r1322 - trunk/glibc

archaic at linuxfromscratch.org archaic at linuxfromscratch.org
Tue Jan 3 12:17:03 PST 2006


Author: archaic
Date: 2006-01-03 13:17:03 -0700 (Tue, 03 Jan 2006)
New Revision: 1322

Added:
   trunk/glibc/glibc-2.3.6-arc4random-2.patch
   trunk/glibc/glibc-2.3.6-ssp-2.patch
Log:
Added glibc-2.3.6-arc4random-2.patch, glibc-2.3.6-ssp-2.patch

Added: trunk/glibc/glibc-2.3.6-arc4random-2.patch
===================================================================
--- trunk/glibc/glibc-2.3.6-arc4random-2.patch	2006-01-03 20:15:51 UTC (rev 1321)
+++ trunk/glibc/glibc-2.3.6-arc4random-2.patch	2006-01-03 20:17:03 UTC (rev 1322)
@@ -0,0 +1,569 @@
+Submitted By: Robert Connolly <robert at linuxfromscratch dot org> (ashes)
+Date: 2006-01-01
+Initial Package Version: 2.3.6
+Upstream Status: Not submitted
+Origin: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c
+Description: This patch adds the arc4random() and arc4randomII() functions
+to Glibc, and hooks so mktemp(3) can use arc4randomII().
+
+Also see:
+http://www.linuxfromscratch.org/hlfs/
+http://www.linuxfromscratch.org/hints/downloads/files/entropy.txt
+
+diff -Naur glibc-2.3.6.orig/manual/arc4random.3 glibc-2.3.6/manual/arc4random.3
+--- glibc-2.3.6.orig/manual/arc4random.3	1970-01-01 00:00:00.000000000 +0000
++++ glibc-2.3.6/manual/arc4random.3	2006-01-01 07:48:48.000000000 +0000
+@@ -0,0 +1,74 @@
++.TH ARC4RANDOM 3 "February 11, 2005"
++.SH NAME
++arc4random - arc4 random number generator
++.SH SYNOPSIS 
++.nf
++.B #include <stdlib.h>
++.sp
++.I u_int32_t
++.B arc4random(void);
++.sp
++.I u_int32_t
++.B arc4randomII(void);
++.fi
++.SH DESCRIPTION 
++The \fBarc4random()\fP function generates a pseudo-random number using the
++ARC4 cipher key stream generator. ARCFOUR uses 8*8 8 bit S-Boxes, and can
++be in about (2**1700) states.
++
++The \fBarc4random()\fP function is seeded automatically from /dev/urandom,
++or from sysctl \fBurandom\fP if /dev/urandom is not accessible (chroot), or from
++sysctl random.uuid if sysctl \fBurandom\fP is not accessible. \fBgettimeofday(2)\fP
++is always included when initializing the state of \fBarc4random()\fP, this makes
++it impossible to generate the same random sequence twice. \fBarc4random()\fP
++is intended to be safe to use with encryption software to provide entropy.
++
++The \fBarc4randomII()\fP function is identical to \fBarc4random()\fP except
++that \fBarc4randomII()\fP is seeded automatically from /dev/erandom, and
++sysctl erandom. \fBarc4randomII()\fP is NOT intended for cryptography, but is
++ideal for \fBmktemp(3)\fP, and other functions with a short lifespan.
++\fBarc4randomII()\fP and erandom do not consume any kernel entropy.
++
++Sysctl urandom, and erandom require a modified kernel. See:
++http://www.linuxfromscratch.org/hlfs/
++
++.SH EXAMPLES
++.TP 
++Return a random number between 0 and 100.
++.sp
++arc4random() % 100;
++.TP
++Return any random number.
++.sp
++arc4random();
++.TP
++.nf
++Sample program; this will display a number between 0 and 65536.
++
++#include <stdlib.h>
++#include <stdio.h>
++
++int main(void) {
++    int random_number;
++    random_number = arc4random() % 65536;
++    printf("%d\n", random_number);
++    return 0;
++}
++.fi
++.SH "SEE ALSO"
++.BR random (3),
++.BR gettimeofday (2),
++.BR mktemp (3)
++
++.SH HISTORY
++An algorithm called RC4 was designed by RSA Data Security, Inc.  It was
++considered a trade secret, but not trademarked.  Because it was a trade
++secret, it obviously could not be patented.  A clone of this was posted
++anonymously to USENET and confirmed to be equivalent by several sources
++who had access to the original cipher.  Because of the trade secret situation,
++RSA Data Security, Inc. can do nothing about the release of the
++ARC4 algorithm.  Since RC4 used to be a trade secret, the cipher is now
++referred to as ARC4 (Another RC4).
