Attachment #381676 for bug #477330

View | Details | Raw Unified | Return to bug 477330
Collapse All | Expand All

Lines 37-42 extern void __pthread_initialize_minimal (void); Link Here

(-)a/csu/libc-start.c (+16 lines)
37	in thread local area. */	37	in thread local area. */
38	uintptr_t __stack_chk_guard attribute_relro;	38	uintptr_t __stack_chk_guard attribute_relro;
39	# endif	39	# endif
		40	# ifndef THREAD_SET_POINTER_GUARD
		41	/* Only exported for architectures that don't store the pointer guard
		42	value in thread local area. */
		43	uintptr_t __pointer_chk_guard_local
		44	attribute_relro attribute_hidden __attribute__ ((nocommon));
		45	# endif
40	#endif	46	#endif
41		47
42	#ifdef HAVE_PTR_NTHREADS	48	#ifdef HAVE_PTR_NTHREADS
Lines 195-200 LIBC_START_MAIN (int (main) (int, char , char * MAIN_AUXVEC_DECL), Link Here
195	# else	201	# else
196	__stack_chk_guard = stack_chk_guard;	202	__stack_chk_guard = stack_chk_guard;
197	# endif	203	# endif
		204
		205	/* Set up the pointer guard value. */
		206	uintptr_t pointer_chk_guard = _dl_setup_pointer_guard (_dl_random,
		207	stack_chk_guard);
		208	# ifdef THREAD_SET_POINTER_GUARD
		209	THREAD_SET_POINTER_GUARD (pointer_chk_guard);
		210	# else
		211	__pointer_chk_guard_local = pointer_chk_guard;
		212	# endif
		213
198	#endif	214	#endif
199		215
200	/* Register the destructor of the dynamic linker if there is any. */	216	/* Register the destructor of the dynamic linker if there is any. */

Lines 121-127 endif Link Here

(-)a/elf/Makefile (-2 / +7 lines)
121	tests = tst-tls1 tst-tls2 tst-tls9 tst-leaks1 \	121	tests = tst-tls1 tst-tls2 tst-tls9 tst-leaks1 \
122	tst-array1 tst-array2 tst-array3 tst-array4 tst-array5	122	tst-array1 tst-array2 tst-array3 tst-array4 tst-array5
123	tests-static = tst-tls1-static tst-tls2-static tst-stackguard1-static \	123	tests-static = tst-tls1-static tst-tls2-static tst-stackguard1-static \
124	tst-leaks1-static tst-array1-static tst-array5-static	124	tst-leaks1-static tst-array1-static tst-array5-static \
		125	tst-ptrguard1-static
125	ifeq (yes,$(build-shared))	126	ifeq (yes,$(build-shared))
126	tests-static += tst-tls9-static	127	tests-static += tst-tls9-static
127	tst-tls9-static-ENV = \	128	tst-tls9-static-ENV = \
Lines 145-151 tests += loadtest restest1 preloadtest loadfail multiload origtest resolvfail \ Link Here
145	tst-audit1 tst-audit2 tst-audit8 \	146	tst-audit1 tst-audit2 tst-audit8 \
146	tst-stackguard1 tst-addr1 tst-thrlock \	147	tst-stackguard1 tst-addr1 tst-thrlock \
147	tst-unique1 tst-unique2 tst-unique3 tst-unique4 \	148	tst-unique1 tst-unique2 tst-unique3 tst-unique4 \
148	tst-initorder tst-initorder2 tst-relsort1 tst-null-argv	149	tst-initorder tst-initorder2 tst-relsort1 tst-null-argv \
		150	tst-ptrguard1
149	# reldep9	151	# reldep9
150	test-srcs = tst-pathopt	152	test-srcs = tst-pathopt
151	selinux-enabled := $(shell cat /selinux/enforce 2> /dev/null)	153	selinux-enabled := $(shell cat /selinux/enforce 2> /dev/null)
Lines 1016-1021 LDFLAGS-order2mod2.so = $(no-as-needed) Link Here
1016	tst-stackguard1-ARGS = --command "$(host-test-program-cmd) --child"	1018	tst-stackguard1-ARGS = --command "$(host-test-program-cmd) --child"
1017	tst-stackguard1-static-ARGS = --command "$(objpfx)tst-stackguard1-static --child"	1019	tst-stackguard1-static-ARGS = --command "$(objpfx)tst-stackguard1-static --child"
1018		1020
		1021	tst-ptrguard1-ARGS = --command "$(host-test-program-cmd) --child"
		1022	tst-ptrguard1-static-ARGS = --command "$(objpfx)tst-ptrguard1-static --child"
		1023
1019	$(objpfx)tst-leaks1: $(libdl)	1024	$(objpfx)tst-leaks1: $(libdl)
1020	$(objpfx)tst-leaks1-mem: $(objpfx)tst-leaks1.out	1025	$(objpfx)tst-leaks1-mem: $(objpfx)tst-leaks1.out
1021	$(common-objpfx)malloc/mtrace $(objpfx)tst-leaks1.mtrace > $@	1026	$(common-objpfx)malloc/mtrace $(objpfx)tst-leaks1.mtrace > $@

