Date: Thu, 30 Jun 2005 19:26:03 +0200 From: Jeremie Le Hen <jeremie@le-hen.org> To: freebsd-hackers@FreeBSD.org Cc: freebsd-threads@FreeBSD.org Subject: Re: ProPolice and pthreads (was: ProPolice and FreeBSD) Message-ID: <20050630172602.GI49933@obiwan.tataz.chchile.org> In-Reply-To: <20050630165017.GH49933@obiwan.tataz.chchile.org> References: <20050630165017.GH49933@obiwan.tataz.chchile.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[ I'm not snipping anything since I'm Cc'ing to -threads@. ]
On Thu, Jun 30, 2005 at 06:50:17PM +0200, Jeremie Le Hen wrote:
> Hello,
>
> maybe this question should be asked on -threads@, I'm not sure. If it
> is, please tell me and I will redirect my mail.
>
> I'm working on upgrading the ProPolice/SSP patch [1] to -CURRENT. I
> initially used the patch against FreeBSD 5.1 to know which file I
> should modify and in which way in the source tree, but I used the
> newest patch against gcc 3.4.1 for gcc specific stuffs.
>
> After a little work, I got a full FreeBSD built with SSP functions
> compiled in libc (it is also possible to compile it in libgcc but,
> AFAIU, this would require the SSP stuff to be statically built in
> all binaries since FreeBSD doesn't provide a shared libgcc). I also
> read somewhere that some guys of the hardened Debian project have made
> a libssp, but I find this a little bit overkill (comments ?).
>
> I recompiled host(1), libc and libpthread with debugging symbol.
>
> Now the questions. All binaries linked against libpthread immediately
> get a SIGSEGV :
> %%%
> coyote:libc# gdb /usr/bin/host
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you are
> welcome to change it and/or distribute copies of it under certain conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for details.
> This GDB was configured as "i386-marcel-freebsd"...
> (gdb) r
> Starting program: /usr/bin/host
> warning: Unable to get location for thread creation breakpoint: generic error
> [New LWP 100135]
>
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to LWP 100135]
> _thr_cancel_enter (thread=0x0)
> at /usr/src/lib/libpthread/thread/thr_cancel.c:269
> 269 THR_THREAD_LOCK(thread, thread);
> (gdb) bt full
> #0 _thr_cancel_enter (thread=0x0)
> at /usr/src/lib/libpthread/thread/thr_cancel.c:269
> No locals.
> #1 0x282dd51b in __open (path=0x281bc0c0 "ÀÀ\033( \220\033(", flags=0)
> at /usr/src/lib/libpthread/thread/thr_open.c:53
> curthread = (struct pthread *) 0x0
> ret = 0
> mode = 0
> #2 0x2838f40b in __guard_setup ()
> at /usr/src/lib/libc/sys/stack_protector.c:51
> fd = 0
> #3 0x283cbe22 in lseek () from /lib/libc.so.6
> No symbol table info available.
> #4 0x28316dd1 in _init () from /lib/libc.so.6
> No symbol table info available.
> #5 0x281b8000 in ?? ()
> No symbol table info available.
> #6 0x281ad6fc in ?? () from /libexec/ld-elf.so.1
> No symbol table info available.
> #7 0xbfbfeca8 in ?? ()
> No symbol table info available.
> #8 0x2818cc79 in find_symdef () from /libexec/ld-elf.so.1
> No symbol table info available.
> #9 0x2818b759 in _rtld () from /libexec/ld-elf.so.1
> No symbol table info available.
> #10 0x2818a98e in .rtld_start () from /libexec/ld-elf.so.1
> No symbol table info available.
> %%%
>
> __guard_setup() is the constructor of the SSP patch, it generates a
> random cookie for the application runtime :
> %%%
> static void __guard_setup(void) __attribute__ ((constructor));
> static void
> __guard_setup(void)
> {
> int fd;
> if (__guard[0]!=0) return;
> fd = open ("/dev/urandom", 0);
> if (fd != -1) {
> ssize_t size = read (fd, (char*)&__guard, sizeof(__guard));
> close (fd) ;
> if (size == sizeof(__guard)) return;
> }
> /* If a random generator can't be used, the protector switches the guard
> to the "terminator canary" */
> ((char*)__guard)[0] = 0; ((char*)__guard)[1] = 0;
> ((char*)__guard)[2] = '\n'; ((char*)__guard)[3] = 255;
> }
> %%%
>
> I am neither a gcc hacker nor a thread guru, so I have no clue on how to
> resolve this issue. Advices are welcome.
>
> Thanks.
>
> Regards,
> [1] http://www.trl.ibm.com/projects/security/ssp/
cognet@ sent me the following patch and it makes pthreaded programs
work like a charm. He also said me that this change will be surely
needed for libthr.
%%%
cvs diff: Diffing .
Index: thr_open.c
===================================================================
RCS file: /nfs/donald/repo/FreeBSD/src/lib/libpthread/thread/thr_open.c,v
retrieving revision 1.16
diff -u -p -r1.16 thr_open.c
--- thr_open.c 9 Dec 2003 02:20:56 -0000 1.16
+++ thr_open.c 30 Jun 2005 17:19:03 -0000
@@ -45,11 +45,14 @@ __weak_reference(__open, open);
int
__open(const char *path, int flags,...)
{
- struct pthread *curthread = _get_curthread();
+ struct pthread *curthread;
int ret;
int mode = 0;
va_list ap;
+ if (_thr_initial == NULL)
+ _libpthread_init(NULL);
+ curthread = _get_curthread();
_thr_cancel_enter(curthread);
/* Check if the file is being created: */
%%%
For now, I'm including this in my ProPolice patch.
Regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050630172602.GI49933>