summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMagnus Granberg <zorry@gentoo.org>2013-09-11 18:05:42 +0000
committerMagnus Granberg <zorry@gentoo.org>2013-09-11 18:05:42 +0000
commit0f53fd0962471ee0cd10db053b86af14fc099bba (patch)
treecfc2d26f121ed7c2abe7a2240aa0754c2bd18000 /sys-libs
parentVersion bump wrt bug #483150. (diff)
downloadgentoo-2-0f53fd0962471ee0cd10db053b86af14fc099bba.tar.gz
gentoo-2-0f53fd0962471ee0cd10db053b86af14fc099bba.tar.bz2
gentoo-2-0f53fd0962471ee0cd10db053b86af14fc099bba.zip
Fix hardeend patches for glibc 2.18 #483804
(Portage version: 2.2.1/cvs/Linux x86_64, signed Manifest commit with key FD79807F)
Diffstat (limited to 'sys-libs')
-rw-r--r--sys-libs/glibc/ChangeLog8
-rw-r--r--sys-libs/glibc/files/2.18/glibc-2.18-gentoo-chk_fail.c314
-rw-r--r--sys-libs/glibc/files/2.18/glibc-2.18-gentoo-stack_chk_fail.c322
-rw-r--r--sys-libs/glibc/files/2.18/glibc-2.18-hardened-inittls-nosysenter.patch277
-rw-r--r--sys-libs/glibc/glibc-2.18.ebuild8
5 files changed, 924 insertions, 5 deletions
diff --git a/sys-libs/glibc/ChangeLog b/sys-libs/glibc/ChangeLog
index ac821a3cf778..d47e6897d430 100644
--- a/sys-libs/glibc/ChangeLog
+++ b/sys-libs/glibc/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sys-libs/glibc
# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.948 2013/08/17 17:37:57 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/ChangeLog,v 1.949 2013/09/11 18:05:42 zorry Exp $
+
+ 11 Sep 2013; Magnus Granberg <zorry@gentoo.org> glibc-2.18.ebuild,
+ +files/2.18/glibc-2.18-gentoo-chk_fail.c,
+ +files/2.18/glibc-2.18-gentoo-stack_chk_fail.c,
+ +files/2.18/glibc-2.18-hardened-inittls-nosysenter.patch:
+ Fix hardened patches for glibc 2.18 bug 483804
17 Aug 2013; Mike Frysinger <vapier@gentoo.org> glibc-2.18.ebuild:
Re-add mips librt patch to exclude list #481438 by Manuel Lauss.
diff --git a/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-chk_fail.c b/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-chk_fail.c
new file mode 100644
index 000000000000..c1934362f628
--- /dev/null
+++ b/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-chk_fail.c
@@ -0,0 +1,314 @@
+/* Copyright (C) 2004, 2005 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+/* Copyright (C) 2006-2013 Gentoo Foundation Inc.
+ * License terms as above.
+ *
+ * Hardened Gentoo SSP and FORTIFY handler
+ *
+ * An SSP failure handler that does not use functions from the rest of
+ * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures
+ * no possibility of recursion into the handler.
+ *
+ * Direct all bug reports to http://bugs.gentoo.org/
+ *
+ * Re-written from the glibc-2.3 Hardened Gentoo SSP handler
+ * by Kevin F. Quinn - <kevquinn[@]gentoo.org>
+ *
+ * The following people contributed to the glibc-2.3 Hardened
+ * Gentoo SSP and FORTIFY handler, from which this implementation draws much:
+ *
+ * Ned Ludd - <solar[@]gentoo.org>
+ * Alexander Gabert - <pappy[@]gentoo.org>
+ * The PaX Team - <pageexec[@]freemail.hu>
+ * Peter S. Mazinger - <ps.m[@]gmx.net>
+ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
+ * Robert Connolly - <robert[@]linuxfromscratch.org>
+ * Cory Visi <cory[@]visi.name>
+ * Mike Frysinger <vapier[@]gentoo.org>
+ * Magnus Granberg <zorry[@]ume.nu>
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <unistd.h>
+#include <signal.h>
+
+#include <sys/types.h>
+
+#include <sysdep-cancel.h>
+#include <sys/syscall.h>
+
+#include <kernel-features.h>
+
+#include <alloca.h>
+/* from sysdeps */
+#include <socketcall.h>
+/* for the stuff in bits/socket.h */
+#include <sys/socket.h>
+#include <sys/un.h>
+
+/* Sanity check on SYSCALL macro names - force compilation
+ * failure if the names used here do not exist
+ */
+#if !defined __NR_socketcall && !defined __NR_socket
+# error Cannot do syscall socket or socketcall
+#endif
+#if !defined __NR_socketcall && !defined __NR_connect
+# error Cannot do syscall connect or socketcall
+#endif
+#ifndef __NR_write
+# error Cannot do syscall write
+#endif
+#ifndef __NR_close
+# error Cannot do syscall close
+#endif
+#ifndef __NR_getpid
+# error Cannot do syscall getpid
+#endif
+#ifndef __NR_kill
+# error Cannot do syscall kill
+#endif
+#ifndef __NR_exit
+# error Cannot do syscall exit
+#endif
+#ifdef SSP_SMASH_DUMPS_CORE
+# define ENABLE_SSP_SMASH_DUMPS_CORE 1
+# if !defined _KERNEL_NSIG && !defined _NSIG
+# error No _NSIG or _KERNEL_NSIG for rt_sigaction
+# endif
+# if !defined __NR_sigaction && !defined __NR_rt_sigaction
+# error Cannot do syscall sigaction or rt_sigaction
+# endif
+/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size
+ * of the _kernel_ sigset_t which is not the same as the user sigset_t.
+ * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for
+ * some reason.
+ */
+# ifdef _KERNEL_NSIG
+# define _SSP_NSIG _KERNEL_NSIG
+# else
+# define _SSP_NSIG _NSIG
+# endif
+#else
+# define _SSP_NSIG 0
+# define ENABLE_SSP_SMASH_DUMPS_CORE 0
+#endif
+
+/* Define DO_SIGACTION - default to newer rt signal interface but
+ * fallback to old as needed.
+ */
+#ifdef __NR_rt_sigaction
+# define DO_SIGACTION(signum, act, oldact) \
+ INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8)
+#else
+# define DO_SIGACTION(signum, act, oldact) \
+ INLINE_SYSCALL(sigaction, 3, signum, act, oldact)
+#endif
+
+/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */
+#if defined(__NR_socket) && defined(__NR_connect)
+# define USE_OLD_SOCKETCALL 0
+#else
+# define USE_OLD_SOCKETCALL 1
+#endif
+
+/* stub out the __NR_'s so we can let gcc optimize away dead code */
+#ifndef __NR_socketcall
+# define __NR_socketcall 0
+#endif
+#ifndef __NR_socket
+# define __NR_socket 0
+#endif
+#ifndef __NR_connect
+# define __NR_connect 0
+#endif
+#define DO_SOCKET(result, domain, type, protocol) \
+ do { \
+ if (USE_OLD_SOCKETCALL) { \
+ socketargs[0] = domain; \
+ socketargs[1] = type; \
+ socketargs[2] = protocol; \
+ socketargs[3] = 0; \
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \
+ } else \
+ result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \
+ } while (0)
+#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \
+ do { \
+ if (USE_OLD_SOCKETCALL) { \
+ socketargs[0] = sockfd; \
+ socketargs[1] = (unsigned long int)serv_addr; \
+ socketargs[2] = addrlen; \
+ socketargs[3] = 0; \
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \
+ } else \
+ result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \
+ } while (0)
+
+#ifndef _PATH_LOG
+# define _PATH_LOG "/dev/log"
+#endif
+
+static const char path_log[] = _PATH_LOG;
+
+/* For building glibc with SSP switched on, define __progname to a
+ * constant if building for the run-time loader, to avoid pulling
+ * in more of libc.so into ld.so
+ */
+#ifdef IS_IN_rtld
+static char *__progname = "<rtld>";
+#else
+extern char *__progname;
+#endif
+
+/* Common handler code, used by chk_fail
+ * Inlined to ensure no self-references to the handler within itself.
+ * Data static to avoid putting more than necessary on the stack,
+ * to aid core debugging.
+ */
+__attribute__ ((__noreturn__ , __always_inline__))
+static inline void
+__hardened_gentoo_chk_fail(char func[], int damaged)
+{
+#define MESSAGE_BUFSIZ 256
+ static pid_t pid;
+ static int plen, i;
+ static char message[MESSAGE_BUFSIZ];
+ static const char msg_ssa[] = ": buffer overflow attack";
+ static const char msg_inf[] = " in function ";
+ static const char msg_ssd[] = "*** buffer overflow detected ***: ";
+ static const char msg_terminated[] = " - terminated\n";
+ static const char msg_report[] = "Report to http://bugs.gentoo.org/\n";
+ static const char msg_unknown[] = "<unknown>";
+ static int log_socket, connect_result;
+ static struct sockaddr_un sock;
+ static unsigned long int socketargs[4];
+
+ /* Build socket address
+ */
+ sock.sun_family = AF_UNIX;
+ i = 0;
+ while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) {
+ sock.sun_path[i] = path_log[i];
+ i++;
+ }
+ sock.sun_path[i] = '\0';
+
+ /* Try SOCK_DGRAM connection to syslog */
+ connect_result = -1;
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0);
+ if (log_socket != -1)
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+ if (connect_result == -1) {
+ if (log_socket != -1)
+ INLINE_SYSCALL(close, 1, log_socket);
+ /* Try SOCK_STREAM connection to syslog */
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0);
+ if (log_socket != -1)
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+ }
+
+ /* Build message. Messages are generated both in the old style and new style,
+ * so that log watchers that are configured for the old-style message continue
+ * to work.
