commit 36bd371e26c716cbc18e11801b13eff0352d91b0
author Nick Kralevich <nnk@google.com> Wed Jan 16 13:13:22 2013 -0800
committer Nick Kralevich <nnk@google.com> Wed Jan 16 13:16:42 2013 -0800
tree b63e06f7a65f3ac2df09449bb65172644f230386
parent ba117e4172fe6f160bf5f4d58b37e12c08c34245

Revert "stack protector: use AT_RANDOM"

The AT_RANDOM changes broke setuid / setgid executables
such as "ping". When the linker executes a setuid program,
it cleans the environment, removing any invalid environment
entries, and adding "NULL"s to the end of the environment
array for each removed variable. Later on, we try to determine
the location of the aux environment variable, and get tripped
up by these extra NULLs.

Reverting this patch will get setuid executables working again,
but getauxval() is still broken for setuid programs because of
this bug.

This reverts commit e3a49a8661125f24aec8a1453e54b3b78005e21e.

Change-Id: I05c58a896b1fe32cfb5d95d43b096045cda0aa4a

libc/private/bionic_ssp.h

diff --git a/libc/private/bionic_ssp.h b/libc/private/bionic_ssp.h
index 14ced64..697216c 100644
--- a/libc/private/bionic_ssp.h
+++ b/libc/private/bionic_ssp.h
@@ -29,8 +29,8 @@
 #ifndef _PRIVATE_SSP_H
 #define _PRIVATE_SSP_H
 
-#include <string.h>
-#include <sys/auxv.h>
+#include <errno.h>
+#include <sys/cdefs.h>
 
 __BEGIN_DECLS
 
@@ -48,11 +48,27 @@
 extern void __stack_chk_fail();
 
 __inline__ static void* __attribute__((always_inline)) __generate_stack_chk_guard(void) {
+  union {
+    uintptr_t value;
+    char bytes[sizeof(uintptr_t)];
+  } u;
 
-  void* src = (void*) getauxval(AT_RANDOM);
-  void* result;
-  memcpy(&result, src, sizeof(result));
-  return result;
+  /* Try pulling random bytes from /dev/urandom. */
+  int fd = TEMP_FAILURE_RETRY(open("/dev/urandom", O_RDONLY));
+  if (fd != -1) {
+    ssize_t byte_count = TEMP_FAILURE_RETRY(read(fd, &u.bytes, sizeof(u)));
+    close(fd);
+    if (byte_count == sizeof(u)) {
+      return (void*) u.value;
+    }
+  }
+
+  /* If that failed, switch to 'terminator canary'. */
+  u.bytes[0] = 0;
+  u.bytes[1] = 0;
+  u.bytes[2] = '\n';
+  u.bytes[3] = 255;
+  return (void*) u.value;
 }
 
 __END_DECLS

libc/private/bionic_tls.h

diff --git a/libc/private/bionic_tls.h b/libc/private/bionic_tls.h
index b33e53e..f661ccf 100644
--- a/libc/private/bionic_tls.h
+++ b/libc/private/bionic_tls.h
@@ -29,7 +29,6 @@
 #define _SYS_TLS_H
 
 #include <sys/cdefs.h>
-#include <stdint.h>
 
 __BEGIN_DECLS
 
@@ -135,7 +134,7 @@
 extern void*  __get_stack_base(int  *p_stack_size);
 
 /* Initialize the TLS. */
-extern void __libc_init_tls(uintptr_t* elfdata);
+extern void __libc_init_tls(unsigned** elfdata);
 
 __END_DECLS