random, uintptr_t stack_chk_guard)
+{
+ uintptr_t ret;
+ memcpy (&ret, (char *) dl_random + sizeof (ret), sizeof (ret));
return ret;
}
|
