Defend against -fstack-protector in libc startup.
Exactly which functions get a stack protector is up to the compiler, so
let's separate the code that sets up the environment stack protection
requires and explicitly build it with -fno-stack-protector.
Bug: http://b/26276517
Change-Id: I8719e23ead1f1e81715c32c1335da868f68369b5
diff --git a/libc/bionic/__cxa_thread_atexit_impl.cpp b/libc/bionic/__cxa_thread_atexit_impl.cpp
index 0e903b9..6284b12 100644
--- a/libc/bionic/__cxa_thread_atexit_impl.cpp
+++ b/libc/bionic/__cxa_thread_atexit_impl.cpp
@@ -17,7 +17,8 @@
#include "pthread_internal.h"
-struct thread_local_dtor {
+class thread_local_dtor {
+ public:
void (*func) (void *);
void *arg;
void *dso_handle; // unused...
diff --git a/libc/bionic/__libc_init_main_thread.cpp b/libc/bionic/__libc_init_main_thread.cpp
new file mode 100644
index 0000000..e1445cb
--- /dev/null
+++ b/libc/bionic/__libc_init_main_thread.cpp
@@ -0,0 +1,85 @@
+/*
+ * Copyright (C) 2008 The Android Open Source Project
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "libc_init_common.h"
+
+#include "private/bionic_auxv.h"
+#include "private/bionic_globals.h"
+#include "private/KernelArgumentBlock.h"
+#include "pthread_internal.h"
+
+extern "C" int __set_tls(void* ptr);
+extern "C" int __set_tid_address(int* tid_address);
+
+// Setup for the main thread. For dynamic executables, this is called by the
+// linker _before_ libc is mapped in memory. This means that all writes to
+// globals from this function will apply to linker-private copies and will not
+// be visible from libc later on.
+//
+// Note: this function creates a pthread_internal_t for the initial thread and
+// stores the pointer in TLS, but does not add it to pthread's thread list. This
+// has to be done later from libc itself (see __libc_init_common).
+//
+// This is in a file by itself because it needs to be built with
+// -fno-stack-protector because it's responsible for setting up the main
+// thread's TLS (which stack protector relies on).
+
+void __libc_init_main_thread(KernelArgumentBlock& args) {
+ __libc_auxv = args.auxv;
+
+ static pthread_internal_t main_thread;
+
+ // The -fstack-protector implementation uses TLS, so make sure that's
+ // set up before we call any function that might get a stack check inserted.
+ __set_tls(main_thread.tls);
+
+ // Tell the kernel to clear our tid field when we exit, so we're like any other pthread.
+ // As a side-effect, this tells us our pid (which is the same as the main thread's tid).
+ main_thread.tid = __set_tid_address(&main_thread.tid);
+ main_thread.set_cached_pid(main_thread.tid);
+
+ // We don't want to free the main thread's stack even when the main thread exits
+ // because things like environment variables with global scope live on it.
+ // We also can't free the pthread_internal_t itself, since that lives on the main
+ // thread's stack rather than on the heap.
+ // The main thread has no mmap allocated space for stack or pthread_internal_t.
+ main_thread.mmap_size = 0;
+ pthread_attr_init(&main_thread.attr);
+ main_thread.attr.guard_size = 0; // The main thread has no guard page.
+ main_thread.attr.stack_size = 0; // User code should never see this; we'll compute it when asked.
+ // TODO: the main thread's sched_policy and sched_priority need to be queried.
+
+ __init_thread(&main_thread);
+ __init_tls(&main_thread);
+
+ // Store a pointer to the kernel argument block in a TLS slot to be
+ // picked up by the libc constructor.
+ main_thread.tls[TLS_SLOT_BIONIC_PREINIT] = &args;
+
+ __init_alternate_signal_stack(&main_thread);
+}
diff --git a/libc/bionic/libc_init_common.cpp b/libc/bionic/libc_init_common.cpp
index d16b452..532dab9 100644
--- a/libc/bionic/libc_init_common.cpp
+++ b/libc/bionic/libc_init_common.cpp
@@ -52,8 +52,6 @@
extern "C" abort_msg_t** __abort_message_ptr;
extern "C" int __system_properties_init(void);
-extern "C" int __set_tls(void* ptr);
-extern "C" int __set_tid_address(int* tid_address);
__LIBC_HIDDEN__ WriteProtected<libc_globals> __libc_globals;
@@ -66,49 +64,6 @@
// Declared in "private/bionic_ssp.h".
uintptr_t __stack_chk_guard = 0;
-// Setup for the main thread. For dynamic executables, this is called by the
-// linker _before_ libc is mapped in memory. This means that all writes to
-// globals from this function will apply to linker-private copies and will not
-// be visible from libc later on.