+ */
+#define strconcat(str) \
+ {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \
+ {\
+ message[plen+i]=str[i];\
+ i++;\
+ }\
+ plen+=i;}
+
+ /* R.Henderson post-gcc-4 style message */
+ plen = 0;
+ strconcat(msg_ssd);
+ if (__progname != (char *)0)
+ strconcat(__progname)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_terminated);
+
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ /* Dr. Etoh pre-gcc-4 style message */
+ plen = 0;
+ if (__progname != (char *)0)
+ strconcat(__progname)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_ssa);
+ strconcat(msg_inf);
+ if (func != NULL)
+ strconcat(func)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_terminated);
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ /* Direct reports to bugs.gentoo.org */
+ plen=0;
+ strconcat(msg_report);
+ message[plen++]='\0';
+
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ if (log_socket != -1)
+ INLINE_SYSCALL(close, 1, log_socket);
+
+ /* Suicide */
+ pid = INLINE_SYSCALL(getpid, 0);
+
+ if (ENABLE_SSP_SMASH_DUMPS_CORE) {
+ static struct sigaction default_abort_act;
+ /* Remove any user-supplied handler for SIGABRT, before using it */
+ default_abort_act.sa_handler = SIG_DFL;
+ default_abort_act.sa_sigaction = NULL;
+ __sigfillset(&default_abort_act.sa_mask);
+ default_abort_act.sa_flags = 0;
+ if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0)
+ INLINE_SYSCALL(kill, 2, pid, SIGABRT);
+ }
+
+ /* Note; actions cannot be added to SIGKILL */
+ INLINE_SYSCALL(kill, 2, pid, SIGKILL);
+
+ /* In case the kill didn't work, exit anyway
+ * The loop prevents gcc thinking this routine returns
+ */
+ while (1)
+ INLINE_SYSCALL(exit, 0);
+}
+
+__attribute__ ((__noreturn__))
+void __chk_fail(void)
+{
+ __hardened_gentoo_chk_fail(NULL, 0);
+}
+
diff --git a/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-stack_chk_fail.c b/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-stack_chk_fail.c
new file mode 100644
index 000000000000..9535c2157895
--- /dev/null
+++ b/sys-libs/glibc/files/2.18/glibc-2.18-gentoo-stack_chk_fail.c
@@ -0,0 +1,322 @@
+/* Copyright (C) 2005 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+/* Copyright (C) 2006-2013 Gentoo Foundation Inc.
+ * License terms as above.
+ *
+ * Hardened Gentoo SSP handler
+ *
+ * An SSP failure handler that does not use functions from the rest of
+ * glibc; it uses the INTERNAL_SYSCALL methods directly. This ensures
+ * no possibility of recursion into the handler.
+ *
+ * Direct all bug reports to http://bugs.gentoo.org/
+ *
+ * Re-written from the glibc-2.3 Hardened Gentoo SSP handler
+ * by Kevin F. Quinn - <kevquinn[@]gentoo.org>
+ *
+ * Fixed to support glibc-2.18 by Magnus Granberg - <zorry[@]gentoo.org>
+ *
+ * The following people contributed to the glibc-2.3 Hardened
+ * Gentoo SSP handler, from which this implementation draws much:
+ *
+ * Ned Ludd - <solar[@]gentoo.org>
+ * Alexander Gabert - <pappy[@]gentoo.org>
+ * The PaX Team - <pageexec[@]freemail.hu>
+ * Peter S. Mazinger - <ps.m[@]gmx.net>
+ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
+ * Robert Connolly - <robert[@]linuxfromscratch.org>
+ * Cory Visi <cory[@]visi.name>
+ * Mike Frysinger <vapier[@]gentoo.org>
+ */
+
+#include <errno.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <signal.h>
+
+#include <sys/types.h>
+
+#include <sysdep-cancel.h>
+#include <sys/syscall.h>
+
+#include <kernel-features.h>
+
+#include <alloca.h>
+/* from sysdeps */
+#include <socketcall.h>
+/* for the stuff in bits/socket.h */
+#include <sys/socket.h>
+#include <sys/un.h>
+
+
+/* Sanity check on SYSCALL macro names - force compilation
+ * failure if the names used here do not exist
+ */
+#if !defined __NR_socketcall && !defined __NR_socket
+# error Cannot do syscall socket or socketcall
+#endif
+#if !defined __NR_socketcall && !defined __NR_connect
+# error Cannot do syscall connect or socketcall
+#endif
+#ifndef __NR_write
+# error Cannot do syscall write
+#endif
+#ifndef __NR_close
+# error Cannot do syscall close
+#endif
+#ifndef __NR_getpid
+# error Cannot do syscall getpid
+#endif
+#ifndef __NR_kill
+# error Cannot do syscall kill
+#endif
+#ifndef __NR_exit
+# error Cannot do syscall exit
+#endif
+#ifdef SSP_SMASH_DUMPS_CORE
+# define ENABLE_SSP_SMASH_DUMPS_CORE 1
+# if !defined _KERNEL_NSIG && !defined _NSIG
+# error No _NSIG or _KERNEL_NSIG for rt_sigaction
+# endif
+# if !defined __NR_sigaction && !defined __NR_rt_sigaction
+# error Cannot do syscall sigaction or rt_sigaction
+# endif
+/* Although rt_sigaction expects sizeof(sigset_t) - it expects the size
+ * of the _kernel_ sigset_t which is not the same as the user sigset_t.
