+2016-12-26 Nick Alcock <nick.alcock@oracle.com>
+
+ [BZ #7065]
+ * configure.ac (HAVE_CC_NO_STACK_PROTECTOR): Define.
+ * config.h.in (HAVE_CC_NO_STACK_PROTECTOR): New macro.
+ * include/libc-symbols.h (inhibit_stack_protector): New macro.
+ (__ifunc_resolver): Use it.
+ * elf/ifuncdep2.c (foo1_ifunc, foo2_ifunc, foo3_ifunc): Apply
+ inhibit_stack_protector.
+ * elf/ifuncmain6pie.c (foo_ifunc): Likewise.
+ * elf/ifuncmain7.c (foo_ifunc): Likewise.
+ * elf/ifuncmod1.c (foo_ifunc, foo_hidden_ifunc)
+ (foo_protected_ifunc): Likewise.
+ * elf/ifuncmod5.c (foo_ifunc, foo_hidden_ifunc)
+ (foo_protected_ifunc): Likewise.
+ * sysdeps/generic/ifunc-sel.h (ifunc_sel, ifunc_one): Likewise.
+ * sysdeps/nacl/nacl_interface_query.c
+ (nacl_interface_query_ifunc): Likewise.
+ * sysdeps/powerpc/ifunc-sel.h (ifunc_sel, ifunc_one): Likewise.
+ * sysdeps/unix/sysv/linux/x86_64/x32/getcpu.c (getcpu_ifunc):
+ Likewise.
+ * sysdeps/x86_64/ifuncmod8.c (foo_ifunc): Likewise.
+ * sysdeps/unix/make-syscalls.sh: Apply inhibit_stack_protector to
+ the generated vDSO syscall resolver.
+
2016-12-26 Nick Alcock <nick.alcock@oracle.com>
Florian Weimer <fweimer@redhat.com>
/* Define if compiler accepts -ftree-loop-distribute-patterns. */
#undef HAVE_CC_INHIBIT_LOOP_TO_LIBCALL
+/* Define if compiler accepts -fno-stack-protector in an
+ __attribute__ ((__optimize__)). */
+#undef HAVE_CC_NO_STACK_PROTECTOR
+
/* The level of stack protection in use for glibc as a whole.
May be overridden on a file-by-file basis. */
#ifndef STACK_PROTECTOR_LEVEL
no_stack_protector=
if test "$libc_cv_ssp" = yes; then
no_stack_protector="-fno-stack-protector -DSTACK_PROTECTOR_LEVEL=0"
+ $as_echo "#define HAVE_CC_NO_STACK_PROTECTOR 1" >>confdefs.h
+
fi
if test "$enable_stack_protector" = yes && test "$libc_cv_ssp" = yes; then
no_stack_protector=
if test "$libc_cv_ssp" = yes; then
no_stack_protector="-fno-stack-protector -DSTACK_PROTECTOR_LEVEL=0"
+ AC_DEFINE(HAVE_CC_NO_STACK_PROTECTOR)
fi
if test "$enable_stack_protector" = yes && test "$libc_cv_ssp" = yes; then
__asm__(".type foo1, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo1_ifunc (void)
{
return ifunc_sel (one, minus_one, zero);
__asm__(".type foo2, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo2_ifunc (void)
{
return ifunc_sel (minus_one, one, zero);
__asm__(".type foo3, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo3_ifunc (void)
{
return ifunc_sel (one, zero, minus_one);
__asm__(".type foo, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo_ifunc (void)
{
return ifunc_one (one);
static void *
__attribute__ ((used))
+inhibit_stack_protector
foo_ifunc (void)
{
return ifunc_one (one);
__asm__(".type foo, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo_ifunc (void)
{
return ifunc_sel (one, minus_one, zero);
__asm__(".type foo_hidden, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo_hidden_ifunc (void)
{
return ifunc_sel (minus_one, one, zero);
__asm__(".type foo_protected, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo_protected_ifunc (void)
{
return ifunc_sel (one, zero, minus_one);
__asm__(".type foo, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo_ifunc (void)
{
return ifunc_sel (one, minus_one, zero);
__asm__(".type foo_hidden, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo_hidden_ifunc (void)
{
return ifunc_sel (minus_one, one, zero);
__asm__(".type foo_protected, %gnu_indirect_function");
void *
+inhibit_stack_protector
foo_protected_ifunc (void)
{
return ifunc_sel (one, zero, minus_one);
#define attribute_relro __attribute__ ((section (".data.rel.ro")))
+
+/* Used to disable stack protection in sensitive places, like ifunc
+ resolvers and early static TLS init. */
+#ifdef HAVE_CC_NO_STACK_PROTECTOR
+# define inhibit_stack_protector \
+ __attribute__ ((__optimize__ ("-fno-stack-protector")))
+#else
+# define inhibit_stack_protector
+#endif
+
/* The following macros are used for PLT bypassing within libc.so
(and if needed other libraries similarly).
First of all, you need to have the function prototyped somewhere,
/* Helper / base macros for indirect function symbols. */
#define __ifunc_resolver(type_name, name, expr, arg, init, classifier) \
- classifier void *name##_ifunc (arg) \
+ classifier inhibit_stack_protector void *name##_ifunc (arg) \
{ \
init (); \
__typeof (type_name) *res = expr; \
extern int global;
static inline void *
+inhibit_stack_protector
ifunc_sel (int (*f1) (void), int (*f2) (void), int (*f3) (void))
{
switch (global)
}
static inline void *
+inhibit_stack_protector
ifunc_one (int (*f1) (void))
{
return f1;
asm ("nacl_interface_query");
TYPE_nacl_irt_query
+inhibit_stack_protector
nacl_interface_query_ifunc (void)
{
return &__nacl_irt_query;
extern int global;
static inline void *
+inhibit_stack_protector
ifunc_sel (int (*f1) (void), int (*f2) (void), int (*f3) (void))
{
register void *ret __asm__ ("r3");
}
static inline void *
+inhibit_stack_protector
ifunc_one (int (*f1) (void))
{
register void *ret __asm__ ("r3");
(echo '#include <dl-vdso.h>'; \\
echo 'extern void *${strong}_ifunc (void) __asm ("${strong}");'; \\
echo 'void *'; \\
+ echo 'inhibit_stack_protector'; \\
echo '${strong}_ifunc (void)'; \\
echo '{'; \\
echo ' PREPARE_VERSION_KNOWN (symver, ${vdso_symver});'; \\
void *getcpu_ifunc (void) __asm__ ("__getcpu");
void *
+inhibit_stack_protector
getcpu_ifunc (void)
{
PREPARE_VERSION (linux26, "LINUX_2.6", 61765110);
}
void *
+inhibit_stack_protector
foo_ifunc (void)
{
__m128i xmm = _mm_set1_epi32 (-1);
projects / thirdparty / glibc.git / commitdiff
