Commit Graph

4 Commits

Author SHA1 Message Date
Elliott Hughes
d3920b3a99 Switch to using AT_RANDOM for the stack guards.
Bug: 7959813
Change-Id: I8db4b8912ba649bfe668c6f22aa44690ddd401a2
2013-02-08 11:16:13 -08:00
Nick Kralevich
36bd371e26 Revert "stack protector: use AT_RANDOM"
The AT_RANDOM changes broke setuid / setgid executables
such as "ping". When the linker executes a setuid program,
it cleans the environment, removing any invalid environment
entries, and adding "NULL"s to the end of the environment
array for each removed variable. Later on, we try to determine
the location of the aux environment variable, and get tripped
up by these extra NULLs.

Reverting this patch will get setuid executables working again,
but getauxval() is still broken for setuid programs because of
this bug.

This reverts commit e3a49a8661.

Change-Id: I05c58a896b1fe32cfb5d95d43b096045cda0aa4a
2013-01-16 13:16:42 -08:00
Nick Kralevich
e3a49a8661 stack protector: use AT_RANDOM
Populate the stack canaries from the kernel supplied
AT_RANDOM value, which doesn't involve any system calls.
This is slightly faster (6 fewer syscalls) and avoids
unnecessarily reading /dev/urandom, which depletes entropy.

Bug: 7959813

Change-Id: If2b43100a2a9929666df3de56b6139fed969e0f1
2013-01-16 10:09:52 -08:00
Elliott Hughes
ad88a08631 Per-thread -fstack-protector guards for x86.
Based on a pair of patches from Intel:

  https://android-review.googlesource.com/#/c/43909/
  https://android-review.googlesource.com/#/c/44903/

For x86, this patch supports _both_ the global that ARM/MIPS use
and the per-thread TLS entry (%gs:20) that GCC uses by default. This
lets us support binaries built with any x86 toolchain (right now,
the NDK is emitting x86 code that uses the global).

I've also extended the original tests to cover ARM/MIPS too, and
be a little more thorough for x86.

Change-Id: I02f279a80c6b626aecad449771dec91df235ad01
2012-10-25 12:04:03 -07:00