+ * Most arches have this as _NSIG bits - mips has _KERNEL_NSIG bits for
+ * some reason.
+ */
+# ifdef _KERNEL_NSIG
+# define _SSP_NSIG _KERNEL_NSIG
+# else
+# define _SSP_NSIG _NSIG
+# endif
+#else
+# define _SSP_NSIG 0
+# define ENABLE_SSP_SMASH_DUMPS_CORE 0
+#endif
+
+/* Define DO_SIGACTION - default to newer rt signal interface but
+ * fallback to old as needed.
+ */
+#ifdef __NR_rt_sigaction
+# define DO_SIGACTION(signum, act, oldact) \
+ INLINE_SYSCALL(rt_sigaction, 4, signum, act, oldact, _SSP_NSIG/8)
+#else
+# define DO_SIGACTION(signum, act, oldact) \
+ INLINE_SYSCALL(sigaction, 3, signum, act, oldact)
+#endif
+
+/* Define DO_SOCKET/DO_CONNECT functions to deal with socketcall vs socket/connect */
+#if defined(__NR_socket) && defined(__NR_connect)
+# define USE_OLD_SOCKETCALL 0
+#else
+# define USE_OLD_SOCKETCALL 1
+#endif
+/* stub out the __NR_'s so we can let gcc optimize away dead code */
+#ifndef __NR_socketcall
+# define __NR_socketcall 0
+#endif
+#ifndef __NR_socket
+# define __NR_socket 0
+#endif
+#ifndef __NR_connect
+# define __NR_connect 0
+#endif
+#define DO_SOCKET(result, domain, type, protocol) \
+ do { \
+ if (USE_OLD_SOCKETCALL) { \
+ socketargs[0] = domain; \
+ socketargs[1] = type; \
+ socketargs[2] = protocol; \
+ socketargs[3] = 0; \
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_socket, socketargs); \
+ } else \
+ result = INLINE_SYSCALL(socket, 3, domain, type, protocol); \
+ } while (0)
+#define DO_CONNECT(result, sockfd, serv_addr, addrlen) \
+ do { \
+ if (USE_OLD_SOCKETCALL) { \
+ socketargs[0] = sockfd; \
+ socketargs[1] = (unsigned long int)serv_addr; \
+ socketargs[2] = addrlen; \
+ socketargs[3] = 0; \
+ result = INLINE_SYSCALL(socketcall, 2, SOCKOP_connect, socketargs); \
+ } else \
+ result = INLINE_SYSCALL(connect, 3, sockfd, serv_addr, addrlen); \
+ } while (0)
+
+#ifndef _PATH_LOG
+# define _PATH_LOG "/dev/log"
+#endif
+
+static const char path_log[] = _PATH_LOG;
+
+/* For building glibc with SSP switched on, define __progname to a
+ * constant if building for the run-time loader, to avoid pulling
+ * in more of libc.so into ld.so
+ */
+#ifdef IS_IN_rtld
+static char *__progname = "<rtld>";
+#else
+extern char *__progname;
+#endif
+
+
+/* Common handler code, used by stack_chk_fail and __stack_smash_handler
+ * Inlined to ensure no self-references to the handler within itself.
+ * Data static to avoid putting more than necessary on the stack,
+ * to aid core debugging.
