Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 24 May 2015 16:24:24 +0000 (UTC)
From:      Dmitry Chagin <dchagin@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r283431 - in head/sys: amd64/linux amd64/linux32 compat/linux i386/linux
Message-ID:  <201505241624.t4OGOORC083913@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: dchagin
Date: Sun May 24 16:24:24 2015
New Revision: 283431
URL: https://svnweb.freebsd.org/changeset/base/283431

Log:
  Add AT_RANDOM and AT_EXECFN auxiliary vector entries which are used by
  glibc. At list since glibc version 2.16 using AT_RANDOM is mandatory.
  
  Differential Revision:	https://reviews.freebsd.org/D1080

Modified:
  head/sys/amd64/linux/linux.h
  head/sys/amd64/linux/linux_sysvec.c
  head/sys/amd64/linux32/linux.h
  head/sys/amd64/linux32/linux32_sysvec.c
  head/sys/compat/linux/linux_misc.h
  head/sys/i386/linux/linux.h
  head/sys/i386/linux/linux_sysvec.c

Modified: head/sys/amd64/linux/linux.h
==============================================================================
--- head/sys/amd64/linux/linux.h	Sun May 24 16:22:03 2015	(r283430)
+++ head/sys/amd64/linux/linux.h	Sun May 24 16:24:24 2015	(r283431)
@@ -100,7 +100,7 @@ typedef struct {
 #define	LINUX_NAME_MAX		255
 #define	LINUX_CTL_MAXNAME	10
 
-#define LINUX_AT_COUNT		17	/* Count of used aux entry types. */
+#define LINUX_AT_COUNT		19	/* Count of used aux entry types. */
 
 struct l___sysctl_args
 {

Modified: head/sys/amd64/linux/linux_sysvec.c
==============================================================================
--- head/sys/amd64/linux/linux_sysvec.c	Sun May 24 16:22:03 2015	(r283430)
+++ head/sys/amd64/linux/linux_sysvec.c	Sun May 24 16:24:24 2015	(r283431)
@@ -319,6 +319,9 @@ elf_linux_fixup(register_t **stack_base,
 	AUXARGS_ENTRY(pos, AT_EGID, imgp->proc->p_ucred->cr_svgid);
 	AUXARGS_ENTRY(pos, LINUX_AT_SECURE, 0);
 	AUXARGS_ENTRY(pos, LINUX_AT_PLATFORM, PTROUT(linux_platform));
+	AUXARGS_ENTRY(pos, LINUX_AT_RANDOM, imgp->canary);
+	if (imgp->execpathp != 0)
+		AUXARGS_ENTRY(pos, LINUX_AT_EXECFN, imgp->execpathp);
 	if (args->execfd != -1)
 		AUXARGS_ENTRY(pos, AT_EXECFD, args->execfd);
 	AUXARGS_ENTRY(pos, AT_NULL, 0);
@@ -345,16 +348,39 @@ linux_copyout_strings(struct image_param
 	char *stringp, *destp;
 	register_t *stack_base;
 	struct ps_strings *arginfo;
+	char canary[LINUX_AT_RANDOM_LEN];
+	size_t execpath_len;
 	struct proc *p;
 
 	/*
 	 * Calculate string base and vector table pointers.
 	 */
+	if (imgp->execpath != NULL && imgp->auxargs != NULL)
+		execpath_len = strlen(imgp->execpath) + 1;
+	else
+		execpath_len = 0;
+
 	p = imgp->proc;
 	arginfo = (struct ps_strings *)p->p_sysent->sv_psstrings;
 	destp =	(caddr_t)arginfo - SPARE_USRSPACE -
+	    roundup(sizeof(canary), sizeof(char *)) -
+	    roundup(execpath_len, sizeof(char *)) -
 	    roundup((ARG_MAX - imgp->args->stringspace), sizeof(char *));
 
+	if (execpath_len != 0) {
+		imgp->execpathp = (uintptr_t)arginfo - execpath_len;
+		copyout(imgp->execpath, (void *)imgp->execpathp, execpath_len);
+	}
+
+	/*
+	 * Prepare the canary for SSP.
+	 */
+	arc4rand(canary, sizeof(canary), 0);
+	imgp->canary = (uintptr_t)arginfo -
+	    roundup(execpath_len, sizeof(char *)) -
+	    roundup(sizeof(canary), sizeof(char *));
+	copyout(canary, (void *)imgp->canary, sizeof(canary));
+
 	/*
 	 * If we have a valid auxargs ptr, prepare some room
 	 * on the stack.

