From patchwork Sun Oct 4 13:09:36 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Topi Miettinen X-Patchwork-Id: 40658 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id AC09C386F014; Sun, 4 Oct 2020 13:09:56 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org AC09C386F014 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1601816996; bh=wpwN062xlQplFbm+lGSuMCMGbdMiDFWskckU0jCugzU=; h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=hvsw7r28Cg4pCGN8zSwscStREp3+UQHHnyTTGigm9Zxh9SwCwGzu9tXo3IZu+pJ2R B0VqJrjFQxOcWMBgB0rjHxPgWAkjOim6gdRYy047P55Tq73SiO27gzdqvppksKNDFi /ILNo1NV3unjQv0jnVai5N8TE+iWW+SWq21wwy14= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-lf1-x142.google.com (mail-lf1-x142.google.com [IPv6:2a00:1450:4864:20::142]) by sourceware.org (Postfix) with ESMTPS id D015A386F014 for ; Sun, 4 Oct 2020 13:09:53 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org D015A386F014 Received: by mail-lf1-x142.google.com with SMTP id u8so7733063lff.1 for ; Sun, 04 Oct 2020 06:09:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=wpwN062xlQplFbm+lGSuMCMGbdMiDFWskckU0jCugzU=; b=aKfIv3fazg7g6IwOpW7uFH6sV8bC4xVCtKou1hY222r1QX116XCjL6D8cs0Uav2xZJ 8Hd2DX7ILntnmtJTJV55lgAemXqiFWDWCww0m2jEsQZIvMzyLTC1ka/aXuleqb8D8Vba f/3b8LWJrlqbQAh+UDVLOikxFDi3SOlJd4fUt4mljJ/T10wVdOL00PsNXyUjkRMxVtJK 3nO75AHjxiLrfcwjW4KdtUJvpUIENCiyct66MlMOdwrS2w2yTZZT+r2CYtDzpE0OeMp3 SiChJWf8tfaYPsRpvlZlzO4H110MTh2doCA78MM9HWof2EsF/CxMQ1EEJP9KEkSbBulv z7mQ== X-Gm-Message-State: AOAM5316SjQKaZiCPJB2jVf2kZ73NbIZwHpak4uKVN+MMyZM2AuL+8jQ 3vOVkbKnxjg6RqMMu1BCu6pF2SEK9c4= X-Google-Smtp-Source: ABdhPJztpKEkDYY+PNoavk02qYLlcHgS2AS5ql095gtkQwj0WKYx+GihiUiIEzHRMcme2/t++K800Q== X-Received: by 2002:a19:8256:: with SMTP id e83mr754722lfd.530.1601816992305; Sun, 04 Oct 2020 06:09:52 -0700 (PDT) Received: from localhost.localdomain (88-114-211-119.elisa-laajakaista.fi. [88.114.211.119]) by smtp.gmail.com with ESMTPSA id i7sm2264454ljb.44.2020.10.04.06.09.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 04 Oct 2020 06:09:51 -0700 (PDT) To: libc-alpha@sourceware.org Subject: [RFC PATCH 1/3] csu: randomize location of TCB Date: Sun, 4 Oct 2020 16:09:36 +0300 Message-Id: <20201004130938.64575-2-toiwoton@gmail.com> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201004130938.64575-1-toiwoton@gmail.com> References: <20201004130938.64575-1-toiwoton@gmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-9.0 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Topi Miettinen via Libc-alpha From: Topi Miettinen Reply-To: Topi Miettinen Cc: Topi Miettinen Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" Let's use mmap() for TCB, which makes the location of TCB random instead of always staying predictably next to data segment. Also improve the logic so that allocation of TCB can be assumed to fail insted of segfaulting. RFC: make independent of Linux. Signed-off-by: Topi Miettinen --- csu/libc-tls.c | 20 ++++++++++++++------ sysdeps/unix/sysv/linux/mmap64.c | 19 +++++++++++++++++++ sysdeps/unix/sysv/linux/mmap_internal.h | 3 +++ 3 files changed, 36 insertions(+), 6 deletions(-) diff --git a/csu/libc-tls.c b/csu/libc-tls.c index 06e76bd395..59700c3a95 