Line 0 Link Here

(-)a/elf/tst-ptrguard1-static.c (+1 lines)
	1	#include "tst-ptrguard1.c"




/* Copyright (C) 2013 Free Software Foundation, Inc.
   This file is part of the GNU C Library.

   The GNU C Library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 2.1 of the License, or (at your option) any later version.

   The GNU C Library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Lesser General Public License for more details.

   You should have received a copy of the GNU Lesser General Public
   License along with the GNU C Library; if not, see
   <http://www.gnu.org/licenses/>.  */

#include <errno.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/wait.h>
#include <stackguard-macros.h>
#include <tls.h>
#include <unistd.h>

#ifndef POINTER_CHK_GUARD
extern uintptr_t __pointer_chk_guard;
# define POINTER_CHK_GUARD __pointer_chk_guard
#endif

static const char *command;
static bool child;
static uintptr_t ptr_chk_guard_copy;
static bool ptr_chk_guard_copy_set;
static int fds[2];

static void __attribute__ ((constructor))
con (void)
{
  ptr_chk_guard_copy = POINTER_CHK_GUARD;
  ptr_chk_guard_copy_set = true;
}

static int
uintptr_t_cmp (const void *a, const void *b)
{
  if (*(uintptr_t *) a < *(uintptr_t *) b)
    return 1;
  if (*(uintptr_t *) a > *(uintptr_t *) b)
    return -1;
  return 0;
}

static int
do_test (void)
{
  if (!ptr_chk_guard_copy_set)
    {
      puts ("constructor has not been run");
      return 1;
    }

  if (ptr_chk_guard_copy != POINTER_CHK_GUARD)
    {
      puts ("POINTER_CHK_GUARD changed between constructor and do_test");
      return 1;
    }

  if (child)
    {
      write (2, &ptr_chk_guard_copy, sizeof (ptr_chk_guard_copy));
      return 0;
    }

  if (command == NULL)
    {
      puts ("missing --command or --child argument");
      return 1;
    }

#define N 16
  uintptr_t child_ptr_chk_guards[N + 1];
  child_ptr_chk_guards[N] = ptr_chk_guard_copy;
  int i;
  for (i = 0; i < N; ++i)
    {
      if (pipe (fds) < 0)
	{
	  printf ("couldn't create pipe: %m\n");
	  return 1;
	}

      pid_t pid = fork ();
      if (pid < 0)
	{
	  printf ("fork failed: %m\n");
	  return 1;
	}

      if (!pid)
	{
	  if (ptr_chk_guard_copy != POINTER_CHK_GUARD)
	    {
	      puts ("POINTER_CHK_GUARD changed after fork");
	      exit (1);
	    }

	  close (fds[0]);
	  close (2);
	  dup2 (fds[1], 2);
	  close (fds[1]);

	  system (command);
	  exit (0);
	}

      close (fds[1]);

      if (TEMP_FAILURE_RETRY (read (fds[0], &child_ptr_chk_guards[i],
				    sizeof (uintptr_t))) != sizeof (uintptr_t))
	{
	  puts ("could not read ptr_chk_guard value from child");
	  return 1;
	}

      close (fds[0]);

      pid_t termpid;
      int status;
      termpid = TEMP_FAILURE_RETRY (waitpid (pid, &status, 0));
      if (termpid == -1)
	{
	  printf ("waitpid failed: %m\n");
	  return 1;
	}
      else if (termpid != pid)
	{
	  printf ("waitpid returned %ld != %ld\n",
		  (long int) termpid, (long int) pid);
	  return 1;
	}
      else if (!WIFEXITED (status) || WEXITSTATUS (status))
	{
	  puts ("child hasn't exited with exit status 0");
	  return 1;
	}
    }

  qsort (child_ptr_chk_guards, N + 1, sizeof (uintptr_t), uintptr_t_cmp);