Modified: head/sys/amd64/linux32/linux.h
==============================================================================
--- head/sys/amd64/linux32/linux.h	Sun May 24 16:22:03 2015	(r283430)
+++ head/sys/amd64/linux32/linux.h	Sun May 24 16:24:24 2015	(r283431)
@@ -110,7 +110,7 @@ typedef struct {
 /*
  * Miscellaneous
  */
-#define	LINUX_AT_COUNT		18	/* Count of used aux entry types.
+#define	LINUX_AT_COUNT		20	/* Count of used aux entry types.
 					 * Keep this synchronized with
 					 * elf_linux_fixup() code.
 					 */

Modified: head/sys/amd64/linux32/linux32_sysvec.c
==============================================================================
--- head/sys/amd64/linux32/linux32_sysvec.c	Sun May 24 16:22:03 2015	(r283430)
+++ head/sys/amd64/linux32/linux32_sysvec.c	Sun May 24 16:24:24 2015	(r283431)
@@ -289,6 +289,9 @@ elf_linux_fixup(register_t **stack_base,
 	AUXARGS_ENTRY_32(pos, AT_GID, imgp->proc->p_ucred->cr_rgid);
 	AUXARGS_ENTRY_32(pos, AT_EGID, imgp->proc->p_ucred->cr_svgid);
 	AUXARGS_ENTRY_32(pos, LINUX_AT_PLATFORM, PTROUT(linux_platform));
+	AUXARGS_ENTRY(pos, LINUX_AT_RANDOM, PTROUT(imgp->canary));
+	if (imgp->execpathp != 0)
+		AUXARGS_ENTRY(pos, LINUX_AT_EXECFN, PTROUT(imgp->execpathp));
 	if (args->execfd != -1)
 		AUXARGS_ENTRY_32(pos, AT_EXECFD, args->execfd);
 	AUXARGS_ENTRY_32(pos, AT_NULL, 0);
@@ -869,14 +872,37 @@ linux_copyout_strings(struct image_param
 	char *stringp, *destp;
 	u_int32_t *stack_base;
 	struct linux32_ps_strings *arginfo;
+	char canary[LINUX_AT_RANDOM_LEN];
+	size_t execpath_len;
 
 	/*
 	 * Calculate string base and vector table pointers.
 	 */
+	if (imgp->execpath != NULL && imgp->auxargs != NULL)
+		execpath_len = strlen(imgp->execpath) + 1;
+	else
+		execpath_len = 0;
+
 	arginfo = (struct linux32_ps_strings *)LINUX32_PS_STRINGS;
 	destp =	(caddr_t)arginfo - SPARE_USRSPACE -
+	    roundup(sizeof(canary), sizeof(char *)) -
+	    roundup(execpath_len, sizeof(char *)) -
 	    roundup((ARG_MAX - imgp->args->stringspace), sizeof(char *));
 
+	if (execpath_len != 0) {
+		imgp->execpathp = (uintptr_t)arginfo - execpath_len;
+		copyout(imgp->execpath, (void *)imgp->execpathp, execpath_len);
+	}
+
+	/*
+	 * Prepare the canary for SSP.
+	 */
+	arc4rand(canary, sizeof(canary), 0);
+	imgp->canary = (uintptr_t)arginfo -
+	    roundup(execpath_len, sizeof(char *)) -
+	    roundup(sizeof(canary), sizeof(char *));
+	copyout(canary, (void *)imgp->canary, sizeof(canary));
+
 	/*
 	 * If we have a valid auxargs ptr, prepare some room
 	 * on the stack.