++
++These functions first appeared in OpenBSD 2.1.
++
+diff -Naur glibc-2.3.6.orig/stdlib/Makefile glibc-2.3.6/stdlib/Makefile
+--- glibc-2.3.6.orig/stdlib/Makefile	2005-02-16 11:23:58.000000000 +0000
++++ glibc-2.3.6/stdlib/Makefile	2006-01-01 07:48:48.000000000 +0000
+@@ -27,7 +27,7 @@
+ 
+ routines	:=							      \
+ 	atof atoi atol atoll						      \
+-	abort								      \
++	abort arc4random arc4randomII					      \
+ 	bsearch qsort msort						      \
+ 	getenv putenv setenv secure-getenv				      \
+ 	exit on_exit atexit cxa_atexit cxa_finalize old_atexit		      \
+diff -Naur glibc-2.3.6.orig/stdlib/Versions glibc-2.3.6/stdlib/Versions
+--- glibc-2.3.6.orig/stdlib/Versions	2004-05-03 21:25:53.000000000 +0000
++++ glibc-2.3.6/stdlib/Versions	2006-01-01 07:50:28.000000000 +0000
+@@ -11,6 +11,8 @@
+ 
+     # a*
+     a64l; abort; abs; atexit; atof; atoi; atol; atoll;
++    arc4random_stir; arc4random_addrandom; arc4random;
++    arc4random_stirII; arc4random_addrandomII; arc4randomII;
+ 
+     # b*
+     bsearch;
+diff -Naur glibc-2.3.6.orig/stdlib/arc4random.c glibc-2.3.6/stdlib/arc4random.c
+--- glibc-2.3.6.orig/stdlib/arc4random.c	1970-01-01 00:00:00.000000000 +0000
++++ glibc-2.3.6/stdlib/arc4random.c	2006-01-01 07:48:48.000000000 +0000
+@@ -0,0 +1,205 @@
++/*
++ * Arc4 random number generator for OpenBSD.
++ * Copyright 1996 David Mazieres <dm at lcs.mit.edu>.
++ *
++ * Modification and redistribution in source and binary forms is
++ * permitted provided that due credit is given to the author and the
++ * OpenBSD project by leaving this copyright notice intact.
++ */
++
++/*
++ * This code is derived from section 17.1 of Applied Cryptography,
++ * second edition, which describes a stream cipher allegedly
++ * compatible with RSA Labs "RC4" cipher (the actual description of
++ * which is a trade secret).  The same algorithm is used as a stream
++ * cipher called "arcfour" in Tatu Ylonen's ssh package.
++ *
++ * Here the stream cipher has been modified always to include the time
++ * when initializing the state.  That makes it impossible to
++ * regenerate the same random sequence twice, so this can't be used
++ * for encryption, but will generate good random numbers.
++ *
++ * RC4 is a registered trademark of RSA Laboratories.
++ */
++
++/*
++ * Modified by Robert Connolly from OpenBSD lib/libc/crypt/arc4random.c v1.11.
++ * This is arc4random(3) using urandom.