  /* The default pointer guard is the same as the default stack guard.
     They are only set to default if dl_random is NULL.  */
  uintptr_t default_guard = 0;
  unsigned char *p = (unsigned char *) &default_guard;
  p[sizeof (uintptr_t) - 1] = 255;
  p[sizeof (uintptr_t) - 2] = '\n';
  p[0] = 0;

  /* Test if the pointer guard canaries are either randomized,
     or equal to the default pointer guard value.
     Even with randomized pointer guards it might happen
     that the random number generator generates the same
     values, but if that happens in more than half from
     the 16 runs, something is very wrong.  */
  int ndifferences = 0;
  int ndefaults = 0;
  for (i = 0; i < N; ++i)
    {
      if (child_ptr_chk_guards[i] != child_ptr_chk_guards[i+1])
	ndifferences++;
      else if (child_ptr_chk_guards[i] == default_guard)
	ndefaults++;
    }

  printf ("differences %d defaults %d\n", ndifferences, ndefaults);

  if (ndifferences < N / 2 && ndefaults < N / 2)
    {
      puts ("pointer guard values are not randomized enough");
      puts ("nor equal to the default value");
      return 1;
    }

  return 0;
}

#define OPT_COMMAND	10000
#define OPT_CHILD	10001
#define CMDLINE_OPTIONS	\
  { "command", required_argument, NULL, OPT_COMMAND },  \
  { "child", no_argument, NULL, OPT_CHILD },
#define CMDLINE_PROCESS	\
  case OPT_COMMAND:	\
    command = optarg;	\
    break;		\
  case OPT_CHILD:	\
    child = true;	\
    break;
#define TEST_FUNCTION do_test ()
#include "../test-skeleton.c"

Lines 2-4 Link Here

(-)a/ports/sysdeps/ia64/stackguard-macros.h (+3 lines)
2		2
3	#define STACK_CHK_GUARD \	3	#define STACK_CHK_GUARD \
4	({ uintptr_t x; asm ("adds %0 = -8, r13;; ld8 %0 = [%0]" : "=r" (x)); x; })	4	({ uintptr_t x; asm ("adds %0 = -8, r13;; ld8 %0 = [%0]" : "=r" (x)); x; })
		5
		6	#define POINTER_CHK_GUARD \
		7	({ uintptr_t x; asm ("adds %0 = -16, r13;; ld8 %0 = [%0]" : "=r" (x)); x; })

Lines 4-14 Link Here

(-)a/ports/sysdeps/tile/stackguard-macros.h (+6 lines)
4	# if __WORDSIZE == 64	4	# if __WORDSIZE == 64
5	# define STACK_CHK_GUARD \	5	# define STACK_CHK_GUARD \
6	({ uintptr_t x; asm ("addi %0, tp, -16; ld %0, %0" : "=r" (x)); x; })	6	({ uintptr_t x; asm ("addi %0, tp, -16; ld %0, %0" : "=r" (x)); x; })
		7	# define POINTER_CHK_GUARD \
		8	({ uintptr_t x; asm ("addi %0, tp, -24; ld %0, %0" : "=r" (x)); x; })
7	# else	9	# else
8	# define STACK_CHK_GUARD \	10	# define STACK_CHK_GUARD \
9	({ uintptr_t x; asm ("addi %0, tp, -8; ld4s %0, %0" : "=r" (x)); x; })	11	({ uintptr_t x; asm ("addi %0, tp, -8; ld4s %0, %0" : "=r" (x)); x; })
		12	# define POINTER_CHK_GUARD \
		13	({ uintptr_t x; asm ("addi %0, tp, -12; ld4s %0, %0" : "=r" (x)); x; })
10	# endif	14	# endif
11	#else	15	#else
12	# define STACK_CHK_GUARD \	16	# define STACK_CHK_GUARD \
13	({ uintptr_t x; asm ("addi %0, tp, -8; lw %0, %0" : "=r" (x)); x; })	17	({ uintptr_t x; asm ("addi %0, tp, -8; lw %0, %0" : "=r" (x)); x; })
		18	# define POINTER_CHK_GUARD \
		19	({ uintptr_t x; asm ("addi %0, tp, -12; lw %0, %0" : "=r" (x)); x; })
14	#endif	20	#endif

