Implement setjmp cookies on ARM. Reuse the top bits of _JB_SIGFLAG field previously used to store a boolean to store a cookie that's validated by [sig]longjmp to make it harder to use as a ROP gadget. Additionally, encrypt saved registers with the cookie so that an attacker can't modify a register's value to a specific value without knowing the cookie. Bug: http://b/23942752 Change-Id: Id0eb8d06916e89d5d776bfcaa9458f8826717ba3

commit: 7fda8d2aa4d24ab400f6f0cb9f792488b634afae [log] [tgz]
author: Josh Gao <jmgao@google.com> Thu Sep 10 15:40:24 2015 -0700
committer: Josh Gao <jmgao@google.com> Thu Sep 17 14:07:24 2015 -0700
tree: d81ce371104bff97fa70f76b76eefe05b0c588f5
parent: 90fc8e24876412a816776d44bedc77e1f1888a13 [diff] [blame]
diff --git a/libc/bionic/libc_init_common.cpp b/libc/bionic/libc_init_common.cpp
index 3ca6c0d..f59fa67 100644
--- a/libc/bionic/libc_init_common.cpp
+++ b/libc/bionic/libc_init_common.cpp

@@ -49,6 +49,7 @@
 #include "pthread_internal.h"
 
 extern "C" abort_msg_t** __abort_message_ptr;
+extern "C" void __bionic_setjmp_cookie_init(void);
 extern "C" int __system_properties_init(void);
 extern "C" int __set_tls(void* ptr);
 extern "C" int __set_tid_address(int* tid_address);
@@ -121,6 +122,7 @@
 
   __system_properties_init(); // Requires 'environ'.
 
+  __bionic_setjmp_cookie_init();
   __libc_init_vdso();
 }
commit	7fda8d2aa4d24ab400f6f0cb9f792488b634afae	[log] [tgz]
author	Josh Gao <jmgao@google.com>	Thu Sep 10 15:40:24 2015 -0700
committer	Josh Gao <jmgao@google.com>	Thu Sep 17 14:07:24 2015 -0700
tree	d81ce371104bff97fa70f76b76eefe05b0c588f5
parent	90fc8e24876412a816776d44bedc77e1f1888a13 [diff] [blame]