++ */
++
++#include <fcntl.h>
++#include <stdlib.h>
++#include <unistd.h>
++#include <sys/types.h>
++#include <sys/param.h>
++#include <sys/time.h>
++#include <sys/sysctl.h>
++
++#ifdef __GNUC__
++#define inline __inline
++#else				/* !__GNUC__ */
++#define inline
++#endif				/* !__GNUC__ */
++
++struct arc4_stream {
++	u_int8_t i;
++	u_int8_t j;
++	u_int8_t s[256];
++};
++
++static int rs_initialized;
++static struct arc4_stream rs;
++static pid_t arc4_stir_pid;
++
++static inline u_int8_t arc4_getbyte(struct arc4_stream *);
++
++static inline void
++arc4_init(struct arc4_stream *as)
++{
++	int     n;
++
++	for (n = 0; n < 256; n++)
++		as->s[n] = n;
++	as->i = 0;
++	as->j = 0;
++}
++
++static inline void
++arc4_addrandom(struct arc4_stream *as, u_char *dat, int datlen)
++{
++	int     n;
++	u_int8_t si;
++
++	as->i--;
++	for (n = 0; n < 256; n++) {
++		as->i = (as->i + 1);
++		si = as->s[as->i];
++		as->j = (as->j + si + dat[n % datlen]);
++		as->s[as->i] = as->s[as->j];
++		as->s[as->j] = si;
++	}
++	as->j = as->i;
++}
++
++static void
++arc4_stir(struct arc4_stream *as)
++{
++	int     n, fd;
++	struct {
++		struct timeval tv;
++		u_int rnd[(128 - sizeof(struct timeval)) / sizeof(u_int)];
++	}       rdat;
++
++	gettimeofday(&rdat.tv, NULL);
++
++	/* /dev/urandom is a multithread interface, sysctl is not. */
++	/* Try to use /dev/urandom before sysctl. */
++	fd = open("/dev/urandom", O_RDONLY);
++	if (fd != -1) {
++		read(fd, rdat.rnd, sizeof(rdat.rnd));
++		close(fd);
++	}
++
++#if defined(SYSCTL_URANDOM)
++	else {
++		/* /dev/urandom failed? Maybe we're in a chroot. */
++		int mib[]={CTL_KERN, KERN_RANDOM, RANDOM_URANDOM};
++		u_int i;
++		size_t len;
++
++		for (i = 0; i < sizeof(rdat.rnd) / sizeof(u_int); i ++) {
++			len = sizeof(u_int);
++			if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1)
++				break;
++		}
++	  if (i < sizeof(rdat.rnd) / 4) {
++	  /* Sysctl urandom failed? Maybe we're running a vanilla kernel. */
++		mib[2] = RANDOM_UUID;
++		for (i = 0; i < sizeof(rdat.rnd) / sizeof(u_int); i ++) {
++			len = sizeof(u_int);
++			if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1)
++				break;
++		}
++	  }
++	}
++#endif
++
++	arc4_stir_pid = getpid();
++	/*
++	 * Time to give up. If no entropy could be found then we will just
++	 * use gettimeofday.
++	 */
++	arc4_addrandom(as, (void *)&rdat, sizeof(rdat));
++
++	/*
++	 * Discard early keystream, as per recommendations in:
++	 * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
++	 * We discard 256 words. A long word is 4 bytes.
++	 */
++	for (n = 0; n < 256 * 4; n ++)
++		arc4_getbyte(as);
++}
++
++static inline u_int8_t
++arc4_getbyte(struct arc4_stream *as)
++{
++	u_int8_t si, sj;
++
++	as->i = (as->i + 1);
++	si = as->s[as->i];
++	as->j = (as->j + si);
++	sj = as->s[as->j];
++	as->s[as->i] = sj;
++	as->s[as->j] = si;
++	return (as->s[(si + sj) & 0xff]);
++}
++
++static inline u_int32_t
++arc4_getword(struct arc4_stream *as)
++{
++	u_int32_t val;
++	val = arc4_getbyte(as) << 24;
++	val |= arc4_getbyte(as) << 16;
++	val |= arc4_getbyte(as) << 8;
++	val |= arc4_getbyte(as);
++	return val;
++}
++
++void
++arc4random_stir(void)
++{
++	if (!rs_initialized) {
++		arc4_init(&rs);
++		rs_initialized = 1;
++	}
++	arc4_stir(&rs);
++}
++
++void
++arc4random_addrandom(u_char *dat, int datlen)
++{
++	if (!rs_initialized)
++		arc4random_stir();
++	arc4_addrandom(&rs, dat, datlen);
++}
++
++u_int32_t
++arc4random(void)
++{
++	if (!rs_initialized || arc4_stir_pid != getpid())
++		arc4random_stir();
++	return arc4_getword(&rs);
++}
++
++#if 0
++/*-------- Test code --------*/
++#include <stdlib.h>
++#include <stdio.h>
++
++int main(void) {
++	int random_number;
++	random_number = arc4random() % 65536;
++	printf("A random number between 0 and 65536 is %d\n", random_number);
++	return 0;
++}
++#endif
+diff -Naur glibc-2.3.6.orig/stdlib/arc4randomII.c glibc-2.3.6/stdlib/arc4randomII.c
+--- glibc-2.3.6.orig/stdlib/arc4randomII.c	1970-01-01 00:00:00.000000000 +0000
++++ glibc-2.3.6/stdlib/arc4randomII.c	2006-01-01 07:48:48.000000000 +0000
+@@ -0,0 +1,196 @@
++/*
++ * Arc4 random number generator for OpenBSD.