Lines 2-4 Link Here

(-)a/sysdeps/generic/stackguard-macros.h (+3 lines)
2		2
3	extern uintptr_t __stack_chk_guard;	3	extern uintptr_t __stack_chk_guard;
4	#define STACK_CHK_GUARD __stack_chk_guard	4	#define STACK_CHK_GUARD __stack_chk_guard
		5
		6	extern uintptr_t __pointer_chk_guard_local;
		7	#define POINTER_CHK_GUARD __pointer_chk_guard_local

Lines 2-4 Link Here

(-)a/sysdeps/i386/stackguard-macros.h (+8 lines)
2		2
3	#define STACK_CHK_GUARD \	3	#define STACK_CHK_GUARD \
4	({ uintptr_t x; asm ("movl %%gs:0x14, %0" : "=r" (x)); x; })	4	({ uintptr_t x; asm ("movl %%gs:0x14, %0" : "=r" (x)); x; })
		5
		6	#define POINTER_CHK_GUARD \
		7	({ \
		8	uintptr_t x; \
		9	asm ("movl %%gs:%c1, %0" : "=r" (x) \
		10	: "i" (offsetof (tcbhead_t, pointer_guard))); \
		11	x; \
		12	})





#define STACK_CHK_GUARD \
  ({ uintptr_t x; asm ("lwz %0,-28680(2)" : "=r" (x)); x; })

#define POINTER_CHK_GUARD \
  ({												\
     uintptr_t x;										\
     asm ("lwz %0,%1(2)"									\
	  : "=r" (x)										\
	  : "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t))	\
         );											\
     x;												\
   })





#define STACK_CHK_GUARD \
  ({ uintptr_t x; asm ("ld %0,-28688(13)" : "=r" (x)); x; })

#define POINTER_CHK_GUARD \
  ({												\
     uintptr_t x;										\
     asm ("ld %0,%1(2)"										\
	  : "=r" (x)										\
	  : "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t))	\
         );											\
     x;												\
   })





#define STACK_CHK_GUARD \
  ({ uintptr_t x; asm ("ear %0,%%a0; l %0,0x14(%0)" : "=a" (x)); x; })

/* On s390/s390x there is no unique pointer guard, instead we use the
   same value as the stack guard.  */
#define POINTER_CHK_GUARD \
  ({							\
     uintptr_t x;					\
     asm ("ear %0,%%a0; l %0,%1(%0)"			\
	  : "=a" (x)					\
	  : "i" (offsetof (tcbhead_t, stack_guard)));	\
     x;							\
   })





#define STACK_CHK_GUARD \
  ({ uintptr_t x; asm ("ear %0,%%a0; sllg %0,%0,32; ear %0,%%a1; lg %0,0x28(%0)" : "=a" (x)); x; })

/* On s390/s390x there is no unique pointer guard, instead we use the
   same value as the stack guard.  */
#define POINTER_CHK_GUARD \
  ({							\
     uintptr_t x;					\
     asm ("ear %0,%%a0;"				\
	  "sllg %0,%0,32;"				\
	  "ear %0,%%a1;"				\
	  "lg %0,%1(%0)"				\
	 : "=a" (x)					\
	 : "i" (offsetof (tcbhead_t, stack_guard)));	\
     x;							\
   })

Lines 2-4 Link Here

(-)a/sysdeps/sparc/sparc32/stackguard-macros.h (+3 lines)
2		2
3	#define STACK_CHK_GUARD \	3	#define STACK_CHK_GUARD \
4	({ uintptr_t x; asm ("ld [%%g7+0x14], %0" : "=r" (x)); x; })	4	({ uintptr_t x; asm ("ld [%%g7+0x14], %0" : "=r" (x)); x; })
		5
		6	#define POINTER_CHK_GUARD \
		7	({ uintptr_t x; asm ("ld [%%g7+0x18], %0" : "=r" (x)); x; })

Lines 2-4 Link Here

(-)a/sysdeps/sparc/sparc64/stackguard-macros.h (+3 lines)
2		2
3	#define STACK_CHK_GUARD \	3	#define STACK_CHK_GUARD \
4	({ uintptr_t x; asm ("ldx [%%g7+0x28], %0" : "=r" (x)); x; })	4	({ uintptr_t x; asm ("ldx [%%g7+0x28], %0" : "=r" (x)); x; })
		5
		6	#define POINTER_CHK_GUARD \
		7	({ uintptr_t x; asm ("ldx [%%g7+0x30], %0" : "=r" (x)); x; })