+ */
+__attribute__ ((__noreturn__ , __always_inline__))
+static inline void
+__hardened_gentoo_stack_chk_fail(char func[], int damaged)
+{
+#define MESSAGE_BUFSIZ 256
+ static pid_t pid;
+ static int plen, i;
+ static char message[MESSAGE_BUFSIZ];
+ static const char msg_ssa[] = ": stack smashing attack";
+ static const char msg_inf[] = " in function ";
+ static const char msg_ssd[] = "*** stack smashing detected ***: ";
+ static const char msg_terminated[] = " - terminated\n";
+ static const char msg_report[] = "Report to http://bugs.gentoo.org/\n";
+ static const char msg_unknown[] = "<unknown>";
+ static int log_socket, connect_result;
+ static struct sockaddr_un sock;
+ static unsigned long int socketargs[4];
+
+ /* Build socket address
+ */
+ sock.sun_family = AF_UNIX;
+ i = 0;
+ while ((path_log[i] != '\0') && (i<(sizeof(sock.sun_path)-1))) {
+ sock.sun_path[i] = path_log[i];
+ i++;
+ }
+ sock.sun_path[i] = '\0';
+
+ /* Try SOCK_DGRAM connection to syslog */
+ connect_result = -1;
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_DGRAM, 0);
+ if (log_socket != -1)
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+ if (connect_result == -1) {
+ if (log_socket != -1)
+ INLINE_SYSCALL(close, 1, log_socket);
+ /* Try SOCK_STREAM connection to syslog */
+ DO_SOCKET(log_socket, AF_UNIX, SOCK_STREAM, 0);
+ if (log_socket != -1)
+ DO_CONNECT(connect_result, log_socket, &sock, sizeof(sock));
+ }
+
+ /* Build message. Messages are generated both in the old style and new style,
+ * so that log watchers that are configured for the old-style message continue
+ * to work.
+ */
+#define strconcat(str) \
+ {i=0; while ((str[i] != '\0') && ((i+plen)<(MESSAGE_BUFSIZ-1))) \
+ {\
+ message[plen+i]=str[i];\
+ i++;\
+ }\
+ plen+=i;}
+
+ /* R.Henderson post-gcc-4 style message */
+ plen = 0;
+ strconcat(msg_ssd);
+ if (__progname != (char *)0)
+ strconcat(__progname)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_terminated);
+
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ /* Dr. Etoh pre-gcc-4 style message */
+ plen = 0;
+ if (__progname != (char *)0)
+ strconcat(__progname)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_ssa);
+ strconcat(msg_inf);
+ if (func != NULL)
+ strconcat(func)
+ else
+ strconcat(msg_unknown);
+ strconcat(msg_terminated);
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ /* Direct reports to bugs.gentoo.org */
+ plen=0;
+ strconcat(msg_report);
+ message[plen++]='\0';
+
+ /* Write out error message to STDERR, to syslog if open */
+ INLINE_SYSCALL(write, 3, STDERR_FILENO, message, plen);
+ if (connect_result != -1)
+ INLINE_SYSCALL(write, 3, log_socket, message, plen);
+
+ if (log_socket != -1)
+ INLINE_SYSCALL(close, 1, log_socket);
+
+ /* Suicide */
+ pid = INLINE_SYSCALL(getpid, 0);
+
+ if (ENABLE_SSP_SMASH_DUMPS_CORE) {
+ static struct sigaction default_abort_act;
+ /* Remove any user-supplied handler for SIGABRT, before using it */
+ default_abort_act.sa_handler = SIG_DFL;
+ default_abort_act.sa_sigaction = NULL;
+ __sigfillset(&default_abort_act.sa_mask);
+ default_abort_act.sa_flags = 0;
+ if (DO_SIGACTION(SIGABRT, &default_abort_act, NULL) == 0)
+ INLINE_SYSCALL(kill, 2, pid, SIGABRT);
+ }
+
+ /* Note; actions cannot be added to SIGKILL */
+ INLINE_SYSCALL(kill, 2, pid, SIGKILL);
+
+ /* In case the kill didn't work, exit anyway
+ * The loop prevents gcc thinking this routine returns
+ */
+ while (1)
+ INLINE_SYSCALL(exit, 0);
+}
+
+__attribute__ ((__noreturn__))
+void __stack_chk_fail(void)
+{
+ __hardened_gentoo_stack_chk_fail(NULL, 0);
+}
+
+#ifdef ENABLE_OLD_SSP_COMPAT
+__attribute__ ((__noreturn__))
+void __stack_smash_handler(char func[], int damaged)
+{
+ __hardened_gentoo_stack_chk_fail(func, damaged);
+}
+#endif
diff --git a/sys-libs/glibc/files/2.18/glibc-2.18-hardened-inittls-nosysenter.patch b/sys-libs/glibc/files/2.18/glibc-2.18-hardened-inittls-nosysenter.patch
new file mode 100644
index 000000000000..8907ab2c6a34
--- /dev/null
+++ b/sys-libs/glibc/files/2.18/glibc-2.18-hardened-inittls-nosysenter.patch
@@ -0,0 +1,277 @@
+When building glibc PIE (which is not something upstream support),
+several modifications are necessary to the glibc build process.