++ * Copyright 1996 David Mazieres <dm at lcs.mit.edu>.
++ *
++ * Modification and redistribution in source and binary forms is
++ * permitted provided that due credit is given to the author and the
++ * OpenBSD project by leaving this copyright notice intact.
++ */
++
++/*
++ * This code is derived from section 17.1 of Applied Cryptography,
++ * second edition, which describes a stream cipher allegedly
++ * compatible with RSA Labs "RC4" cipher (the actual description of
++ * which is a trade secret).  The same algorithm is used as a stream
++ * cipher called "arcfour" in Tatu Ylonen's ssh package.
++ *
++ * Here the stream cipher has been modified always to include the time
++ * when initializing the state.  That makes it impossible to
++ * regenerate the same random sequence twice, so this can't be used
++ * for encryption, but will generate good random numbers.
++ *
++ * RC4 is a registered trademark of RSA Laboratories.
++ */
++
++/*
++ * Modified by Robert Connolly from OpenBSD lib/libc/crypt/arc4random.c v1.11.
++ * This is arc4randomII(3) using erandom.
++ */
++
++#include <fcntl.h>
++#include <stdlib.h>
++#include <unistd.h>
++#include <sys/types.h>
++#include <sys/param.h>
++#include <sys/time.h>
++#include <sys/sysctl.h>
++
++#ifdef __GNUC__
++#define inline __inline
++#else				/* !__GNUC__ */
++#define inline
++#endif				/* !__GNUC__ */
++
++struct arc4_streamII {
++	u_int8_t i;
++	u_int8_t j;
++	u_int8_t s[256];
++};
++
++static int rs_initializedII;
++static struct arc4_streamII rs;
++static pid_t arc4_stir_pidII;
++
++static inline u_int8_t arc4_getbyteII(struct arc4_streamII *);
++
++static inline void
++arc4_initII(struct arc4_streamII *as)
++{
++	int     n;
++
++	for (n = 0; n < 256; n++)
++		as->s[n] = n;
++	as->i = 0;
++	as->j = 0;
++}
++
++static inline void
++arc4_addrandomII(struct arc4_streamII *as, u_char *dat, int datlen)
++{
++	int     n;
++	u_int8_t si;
++
++	as->i--;
++	for (n = 0; n < 256; n++) {
++		as->i = (as->i + 1);
++		si = as->s[as->i];
++		as->j = (as->j + si + dat[n % datlen]);
++		as->s[as->i] = as->s[as->j];
++		as->s[as->j] = si;
++	}
++	as->j = as->i;
++}
++
++static void
++arc4_stirII(struct arc4_streamII *as)
++{
++	int     n, fd;
++	struct {
++		struct timeval tv;
++		u_int rnd[(128 - sizeof(struct timeval)) / sizeof(u_int)];
++	}       rdat;
++
++	gettimeofday(&rdat.tv, NULL);
++
++	/* /dev/urandom is a multithread interface, sysctl is not. */
++	/* Try to use /dev/urandom before sysctl. */
++	fd = open("/dev/erandom", O_RDONLY);
++	if (fd != -1) {
++		read(fd, rdat.rnd, sizeof(rdat.rnd));
++		close(fd);
++	}
++
++#if defined(SYSCTL_ERANDOM)
++	else {
++		/* /dev/urandom failed? Maybe we're in a chroot. */
++		int mib[]={CTL_KERN, KERN_RANDOM, RANDOM_ERANDOM};
++		u_int i;
++		size_t len;
++
++		for (i = 0; i < sizeof(rdat.rnd) / sizeof(u_int); i++) {
++			len = sizeof(u_int);
++			if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1)
++				break;
++		}
++	}
++#endif
++
++	arc4_stir_pidII = getpid();
++	/*
++	 * Time to give up. If no entropy could be found then we will just
++	 * use gettimeofday.
++	 */
++	arc4_addrandomII(as, (void *)&rdat, sizeof(rdat));
++
++	/*
++	 * Discard early keystream, as per recommendations in:
++	 * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
++	 * We discard 256 words. A long word is 4 bytes.