Lines 4-6 Link Here

(-)a/sysdeps/x86_64/stackguard-macros.h (+5 lines)
4	({ uintptr_t x; \	4	({ uintptr_t x; \
5	asm ("mov %%fs:%c1, %0" : "=r" (x) \	5	asm ("mov %%fs:%c1, %0" : "=r" (x) \
6	: "i" (offsetof (tcbhead_t, stack_guard))); x; })	6	: "i" (offsetof (tcbhead_t, stack_guard))); x; })
		7
		8	#define POINTER_CHK_GUARD \
		9	({ uintptr_t x; \
		10	asm ("mov %%fs:%c1, %0" : "=r" (x) \
		11	: "i" (offsetof (tcbhead_t, pointer_guard))); x; })

Lines 1019-1024 tst-stackguard1-ARGS = --command "$(host-test-program-cmd) --child" Link Here

(-)a/elf/Makefile (+3 lines)
1019	tst-stackguard1-static-ARGS = --command "$(objpfx)tst-stackguard1-static --child"	1019	tst-stackguard1-static-ARGS = --command "$(objpfx)tst-stackguard1-static --child"
1020		1020
1021	tst-ptrguard1-ARGS = --command "$(host-test-program-cmd) --child"	1021	tst-ptrguard1-ARGS = --command "$(host-test-program-cmd) --child"
		1022	# When built statically, the pointer guard interface uses
		1023	# __pointer_chk_guard_local.
		1024	CFLAGS-tst-ptrguard1-static.c = -DPTRGUARD_LOCAL
1022	tst-ptrguard1-static-ARGS = --command "$(objpfx)tst-ptrguard1-static --child"	1025	tst-ptrguard1-static-ARGS = --command "$(objpfx)tst-ptrguard1-static --child"
1023		1026
1024	$(objpfx)tst-leaks1: $(libdl)	1027	$(objpfx)tst-leaks1: $(libdl)

Lines 3-7 Link Here

(-)a/sysdeps/generic/stackguard-macros.h (-1 / +6 lines)
3	extern uintptr_t __stack_chk_guard;	3	extern uintptr_t __stack_chk_guard;
4	#define STACK_CHK_GUARD __stack_chk_guard	4	#define STACK_CHK_GUARD __stack_chk_guard
5		5
		6	#ifdef PTRGUARD_LOCAL
6	extern uintptr_t __pointer_chk_guard_local;	7	extern uintptr_t __pointer_chk_guard_local;
7	#define POINTER_CHK_GUARD __pointer_chk_guard_local	8	# define POINTER_CHK_GUARD __pointer_chk_guard_local
		9	#else
		10	extern uintptr_t __pointer_chk_guard;
		11	# define POINTER_CHK_GUARD __pointer_chk_guard
		12	#endif

