qiurui
/
glibc
mirror of git://sourceware.org/git/glibc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* elf/rtld.c (dl_main): Initialize stack and pointer guard early 

when using auditing libraries.
This commit is contained in:
Ulrich Drepper 2007-10-31 15:28:30 +00:00
parent 31e2791ced
commit 4c48ef06b4
2 changed files with 44 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -1,3 +1,8 @@
2007-10-31 Ulrich Drepper <drepper@redhat.com>
* elf/rtld.c (dl_main): Initialize stack and pointer guard early
when using auditing libraries.
2007-10-29 Ulrich Drepper <drepper@redhat.com> 2007-10-29 Ulrich Drepper <drepper@redhat.com>
* resolv/Versions [libresolv] (GLIBC_PRIVATE): Add * resolv/Versions [libresolv] (GLIBC_PRIVATE): Add

62
elf/rtld.c
View File

@ -833,6 +833,35 @@ rtld_lock_default_unlock_recursive (void *lock)
#endif #endif
static void
security_init (void)
{
/* Set up the stack checker's canary. */
uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
#ifdef THREAD_SET_STACK_GUARD
THREAD_SET_STACK_GUARD (stack_chk_guard);
#else
__stack_chk_guard = stack_chk_guard;
#endif
/* Set up the pointer guard as well, if necessary. */
if (GLRO(dl_pointer_guard))
{
// XXX If it is cheap, we should use a separate value.
uintptr_t pointer_chk_guard = stack_chk_guard;
#ifndef HP_TIMING_NONAVAIL
hp_timing_t now;
HP_TIMING_NOW (now);
pointer_chk_guard ^= now;
#endif
#ifdef THREAD_SET_POINTER_GUARD
THREAD_SET_POINTER_GUARD (pointer_chk_guard);
#endif
__pointer_chk_guard_local = pointer_chk_guard;
}
}
/* The library search path. */ /* The library search path. */
static const char *library_path attribute_relro; static const char *library_path attribute_relro;
/* The list preloaded objects. */ /* The list preloaded objects. */
@ -1405,6 +1434,12 @@ of this helper program; chances are you did not intend to run this program.\n\
initialize the data structures now. */ initialize the data structures now. */
tcbp = init_tls (); tcbp = init_tls ();
/* Initialize security features. We need to do it this early
since otherwise the constructors of the audit libraries will
use different values (especially the pointer guard) and will
fail later on. */
security_init ();
do do
{ {
int tls_idx = GL(dl_tls_max_dtv_idx); int tls_idx = GL(dl_tls_max_dtv_idx);
@ -1815,29 +1850,10 @@ ERROR: ld.so: object '%s' cannot be loaded as audit interface: %s; ignored.\n",
if (tcbp == NULL) if (tcbp == NULL)
tcbp = init_tls (); tcbp = init_tls ();
/* Set up the stack checker's canary. */ if (__builtin_expect (audit_list == NULL, 1))
uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard (); /* Initialize security features. But only if we have not done it
#ifdef THREAD_SET_STACK_GUARD earlier. */
THREAD_SET_STACK_GUARD (stack_chk_guard); security_init ();
#else
__stack_chk_guard = stack_chk_guard;
#endif
/* Set up the pointer guard as well, if necessary. */
if (GLRO(dl_pointer_guard))
{
// XXX If it is cheap, we should use a separate value.
uintptr_t pointer_chk_guard = stack_chk_guard;
#ifndef HP_TIMING_NONAVAIL
hp_timing_t now;
HP_TIMING_NOW (now);
pointer_chk_guard ^= now;
#endif
#ifdef THREAD_SET_POINTER_GUARD
THREAD_SET_POINTER_GUARD (pointer_chk_guard);
#endif
__pointer_chk_guard_local = pointer_chk_guard;
}
if (__builtin_expect (mode, normal) != normal) if (__builtin_expect (mode, normal) != normal)
{ {