++	 */
++	for (n = 0; n < 256 * 4; n ++)
++		arc4_getbyteII(as);
++}
++
++static inline u_int8_t
++arc4_getbyteII(struct arc4_streamII *as)
++{
++	u_int8_t si, sj;
++
++	as->i = (as->i + 1);
++	si = as->s[as->i];
++	as->j = (as->j + si);
++	sj = as->s[as->j];
++	as->s[as->i] = sj;
++	as->s[as->j] = si;
++	return (as->s[(si + sj) & 0xff]);
++}
++
++static inline u_int32_t
++arc4_getwordII(struct arc4_streamII *as)
++{
++	u_int32_t val;
++	val = arc4_getbyteII(as) << 24;
++	val |= arc4_getbyteII(as) << 16;
++	val |= arc4_getbyteII(as) << 8;
++	val |= arc4_getbyteII(as);
++	return val;
++}
++
++void
++arc4random_stirII(void)
++{
++	if (!rs_initializedII) {
++		arc4_initII(&rs);
++		rs_initializedII = 1;
++	}
++	arc4_stirII(&rs);
++}
++
++void
++arc4random_addrandomII(u_char *dat, int datlen)
++{
++	if (!rs_initializedII)
++		arc4random_stirII();
++	arc4_addrandomII(&rs, dat, datlen);
++}
++
++u_int32_t
++arc4randomII(void)
++{
++	if (!rs_initializedII || arc4_stir_pidII != getpid())
++		arc4random_stirII();
++	return arc4_getwordII(&rs);
++}
++
++#if 0
++/*-------- Test code --------*/
++#include <stdlib.h>
++#include <stdio.h>
++
++int main(void) {
++	int random_number;
++	random_number = arc4randomII() % 65536;
++	printf("A random number between 0 and 65536 is %d\n", random_number);
++	return 0;
++}
++#endif
+diff -Naur glibc-2.3.6.orig/stdlib/stdlib.h glibc-2.3.6/stdlib/stdlib.h
+--- glibc-2.3.6.orig/stdlib/stdlib.h	2005-07-18 01:15:30.000000000 +0000
++++ glibc-2.3.6/stdlib/stdlib.h	2006-01-01 07:48:48.000000000 +0000
+@@ -572,6 +572,15 @@
+ extern int lcong48_r (unsigned short int __param[7],
+ 		      struct drand48_data *__buffer)
+      __THROW __nonnull ((1, 2));
++
++#define LIBC_HAS_ARC4RANDOM
++u_int32_t arc4random(void);
++void arc4random_stir(void);
++void arc4random_addrandom(unsigned char *, int);
++u_int32_t arc4randomII(void);
++void arc4random_stirII(void);
++void arc4random_addrandomII(unsigned char *, int);
++
+ # endif	/* Use misc.  */
+ #endif	/* Use SVID or X/Open.  */
+ 
+diff -Naur glibc-2.3.6.orig/sysdeps/posix/tempname.c glibc-2.3.6/sysdeps/posix/tempname.c
+--- glibc-2.3.6.orig/sysdeps/posix/tempname.c	2001-11-27 03:35:06.000000000 +0000
++++ glibc-2.3.6/sysdeps/posix/tempname.c	2006-01-01 07:48:48.000000000 +0000
+@@ -258,6 +258,10 @@
+   /* This is where the Xs start.  */
+   XXXXXX = &tmpl[len - 6];
+ 
++/* Get real random data. */
++#if defined(LIBC_HAS_ARC4RANDOM)
++  random_time_bits = arc4randomII();
++#else
+   /* Get some more or less random data.  */
+ #ifdef RANDOM_BITS
+   RANDOM_BITS (random_time_bits);
+@@ -272,7 +276,12 @@
+   random_time_bits = time (NULL);
+ # endif
+ #endif
++#endif
++#if defined(LIBC_HAS_ARC4RANDOM)
++  value += random_time_bits ^ arc4randomII();
++#else
+   value += random_time_bits ^ __getpid ();
++#endif
+ 
+   for (count = 0; count < attempts; value += 7777, ++count)
+     {

Added: trunk/glibc/glibc-2.3.6-ssp-2.patch
===================================================================
--- trunk/glibc/glibc-2.3.6-ssp-2.patch	2006-01-03 20:15:51 UTC (rev 1321)
+++ trunk/glibc/glibc-2.3.6-ssp-2.patch	2006-01-03 20:17:03 UTC (rev 1322)
@@ -0,0 +1,192 @@
+Submitted By: Robert Connolly <robert at linuxfromscratch dot org> (ashes)
+Date: 2005-01-01
+Initial Package Version: 2.3.6
+Upstream Status: Not submitted
+Origin: http://www.research.ibm.com/trl/projects/security/ssp/
+http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/sys/stack_protector.c
+http://uclibc.org/cgi-bin/viewcvs.cgi/trunk/uClibc/libc/sysdeps/linux/common/ssp.c
+Description: Stack Smashing Protector - This patch adds SSP functions to Glibc.