Return to bug 477330

Line 0 Link Here

(-)a/elf/tst-ptrguard1.c (+202 lines)
		1	/* Copyright (C) 2013 Free Software Foundation, Inc.
		2	This file is part of the GNU C Library.
		3
		4	The GNU C Library is free software; you can redistribute it and/or
		5	modify it under the terms of the GNU Lesser General Public
		6	License as published by the Free Software Foundation; either
		7	version 2.1 of the License, or (at your option) any later version.
		8
		9	The GNU C Library is distributed in the hope that it will be useful,
		10	but WITHOUT ANY WARRANTY; without even the implied warranty of
		11	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
		12	Lesser General Public License for more details.
		13
		14	You should have received a copy of the GNU Lesser General Public
		15	License along with the GNU C Library; if not, see
		16	<http://www.gnu.org/licenses/>. */
		17
		18	#include <errno.h>
		19	#include <stdbool.h>
		20	#include <stdio.h>
		21	#include <stdlib.h>
		22	#include <string.h>
		23	#include <sys/wait.h>
		24	#include <stackguard-macros.h>
		25	#include <tls.h>
		26	#include <unistd.h>
		27
		28	#ifndef POINTER_CHK_GUARD
		29	extern uintptr_t __pointer_chk_guard;
		30	# define POINTER_CHK_GUARD __pointer_chk_guard
		31	#endif
		32
		33	static const char *command;
		34	static bool child;
		35	static uintptr_t ptr_chk_guard_copy;
		36	static bool ptr_chk_guard_copy_set;
		37	static int fds[2];
		38
		39	static void __attribute__ ((constructor))
		40	con (void)
		41	{
		42	ptr_chk_guard_copy = POINTER_CHK_GUARD;
		43	ptr_chk_guard_copy_set = true;
		44	}
		45
		46	static int
		47	uintptr_t_cmp (const void a, const void b)
		48	{
		49	if ((uintptr_t ) a < (uintptr_t ) b)
		50	return 1;
		51	if ((uintptr_t ) a > (uintptr_t ) b)
		52	return -1;
		53	return 0;
		54	}
		55
		56	static int
		57	do_test (void)
		58	{
		59	if (!ptr_chk_guard_copy_set)
		60	{
		61	puts ("constructor has not been run");
		62	return 1;
		63	}
		64
65	if (ptr_chk_guard_copy != POINTER_CHK_GUARD)
66	{
67	puts ("POINTER_CHK_GUARD changed between constructor and do_test");
68	return 1;
69	}
70
71	if (child)
72	{
73	write (2, &ptr_chk_guard_copy, sizeof (ptr_chk_guard_copy));
74	return 0;
75	}
76
77	if (command == NULL)
78	{
79	puts ("missing --command or --child argument");
80	return 1;
81	}
82
83	#define N 16
84	uintptr_t child_ptr_chk_guards[N + 1];
85	child_ptr_chk_guards[N] = ptr_chk_guard_copy;
86	int i;
87	for (i = 0; i < N; ++i)
88	{
89	if (pipe (fds) < 0)
90	{
91	printf ("couldn't create pipe: %m\n");
92	return 1;
93	}
94
95	pid_t pid = fork ();
96	if (pid < 0)
97	{
98	printf ("fork failed: %m\n");
99	return 1;
100	}
101
102	if (!pid)
103	{
104	if (ptr_chk_guard_copy != POINTER_CHK_GUARD)
105	{
106	puts ("POINTER_CHK_GUARD changed after fork");
107	exit (1);
108	}
109
110	close (fds[0]);
111	close (2);
112	dup2 (fds[1], 2);
113	close (fds[1]);
114
115	system (command);
116	exit (0);
117	}
118
119	close (fds[1]);
120
121	if (TEMP_FAILURE_RETRY (read (fds[0], &child_ptr_chk_guards[i],
122	sizeof (uintptr_t))) != sizeof (uintptr_t))
123	{
124	puts ("could not read ptr_chk_guard value from child");
125	return 1;
126	}
127
128	close (fds[0]);
129
130	pid_t termpid;
131	int status;
132	termpid = TEMP_FAILURE_RETRY (waitpid (pid, &status, 0));
133	if (termpid == -1)
134	{
135	printf ("waitpid failed: %m\n");
136	return 1;
137	}
138	else if (termpid != pid)
139	{
140	printf ("waitpid returned %ld != %ld\n",
141	(long int) termpid, (long int) pid);
142	return 1;
143	}
144	else if (!WIFEXITED (status) \|\| WEXITSTATUS (status))
145	{
146	puts ("child hasn't exited with exit status 0");
147	return 1;
148	}
149	}
150
151	qsort (child_ptr_chk_guards, N + 1, sizeof (uintptr_t), uintptr_t_cmp);
152
153	/* The default pointer guard is the same as the default stack guard.
154	They are only set to default if dl_random is NULL. */
155	uintptr_t default_guard = 0;
156	unsigned char p = (unsigned char ) &default_guard;
157	p[sizeof (uintptr_t) - 1] = 255;
158	p[sizeof (uintptr_t) - 2] = '\n';
159	p[0] = 0;
160
161	/* Test if the pointer guard canaries are either randomized,
162	or equal to the default pointer guard value.
163	Even with randomized pointer guards it might happen
164	that the random number generator generates the same
165	values, but if that happens in more than half from
166	the 16 runs, something is very wrong. */
167	int ndifferences = 0;
168	int ndefaults = 0;
169	for (i = 0; i < N; ++i)
170	{
171	if (child_ptr_chk_guards[i] != child_ptr_chk_guards[i+1])
172	ndifferences++;
173	else if (child_ptr_chk_guards[i] == default_guard)
174	ndefaults++;
175	}
176
177	printf ("differences %d defaults %d\n", ndifferences, ndefaults);
178
179	if (ndifferences < N / 2 && ndefaults < N / 2)
180	{
181	puts ("pointer guard values are not randomized enough");
182	puts ("nor equal to the default value");
183	return 1;
184	}
185
186	return 0;
187	}
188
189	#define OPT_COMMAND 10000
190	#define OPT_CHILD 10001
191	#define CMDLINE_OPTIONS \
192	{ "command", required_argument, NULL, OPT_COMMAND }, \
193	{ "child", no_argument, NULL, OPT_CHILD },
194	#define CMDLINE_PROCESS \
195	case OPT_COMMAND: \
196	command = optarg; \
197	break; \
198	case OPT_CHILD: \
199	child = true; \
200	break;
201	#define TEST_FUNCTION do_test ()
202	#include "../test-skeleton.c"