+
+First, any syscalls in PIEs must be of the PIC variant, otherwise
+textrels ensue. Then, any syscalls made before the initialisation
+of the TLS will fail on i386, as the sysenter variant on i386 uses
+the TLS, giving rise to a chicken-and-egg situation. This patch
+defines a PIC syscall variant that doesn't use sysenter, even when the sysenter
+version is normally used, and uses the non-sysenter version for the brk
+syscall that is performed by the TLS initialisation. Further, the TLS
+initialisation is moved in this case prior to the initialisation of
+dl_osversion, as that requires further syscalls.
+
+csu/libc-start.c: Move initial TLS initialization to before the
+initialisation of dl_osversion, when INTERNAL_SYSCALL_NOSYSENTER is defined
+
+csu/libc-tls.c: Use the no-sysenter version of sbrk when
+INTERNAL_SYSCALL_NOSYSENTER is defined.
+
+misc/sbrk.c: Define a no-sysenter version of sbrk, using the no-sysenter
+version of brk - if INTERNAL_SYSCALL_NOSYSENTER is defined.
+
+misc/brk.c: Define a no-sysenter version of brk if
+INTERNAL_SYSCALL_NOSYSENTER is defined.
+
+sysdeps/unix/sysv/linux/i386/sysdep.h: Define INTERNAL_SYSCALL_NOSYSENTER
+Make INTERNAL_SYSCALL always use the PIC variant, even if not SHARED.
+
+Patch by Kevin F. Quinn <kevquinn@gentoo.org>
+Fixed for 2.10 by Magnus Granberg <zorry@ume.nu>
+Fixed for 2.18 by Magnus Granberg <zorry@gentoo.org>
+
+--- csu/libc-start.c
++++ csu/libc-start.c
+@@ -28,6 +28,7 @@
+ extern int __libc_multiple_libcs;
+
+ #include <tls.h>
++#include <sysdep.h>
+ #ifndef SHARED
+ # include <dl-osinfo.h>
+ extern void __pthread_initialize_minimal (void);
+@@ -170,7 +170,11 @@ LIBC_START_MAIN (int (*main) (int, char
+ GL(dl_phnum) = __ehdr_start.e_phnum;
+ }
+ }
+-
++# ifdef INTERNAL_SYSCALL_NOSYSENTER
++ /* Do the initial TLS initialization before _dl_osversion,
++ since the latter uses the uname syscall. */
++ __pthread_initialize_minimal ();
++# endif
+ # ifdef DL_SYSDEP_OSCHECK
+ if (!__libc_multiple_libcs)
+ {
+@@ -138,10 +144,12 @@
+ }
+ # endif
+
++# ifndef INTERNAL_SYSCALL_NOSYSENTER
+ /* Initialize the thread library at least a bit since the libgcc
+ functions are using thread functions if these are available and
+ we need to setup errno. */
+ __pthread_initialize_minimal ();
++# endif
+
+ /* Set up the stack checker's canary. */
+ uintptr_t stack_chk_guard = _dl_setup_stack_chk_guard ();
+--- csu/libc-tls.c
++++ csu/libc-tls.c
+@@ -22,14 +22,17 @@
+ #include <unistd.h>
+ #include <stdio.h>
+ #include <sys/param.h>
+-
++#include <sysdep.h>
+
+ #ifdef SHARED
+ #error makefile bug, this file is for static only
+ #endif
+
+-dtv_t _dl_static_dtv[2 + TLS_SLOTINFO_SURPLUS];
++#ifdef INTERNAL_SYSCALL_NOSYSENTER
++extern void *__sbrk_nosysenter (intptr_t __delta);
++#endif
+
++dtv_t _dl_static_dtv[2 + TLS_SLOTINFO_SURPLUS];
+
+ static struct
+ {
+@@ -139,14 +142,26 @@ __libc_setup_tls (size_t tcbsize, size_t
+
+ The initialized value of _dl_tls_static_size is provided by dl-open.c
+ to request some surplus that permits dynamic loading of modules with
+- IE-model TLS. */
++ IE-model TLS.