+
+This patch depends on the Glibc arc4random patch.
+
+Also see:
+http://www.linuxfromscratch.org/hlfs/
+http://www.linuxfromscratch.org/hints/downloads/files/ssp.txt
+
+diff -Naur glibc-2.3.4.orig/sysdeps/generic/libc-start.c glibc-2.3.4/sysdeps/generic/libc-start.c
+--- glibc-2.3.4.orig/sysdeps/generic/libc-start.c	2004-03-31 01:46:43.000000000 +0000
++++ glibc-2.3.4/sysdeps/generic/libc-start.c	2005-02-12 17:26:49.470416840 +0000
+@@ -188,6 +188,9 @@
+     GLRO(dl_debug_printf) ("\ntransferring control: %s\n\n", argv[0]);
+ #endif
+ 
++  void __guard_setup(void) __attribute__ ((constructor));
++  __guard_setup ();
++
+ #ifdef HAVE_CLEANUP_JMP_BUF
+   /* Memory for the cancellation buffer.  */
+   struct pthread_unwind_buf unwind_buf;
+diff -Naur glibc-2.3.4.orig/sysdeps/unix/sysv/linux/Dist glibc-2.3.4/sysdeps/unix/sysv/linux/Dist
+--- glibc-2.3.4.orig/sysdeps/unix/sysv/linux/Dist	2004-06-30 07:58:38.000000000 +0000
++++ glibc-2.3.4/sysdeps/unix/sysv/linux/Dist	2005-02-12 17:26:49.473416384 +0000
+@@ -1,3 +1,4 @@
++stack_protector.c
+ bits/initspin.h
+ cmsg_nxthdr.c
+ dl-brk.c
+diff -Naur glibc-2.3.4.orig/sysdeps/unix/sysv/linux/Makefile glibc-2.3.4/sysdeps/unix/sysv/linux/Makefile
+--- glibc-2.3.4.orig/sysdeps/unix/sysv/linux/Makefile	2004-10-04 23:29:06.000000000 +0000
++++ glibc-2.3.4/sysdeps/unix/sysv/linux/Makefile	2005-02-12 17:26:49.476415928 +0000
+@@ -1,5 +1,5 @@
+ ifeq ($(subdir),csu)
+-sysdep_routines += errno-loc
++sysdep_routines += errno-loc stack_protector
+ endif
+ 
+ ifeq ($(subdir),assert)
+diff -Naur glibc-2.3.4.orig/sysdeps/unix/sysv/linux/Versions glibc-2.3.4/sysdeps/unix/sysv/linux/Versions
+--- glibc-2.3.4.orig/sysdeps/unix/sysv/linux/Versions	2004-10-22 19:57:45.000000000 +0000
++++ glibc-2.3.4/sysdeps/unix/sysv/linux/Versions	2005-02-12 17:26:49.479415472 +0000
+@@ -108,6 +108,7 @@
+   GLIBC_2.3.2 {
+     # New kernel interfaces.
+     epoll_create; epoll_ctl; epoll_wait;
++    __guard; __guard_setup; __stack_smash_handler;
+   }
+   GLIBC_2.3.3 {
+     gnu_dev_major; gnu_dev_minor; gnu_dev_makedev;
+diff -Naur glibc-2.3.4.orig/sysdeps/unix/sysv/linux/stack_protector.c glibc-2.3.4/sysdeps/unix/sysv/linux/stack_protector.c
+--- glibc-2.3.4.orig/sysdeps/unix/sysv/linux/stack_protector.c	1970-01-01 00:00:00.000000000 +0000
++++ glibc-2.3.4/sysdeps/unix/sysv/linux/stack_protector.c	2005-02-12 18:00:25.757512648 +0000
+@@ -0,0 +1,131 @@
++/*	$hlfs: stack_protector.c,v 1.7 2005/04/24 robert Exp $	*/
++
++/*
++ * Copyright (c) 2002 Hiroaki Etoh, Federico G. Schwindt, and Miodrag Vallat.