-//
-// Note: this function creates a pthread_internal_t for the initial thread and
-// stores the pointer in TLS, but does not add it to pthread's thread list. This
-// has to be done later from libc itself (see __libc_init_common).
-void __libc_init_main_thread(KernelArgumentBlock& args) {
- __libc_auxv = args.auxv;
-
- static pthread_internal_t main_thread;
-
- // The x86 -fstack-protector implementation uses TLS, so make sure that's
- // set up before we call any function that might get a stack check inserted.
- __set_tls(main_thread.tls);
-
- // Tell the kernel to clear our tid field when we exit, so we're like any other pthread.
- // As a side-effect, this tells us our pid (which is the same as the main thread's tid).
- main_thread.tid = __set_tid_address(&main_thread.tid);
- main_thread.set_cached_pid(main_thread.tid);
-
- // We don't want to free the main thread's stack even when the main thread exits
- // because things like environment variables with global scope live on it.
- // We also can't free the pthread_internal_t itself, since that lives on the main
- // thread's stack rather than on the heap.
- // The main thread has no mmap allocated space for stack or pthread_internal_t.
- main_thread.mmap_size = 0;
- pthread_attr_init(&main_thread.attr);
- main_thread.attr.guard_size = 0; // The main thread has no guard page.
- main_thread.attr.stack_size = 0; // User code should never see this; we'll compute it when asked.
- // TODO: the main thread's sched_policy and sched_priority need to be queried.
-
- __init_thread(&main_thread);
- __init_tls(&main_thread);
-
- // Store a pointer to the kernel argument block in a TLS slot to be
- // picked up by the libc constructor.
- main_thread.tls[TLS_SLOT_BIONIC_PREINIT] = &args;
-
- __init_alternate_signal_stack(&main_thread);
-}
-
void __libc_init_globals(KernelArgumentBlock& args) {
// Initialize libc globals that are needed in both the linker and in libc.
// In dynamic binaries, this is run at least twice for different copies of the
diff --git a/libc/bionic/libc_init_dynamic.cpp b/libc/bionic/libc_init_dynamic.cpp
index edf6a44..97d9e39 100644
--- a/libc/bionic/libc_init_dynamic.cpp
+++ b/libc/bionic/libc_init_dynamic.cpp
@@ -25,6 +25,7 @@
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
+
/*
* libc_init_dynamic.c
*
diff --git a/libc/bionic/libc_init_static.cpp b/libc/bionic/libc_init_static.cpp
index 2fe86d0..3cda1a2 100644
--- a/libc/bionic/libc_init_static.cpp
+++ b/libc/bionic/libc_init_static.cpp
@@ -25,17 +25,6 @@
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
-/*
- * libc_init_static.c
- *
- * The program startup function __libc_init() defined here is
- * used for static executables only (i.e. those that don't depend
- * on shared libraries). It is called from arch-$ARCH/bionic/crtbegin_static.S
- * which is directly invoked by the kernel when the program is launched.
- *
- * The 'structors' parameter contains pointers to various initializer
- * arrays that must be run before the program's 'main' routine is launched.
- */
#include <elf.h>
#include <errno.h>
@@ -79,12 +68,19 @@
}
}
+// The program startup function __libc_init() defined here is
+// used for static executables only (i.e. those that don't depend
+// on shared libraries). It is called from arch-$ARCH/bionic/crtbegin_static.S
+// which is directly invoked by the kernel when the program is launched.
+//
+// The 'structors' parameter contains pointers to various initializer
+// arrays that must be run before the program's 'main' routine is launched.
+
__noreturn void __libc_init(void* raw_args,
void (*onexit)(void) __unused,
int (*slingshot)(int, char**, char**),
structors_array_t const * const structors) {
KernelArgumentBlock args(raw_args);
-
__libc_init_main_thread(args);
// Initializing the globals requires TLS to be available for errno.
diff --git a/libc/bionic/pthread_internal.h b/libc/bionic/pthread_internal.h
index f96e9d2..e8be4ae 100644
--- a/libc/bionic/pthread_internal.h
+++ b/libc/bionic/pthread_internal.h
@@ -40,7 +40,8 @@
/* Has the thread been joined by another thread? */
#define PTHREAD_ATTR_FLAG_JOINED 0x00000002
-struct pthread_key_data_t {
+class pthread_key_data_t {
+ public:
uintptr_t seq; // Use uintptr_t just for alignment, as we use pointer below.
void* data;
};
@@ -52,11 +53,12 @@
THREAD_DETACHED
};
-struct thread_local_dtor;
+class thread_local_dtor;
-struct pthread_internal_t {
- struct pthread_internal_t* next;
- struct pthread_internal_t* prev;
+class pthread_internal_t {
+ public:
+ class pthread_internal_t* next;
+ class pthread_internal_t* prev;
pid_t tid;