++
++ Where the normal sbrk would use a syscall that needs the TLS (i386)
++ use the special non-sysenter version instead. */
+ #if TLS_TCB_AT_TP
+ tcb_offset = roundup (memsz + GL(dl_tls_static_size), tcbalign);
++# ifdef INTERNAL_SYSCALL_NOSYSENTER
++ tlsblock = __sbrk_nosysenter (tcb_offset + tcbsize + max_align);
++# else
+ tlsblock = __sbrk (tcb_offset + tcbsize + max_align);
++#endif
+ #elif TLS_DTV_AT_TP
+ tcb_offset = roundup (tcbsize, align ?: 1);
++# ifdef INTERNAL_SYSCALL_NOSYSENTER
++ tlsblock = __sbrk_nosysenter (tcb_offset + memsz + max_align
++ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
++# else
+ tlsblock = __sbrk (tcb_offset + memsz + max_align
+ + TLS_PRE_TCB_SIZE + GL(dl_tls_static_size));
++#endif
+ tlsblock += TLS_PRE_TCB_SIZE;
+ #else
+ /* In case a model with a different layout for the TCB and DTV
+--- misc/sbrk.c
++++ misc/sbrk.c
+@@ -18,6 +18,7 @@
+ #include <errno.h>
+ #include <stdint.h>
+ #include <unistd.h>
++#include <sysdep.h>
+
+ /* Defined in brk.c. */
+ extern void *__curbrk;
+@@ -29,6 +30,35 @@
+ /* Extend the process's data space by INCREMENT.
+ If INCREMENT is negative, shrink data space by - INCREMENT.
+ Return start of new space allocated, or -1 for errors. */
++#ifdef INTERNAL_SYSCALL_NOSYSENTER
++/* This version is used by csu/libc-tls.c whem initialising the TLS
++ if the SYSENTER version requires the TLS (which it does on i386).
++ Obviously using the TLS before it is initialised is broken. */
++extern int __brk_nosysenter (void *addr);
++void *
++__sbrk_nosysenter (intptr_t increment)
++{
++ void *oldbrk;
++
++ /* If this is not part of the dynamic library or the library is used
++ via dynamic loading in a statically linked program update
++ __curbrk from the kernel's brk value. That way two separate
++ instances of __brk and __sbrk can share the heap, returning
++ interleaved pieces of it. */
++ if (__curbrk == NULL || __libc_multiple_libcs)
++ if (__brk_nosysenter (0) < 0) /* Initialize the break. */
++ return (void *) -1;
++
++ if (increment == 0)
++ return __curbrk;
++
++ oldbrk = __curbrk;
++ if (__brk_nosysenter (oldbrk + increment) < 0)
++ return (void *) -1;
++
++ return oldbrk;
++}
++#endif
+ void *
+ __sbrk (intptr_t increment)
+ {
+--- sysdeps/unix/sysv/linux/i386/brk.c
++++ sysdeps/unix/sysv/linux/i386/brk.c
+@@ -31,6 +31,29 @@
+ linker. */
+ weak_alias (__curbrk, ___brk_addr)
+
++#ifdef INTERNAL_SYSCALL_NOSYSENTER
++/* This version is used by csu/libc-tls.c whem initialising the TLS
++ * if the SYSENTER version requires the TLS (which it does on i386).
++ * Obviously using the TLS before it is initialised is broken. */
++int
++__brk_nosysenter (void *addr)
++{
++ void * newbrk;
++
++ INTERNAL_SYSCALL_DECL (err);
++ newbrk = (void *) INTERNAL_SYSCALL_NOSYSENTER (brk, err, 1, addr);
++
++ __curbrk = newbrk;
++
++ if (newbrk < addr)
++ {
++ __set_errno (ENOMEM);
++ return -1;
++ }
++
++ return 0;
++}
++#endif
+ int
+ __brk (void *addr)
+ {
+--- sysdeps/unix/sysv/linux/i386/sysdep.h
++++ sysdeps/unix/sysv/linux/i386/sysdep.h
+@@ -187,7 +187,7 @@
+ /* The original calling convention for system calls on Linux/i386 is
+ to use int $0x80. */
+ #ifdef I386_USE_SYSENTER
+-# ifdef SHARED
++# if defined SHARED || defined __PIC__
+ # define ENTER_KERNEL call *%gs:SYSINFO_OFFSET
+ # else
+ # define ENTER_KERNEL call *_dl_sysinfo
+@@ -358,7 +358,7 @@
+ possible to use more than four parameters. */