100644 --- a/csu/libc-tls.c +++ b/csu/libc-tls.c @@ -24,6 +24,9 @@ #include #include #include +#include +#include +#include #ifdef SHARED #error makefile bug, this file is for static only @@ -134,25 +137,30 @@ __libc_setup_tls (void) /* We have to set up the TCB block which also (possibly) contains 'errno'. Therefore we avoid 'malloc' which might touch 'errno'. - Instead we use 'sbrk' which would only uses 'errno' if it fails. - In this case we are right away out of memory and the user gets - what she/he deserves. */ + Instead we use 'internal_mmap' which does not use 'errno'. */ + + int error = 0; + #if TLS_TCB_AT_TP /* Align the TCB offset to the maximum alignment, as _dl_allocate_tls_storage (in elf/dl-tls.c) does using __libc_memalign and dl_tls_static_align. */ tcb_offset = roundup (memsz + GLRO(dl_tls_static_surplus), max_align); - tlsblock = __sbrk (tcb_offset + TLS_INIT_TCB_SIZE + max_align); + tlsblock = __mmap_internal (NULL, tcb_offset + TLS_INIT_TCB_SIZE + max_align, + PROT_READ | PROT_WRITE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0, &error); #elif TLS_DTV_AT_TP tcb_offset = roundup (TLS_INIT_TCB_SIZE, align ?: 1); - tlsblock = __sbrk (tcb_offset + memsz + max_align - + TLS_PRE_TCB_SIZE + GLRO(dl_tls_static_surplus)); + tlsblock = __mmap_internal (NULL, tcb_offset + memsz + max_align + + TLS_PRE_TCB_SIZE + GLRO(dl_tls_static_surplus), + PROT_READ | PROT_WRITE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0, &error); tlsblock += TLS_PRE_TCB_SIZE; #else /* In case a model with a different layout for the TCB and DTV is defined add another #elif here and in the following #ifs. */ # error "Either TLS_TCB_AT_TP or TLS_DTV_AT_TP must be defined" #endif + if (error) + _startup_fatal ("Cannot allocate TCB"); /* Align the TLS block. */ tlsblock = (void *) (((uintptr_t) tlsblock + max_align - 1) diff --git a/sysdeps/unix/sysv/linux/mmap64.c b/sysdeps/unix/sysv/linux/mmap64.c index 8074deb466..11f7c3f99b 100644 --- a/sysdeps/unix/sysv/linux/mmap64.c +++ b/sysdeps/unix/sysv/linux/mmap64.c @@ -67,3 +67,22 @@ weak_alias (__mmap64, mmap) weak_alias (__mmap64, __mmap) libc_hidden_def (__mmap) #endif + +void * +__mmap_internal (void *addr, size_t len, int prot, int flags, int fd, off64_t offset, int *error) +{ + unsigned long int ret; +#ifdef __NR_mmap2 + ret = INTERNAL_SYSCALL_CALL (mmap2, addr, len, prot, flags, fd, + (off_t) (offset / MMAP2_PAGE_UNIT)); +#else + ret = INTERNAL_SYSCALL_CALL (mmap, addr, len, prot, flags, fd, offset); +#endif + if (INTERNAL_SYSCALL_ERROR_P(ret)) + { + *error = ret; + return MAP_FAILED; + } + + return (void *) ret; +} diff --git a/sysdeps/unix/sysv/linux/mmap_internal.h b/sysdeps/unix/sysv/linux/mmap_internal.h index d53f0c642a..00fc14902e 100644 --- a/sysdeps/unix/sysv/linux/mmap_internal.h +++ b/sysdeps/unix/sysv/linux/mmap_internal.h @@ -46,4 +46,7 @@ static uint64_t page_unit; INLINE_SYSCALL_CALL (__nr, __addr, __len, __prot, __flags, __fd, __offset) #endif +/* Internal version of mmap() which doesn't attempt to access errno */ +void *__mmap_internal (void *addr, size_t len, int prot, int flags, int fd, off64_t offset, int *error); + #endif /* MMAP_INTERNAL_LINUX_H */