Modified: head/sys/compat/linux/linux_misc.h
==============================================================================
--- head/sys/compat/linux/linux_misc.h	Sun May 24 16:22:03 2015	(r283430)
+++ head/sys/compat/linux/linux_misc.h	Sun May 24 16:24:24 2015	(r283431)
@@ -72,10 +72,13 @@ extern const char *linux_kplatform;
 #define	LINUX_AT_BASE_PLATFORM	24	/* string identifying real platform, may
 					 * differ from AT_PLATFORM.
 					 */
+#define	LINUX_AT_RANDOM		25	/* address of random bytes */
 #define	LINUX_AT_EXECFN		31	/* filename of program */
 #define	LINUX_AT_SYSINFO	32	/* vsyscall */
 #define	LINUX_AT_SYSINFO_EHDR	33	/* vdso header */
 
+#define	LINUX_AT_RANDOM_LEN	16	/* size of random bytes */
+
 /* Linux sets the i387 to extended precision. */
 #if defined(__i386__) || defined(__amd64__)
 #define	__LINUX_NPXCW__		0x37f

Modified: head/sys/i386/linux/linux.h
==============================================================================
--- head/sys/i386/linux/linux.h	Sun May 24 16:22:03 2015	(r283430)
+++ head/sys/i386/linux/linux.h	Sun May 24 16:24:24 2015	(r283431)
@@ -104,7 +104,7 @@ typedef struct {
 /*
  * Miscellaneous
  */
-#define LINUX_AT_COUNT		18	/* Count of used aux entry types.
+#define LINUX_AT_COUNT		20	/* Count of used aux entry types.
 					 * Keep this synchronized with
 					 * elf_linux_fixup() code.
 					 */

Modified: head/sys/i386/linux/linux_sysvec.c
==============================================================================
--- head/sys/i386/linux/linux_sysvec.c	Sun May 24 16:22:03 2015	(r283430)
+++ head/sys/i386/linux/linux_sysvec.c	Sun May 24 16:24:24 2015	(r283431)
@@ -298,6 +298,9 @@ elf_linux_fixup(register_t **stack_base,
 	AUXARGS_ENTRY(pos, AT_GID, imgp->proc->p_ucred->cr_rgid);
 	AUXARGS_ENTRY(pos, AT_EGID, imgp->proc->p_ucred->cr_svgid);
 	AUXARGS_ENTRY(pos, LINUX_AT_PLATFORM, PTROUT(uplatform));
+	AUXARGS_ENTRY(pos, LINUX_AT_RANDOM, imgp->canary);
+	if (imgp->execpathp != 0)
+		AUXARGS_ENTRY(pos, LINUX_AT_EXECFN, imgp->execpathp);
 	if (args->execfd != -1)
 		AUXARGS_ENTRY(pos, AT_EXECFD, args->execfd);
 	AUXARGS_ENTRY(pos, AT_NULL, 0);
@@ -321,14 +324,22 @@ linux_copyout_strings(struct image_param
 	char *stringp, *destp;
 	register_t *stack_base;
 	struct ps_strings *arginfo;
+	char canary[LINUX_AT_RANDOM_LEN];
+	size_t execpath_len;
 	struct proc *p;
 
 	/*
 	 * Calculate string base and vector table pointers.
 	 */
 	p = imgp->proc;
+	if (imgp->execpath != NULL && imgp->auxargs != NULL)
+		execpath_len = strlen(imgp->execpath) + 1;
+	else
+		execpath_len = 0;
 	arginfo = (struct ps_strings *)p->p_sysent->sv_psstrings;
 	destp = (caddr_t)arginfo - SPARE_USRSPACE - linux_szplatform -
+	    roundup(sizeof(canary), sizeof(char *)) -
+	    roundup(execpath_len, sizeof(char *)) -
 	    roundup((ARG_MAX - imgp->args->stringspace), sizeof(char *));
 
 	/*
@@ -337,6 +348,21 @@ linux_copyout_strings(struct image_param
 	copyout(linux_kplatform, ((caddr_t)arginfo - linux_szplatform),
 	    linux_szplatform);
 
+	if (execpath_len != 0) {
+		imgp->execpathp = (uintptr_t)arginfo -
+		linux_szplatform - execpath_len;
+		copyout(imgp->execpath, (void *)imgp->execpathp, execpath_len);
+	}
+
+	/*
+	 * Prepare the canary for SSP.
+	 */
+	arc4rand(canary, sizeof(canary), 0);
+	imgp->canary = (uintptr_t)arginfo - linux_szplatform -
+	    roundup(execpath_len, sizeof(char *)) -
+	    roundup(sizeof(canary), sizeof(char *));
+	copyout(canary, (void *)imgp->canary, sizeof(canary));
+
 	/*
 	 * If we have a valid auxargs ptr, prepare some room
 	 * on the stack.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201505241624.t4OGOORC083913>