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the above copyright
++ *    notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ *    notice, this list of conditions and the following disclaimer in the
++ *    documentation and/or other materials provided with the distribution.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
++ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++ * DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT,
++ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
++ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
++ * POSSIBILITY OF SUCH DAMAGE.
++ *
++ */
++
++/* One of these things is not like the other... */
++
++/*
++ * Distributed under the terms of the GNU General Public License v2
++ * $Header: $
++ *
++ * This is a modified version of Hiroaki Etoh's stack smashing routines
++ * implemented for glibc.
++ *
++ * The following people have contributed input to this code.
++ * Ned Ludd - <solar[@]gentoo.org>
++ * Alexander Gabert - <pappy[@]gentoo.org>
++ * The PaX Team - <pageexec[@]freemail.hu>
++ * Peter S. Mazinger - <ps.m[@]gmx.net>
++ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
++ * Robert Connolly - <robert[@]linuxfromscratch.org>
++ * Cory Visi <cory at visi.name>
++ *
++ */
++
++#include <stdio.h>
++#include <string.h>
++#include <stdlib.h> /* For arc4random() */
++#include <fcntl.h>
++#include <unistd.h>
++#include <signal.h>
++#include <syslog.h>
++
++#include <sys/types.h>
++#include <sys/un.h>
++#include <sys/time.h>
++
++#ifdef __PROPOLICE_BLOCK_SEGV__
++#define SSP_SIGTYPE SIGSEGV
++#elif __PROPOLICE_BLOCK_KILL__
++#define SSP_SIGTYPE SIGKILL
++#else
++#define SSP_SIGTYPE SIGABRT
++#endif
++
++unsigned long __guard = 0UL;
++
++//void __guard_setup(void) __attribute__ ((constructor));
++void __guard_setup(void)
++{
++	int	i=0, fd=0;
++	size_t	size;
++	struct	timeval tv;
++
++	if (__guard != 0UL)
++		return;
++
++	__guard = 0xFF0A0D00UL;
++	/* Always start with the time. */
++	gettimeofday(&tv, NULL);
++	__guard ^= tv.tv_usec ^ tv.tv_sec;
++
++#if defined(LIBC_HAS_ARC4RANDOM) /* From <stdlib.h> */
++	for (i = 0; i < sizeof(__guard) / 4; i ++) {
++		size = sizeof(unsigned long);
++		if ((__guard = (int)(arc4randomII())) == (-1))
++			break;
++	}
++#else
++	if (i < sizeof(__guard) / 4) {
++	fd = open("/dev/urandom", O_RDONLY);
++		if (fd != (-1)) {
++			size = read(fd, (char *) &__guard, sizeof(__guard));
++			close(fd);
++			if (size == sizeof(__guard))
++				return;
++		}
++	}
++#endif
++}
++
++//void __stack_smash_handler(char func[], int damaged __attribute__ ((unused)));
++void __stack_smash_handler(char func[], int damaged)
++{
++	extern char *__progname;
++	const char message[] = ": stack smashing attack in function ";
++	struct sigaction sa;
++	sigset_t mask;
++
++	sigfillset(&mask);
++
++	sigdelset(&mask, SSP_SIGTYPE);	/* Block all signal handlers */
++	sigprocmask(SIG_BLOCK, &mask, NULL);	/* except SIGABRT */
++
++	/* print error message to stderr and syslog */
++	fprintf(stderr, "%s%s%s()\n", __progname, message, func);
++	syslog(LOG_INFO, "%s%s%s()", __progname, message, func);
++
++	/* Make the default handler is associated with the signal handler */
++	memset(&sa, 0, sizeof(struct sigaction));
++	sigfillset(&sa.sa_mask);	/* Block all signals */
++	sa.sa_flags = 0;
++	sa.sa_handler = SIG_DFL;
++	sigaction(SSP_SIGTYPE, &sa, NULL);
++	(void) kill(getpid(), SSP_SIGTYPE);
++	_exit(127);
++}




More information about the patches mailing list