+ #undef INTERNAL_SYSCALL
+ #ifdef I386_USE_SYSENTER
+-# ifdef SHARED
++# if defined SHARED || defined __PIC__
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \
+ ({ \
+ register unsigned int resultvar; \
+@@ -384,6 +384,18 @@
+ : "0" (name), "i" (offsetof (tcbhead_t, sysinfo)) \
+ ASMFMT_##nr(args) : "memory", "cc"); \
+ (int) resultvar; })
++# define INTERNAL_SYSCALL_NOSYSENTER(name, err, nr, args...) \
++ ({ \
++ register unsigned int resultvar; \
++ EXTRAVAR_##nr \
++ asm volatile ( \
++ LOADARGS_NOSYSENTER_##nr \
++ "movl %1, %%eax\n\t" \
++ "int $0x80\n\t" \
++ RESTOREARGS_NOSYSENTER_##nr \
++ : "=a" (resultvar) \
++ : "i" (__NR_##name) ASMFMT_##nr(args) : "memory", "cc"); \
++ (int) resultvar; })
+ # else
+ # define INTERNAL_SYSCALL(name, err, nr, args...) \
+ ({ \
+@@ -447,12 +459,20 @@
+
+ #define LOADARGS_0
+ #ifdef __PIC__
+-# if defined I386_USE_SYSENTER && defined SHARED
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ )
+ # define LOADARGS_1 \
+ "bpushl .L__X'%k3, %k3\n\t"
+ # define LOADARGS_5 \
+ "movl %%ebx, %4\n\t" \
+ "movl %3, %%ebx\n\t"
++# define LOADARGS_NOSYSENTER_1 \
++ "bpushl .L__X'%k2, %k2\n\t"
++# define LOADARGS_NOSYSENTER_2 LOADARGS_NOSYSENTER_1
++# define LOADARGS_NOSYSENTER_3 LOADARGS_3
++# define LOADARGS_NOSYSENTER_4 LOADARGS_3
++# define LOADARGS_NOSYSENTER_5 \
++ "movl %%ebx, %3\n\t" \
++ "movl %2, %%ebx\n\t"
+ # else
+ # define LOADARGS_1 \
+ "bpushl .L__X'%k2, %k2\n\t"
+@@ -474,11 +495,18 @@
+
+ #define RESTOREARGS_0
+ #ifdef __PIC__
+-# if defined I386_USE_SYSENTER && defined SHARED
++# if defined I386_USE_SYSENTER && ( defined SHARED || defined __PIC__ )
+ # define RESTOREARGS_1 \
+ "bpopl .L__X'%k3, %k3\n\t"
+ # define RESTOREARGS_5 \
+ "movl %4, %%ebx"
++# define RESTOREARGS_NOSYSENTER_1 \
++ "bpopl .L__X'%k2, %k2\n\t"
++# define RESTOREARGS_NOSYSENTER_2 RESTOREARGS_NOSYSENTER_1
++# define RESTOREARGS_NOSYSENTER_3 RESTOREARGS_3
++# define RESTOREARGS_NOSYSENTER_4 RESTOREARGS_3
++# define RESTOREARGS_NOSYSENTER_5 \
++ "movl %3, %%ebx"
+ # else
+ # define RESTOREARGS_1 \
+ "bpopl .L__X'%k2, %k2\n\t"
diff --git a/sys-libs/glibc/glibc-2.18.ebuild b/sys-libs/glibc/glibc-2.18.ebuild
index 759a8ef2acff..b8234a5f4422 100644
--- a/sys-libs/glibc/glibc-2.18.ebuild
+++ b/sys-libs/glibc/glibc-2.18.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.18.ebuild,v 1.2 2013/08/17 17:37:57 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/glibc-2.18.ebuild,v 1.3 2013/09/11 18:05:42 zorry Exp $
inherit eutils versionator toolchain-funcs flag-o-matic gnuconfig multilib unpacker multiprocessing
@@ -161,12 +161,12 @@ eblit-src_unpack-post() {
einfo "Patching to get working PIE binaries on PIE (hardened) platforms"
gcc-specs-pie && epatch "${FILESDIR}"/2.17/glibc-2.17-hardened-pie.patch
epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-configure-picdefault.patch
- epatch "${FILESDIR}"/2.10/glibc-2.10-hardened-inittls-nosysenter.patch
+ epatch "${FILESDIR}"/2.18/glibc-2.18-hardened-inittls-nosysenter.patch
einfo "Installing Hardened Gentoo SSP and FORTIFY_SOURCE handler"
- cp -f "${FILESDIR}"/2.6/glibc-2.6-gentoo-stack_chk_fail.c \
+ cp -f "${FILESDIR}"/2.18/glibc-2.18-gentoo-stack_chk_fail.c \
debug/stack_chk_fail.c || die
- cp -f "${FILESDIR}"/2.10/glibc-2.10-gentoo-chk_fail.c \
+ cp -f "${FILESDIR}"/2.18/glibc-2.18-gentoo-chk_fail.c \
debug/chk_fail.c || die
if use debug ; then