Lines 2-4 Link Here

(-)a/sysdeps/powerpc/powerpc32/stackguard-macros.h (+10 lines)
2		2
3	#define STACK_CHK_GUARD \	3	#define STACK_CHK_GUARD \
4	({ uintptr_t x; asm ("lwz %0,-28680(2)" : "=r" (x)); x; })	4	({ uintptr_t x; asm ("lwz %0,-28680(2)" : "=r" (x)); x; })
		5
		6	#define POINTER_CHK_GUARD \
		7	({ \
		8	uintptr_t x; \
		9	asm ("lwz %0,%1(2)" \
		10	: "=r" (x) \
		11	: "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t)) \
		12	); \
		13	x; \
		14	})

Lines 2-4 Link Here

(-)a/sysdeps/powerpc/powerpc64/stackguard-macros.h (+10 lines)
2		2
3	#define STACK_CHK_GUARD \	3	#define STACK_CHK_GUARD \
4	({ uintptr_t x; asm ("ld %0,-28688(13)" : "=r" (x)); x; })	4	({ uintptr_t x; asm ("ld %0,-28688(13)" : "=r" (x)); x; })
		5
		6	#define POINTER_CHK_GUARD \
		7	({ \
		8	uintptr_t x; \
		9	asm ("ld %0,%1(2)" \
		10	: "=r" (x) \
		11	: "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t)) \
		12	); \
		13	x; \
		14	})

Lines 2-4 Link Here

(-)a/sysdeps/s390/s390-32/stackguard-macros.h (+11 lines)
2		2
3	#define STACK_CHK_GUARD \	3	#define STACK_CHK_GUARD \
4	({ uintptr_t x; asm ("ear %0,%%a0; l %0,0x14(%0)" : "=a" (x)); x; })	4	({ uintptr_t x; asm ("ear %0,%%a0; l %0,0x14(%0)" : "=a" (x)); x; })
		5
		6	/* On s390/s390x there is no unique pointer guard, instead we use the
		7	same value as the stack guard. */
		8	#define POINTER_CHK_GUARD \
		9	({ \
		10	uintptr_t x; \
		11	asm ("ear %0,%%a0; l %0,%1(%0)" \
		12	: "=a" (x) \
		13	: "i" (offsetof (tcbhead_t, stack_guard))); \
		14	x; \
		15	})

Lines 2-4 Link Here

(-)a/sysdeps/s390/s390-64/stackguard-macros.h (+14 lines)
2		2
3	#define STACK_CHK_GUARD \	3	#define STACK_CHK_GUARD \
4	({ uintptr_t x; asm ("ear %0,%%a0; sllg %0,%0,32; ear %0,%%a1; lg %0,0x28(%0)" : "=a" (x)); x; })	4	({ uintptr_t x; asm ("ear %0,%%a0; sllg %0,%0,32; ear %0,%%a1; lg %0,0x28(%0)" : "=a" (x)); x; })
		5
		6	/* On s390/s390x there is no unique pointer guard, instead we use the
		7	same value as the stack guard. */
		8	#define POINTER_CHK_GUARD \
		9	({ \
		10	uintptr_t x; \
		11	asm ("ear %0,%%a0;" \
		12	"sllg %0,%0,32;" \
		13	"ear %0,%%a1;" \
		14	"lg %0,%1(%0)" \
		15	: "=a" (x) \
		16	: "i" (offsetof (tcbhead_t, stack_guard))); \
		17	x; \
		18	})