DivestOS/Patches/LineageOS-16.0/android_bionic/0002-Graphene_Bionic_Hardening-13.patch

85 lines
2.9 KiB
Diff
Raw Normal View History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
Add bionic hardening patchsets from GrapheneOS 11 https://github.com/GrapheneOS/platform_system_core/commit/b3a0c2c5db28852b6d485542c8a4f1649a256892 11 https://github.com/GrapheneOS/platform_bionic/commit/5412c371955014eee8b2246b386ae7f539bac09e #explicit zero 11 https://github.com/GrapheneOS/platform_bionic/commit/31456ac632903235e14500af8b5d7dff2d25d724 #brk 11 https://github.com/GrapheneOS/platform_bionic/commit/58ebc243ea3085056e6aba765d879807fa1a46d6 #random 11 https://github.com/GrapheneOS/platform_bionic/commit/5323b39f7ec1fce2d788f1c8a2c28cfd32d5ccc4 #undefined 11 https://github.com/GrapheneOS/platform_bionic/commit/6a91d9dddb01964134e50cc73f6f158706da800a #merge 11 https://github.com/GrapheneOS/platform_bionic/commit/a042b5a0bada9933b7c488003e8f9d8d0d195525 #vla formatting 11 https://github.com/GrapheneOS/platform_bionic/commit/9ec639de1bec2f655bdfc0750e363a6f8de31c4a #pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/49571a0a496539b9af763b8ef30c5b5db57c8be7 #read only 11 https://github.com/GrapheneOS/platform_bionic/commit/149cc5ccb870640b2536b6bd5dfa1292f9dd6178 #zero 11 https://github.com/GrapheneOS/platform_bionic/commit/2e613ccbe7a6b2aa8f1688ed8493267d12c66d23 #fork mmap 11 https://github.com/GrapheneOS/platform_bionic/commit/e239c7dff88bbc37a3e902a695565fdbf6ed0b08 #memprot pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/0b03d92b7f2dc5f12211037e99821ccead27a687 #xor 11 https://github.com/GrapheneOS/platform_bionic/commit/de08419b8256ab7daf6ef7c7835348f9aaeb7478 #junk 11 https://github.com/GrapheneOS/platform_bionic/commit/897d4903e24c9f6b772539e9f8e0bf3520ed8838 #guard 11 https://github.com/GrapheneOS/platform_bionic/commit/648cd68ca3ffefe685ae6acdae17171c8acfa75b #ptrhread guard 11 https://github.com/GrapheneOS/platform_bionic/commit/0bc4dbcbd27c7f48713913101fb3c868c215c1a3 #stack rand 10 https://github.com/GrapheneOS/platform_system_core/commit/aa9cc05d07a5855fcae2d9f21dd9672543eafbb3 10 https://github.com/GrapheneOS/platform_bionic/commit/a8cdbb6352e4ff708b791c7f3a976de8a6383105 #explicit zero 10 https://github.com/GrapheneOS/platform_bionic/commit/b28302c668013a5588a6939f0bbced0b7b288cc2 #brk 10 https://github.com/GrapheneOS/platform_bionic/commit/9f8be7d07cc063933f8def97672c7671dd4fc360 #random 10 https://github.com/GrapheneOS/platform_bionic/commit/cb91a7ee3aed607dab2d89f2f6b823bf28ea34a0 #undefined 10 https://github.com/GrapheneOS/platform_bionic/commit/08279e2fdd75d20ede2a56c326604f426557cea4 #merge 10 https://github.com/GrapheneOS/platform_bionic/commit/6a18bd565d9344db5f46f2bb423309dcb134be6e #vla formatting 10 https://github.com/GrapheneOS/platform_bionic/commit/2f392c2d081fad13f61164ab07841818b972f950 #pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8bbce1bc50f7b0fb210de3ef160542bbb08cdcc0 #read only 10 https://github.com/GrapheneOS/platform_bionic/commit/725f61db82eb41098291ce06445ccfbf5d5b3581 #zero 10 https://github.com/GrapheneOS/platform_bionic/commit/4cd257135f72ceb7ddd32538d2ba579736bf7a12 #fork mmap 10 https://github.com/GrapheneOS/platform_bionic/commit/9220cf622bab1099cbff937d88aa7ce2809bb9d4 #memprot pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8ef71d1ffd51664bc8d61fd029efa899a87ddc30 #memprot exit 10 https://github.com/GrapheneOS/platform_bionic/commit/0eaef1abbdcbf40c990fcba1bd91401bdd38a9c5 #xor 10 https://github.com/GrapheneOS/platform_bionic/commit/64f1cc2148c1834212f6704ba08b626696501271 #junk 10 https://github.com/GrapheneOS/platform_bionic/commit/5c42a527cf958ca3c81613178618d452e806994f #guard 10 https://github.com/GrapheneOS/platform_bionic/commit/5cc8c34e60dbfeb1fd996bf83bb01a0443d93a8a #pthread guard 10 https://github.com/GrapheneOS/platform_bionic/commit/7f61cc8a1c9abd04094a96959f242b7906fa3127 #stack rand 9 https://github.com/GrapheneOS/platform_system_core/commit/abdf523d26450814fc3f5c211f3baa643c48bae3 9 https://github.com/GrapheneOS/platform_bionic/commit/e4b9b31e6f9ff7eb9d168db6a99a775bf4f669c1 #explicit zero 9 https://github.com/GrapheneOS/platform_bionic/commit/a3a22a63d2cf265d5edc8cf613484e13fd03e19d #brk 9 https://github.com/GrapheneOS/platform_bionic/commit/7444dbc3cf11285fb94d5d00913016afd7b0dff2 #random 9 https://github.com/GrapheneOS/platform_bionic/commit/dcd3b72ac9cac79d4322a17be150c46f65ffb3cd #undefined 9 https://github.com/GrapheneOS/platform_bionic/commit/543e1df342cdd8720ce967d990ca28a2b9c26af2 #merge 9 https://github.com/GrapheneOS/platform_bionic/commit/611e5691f7e48aba8529e49b22885021f322b31e #vla formatting 9 https://github.com/GrapheneOS/platform_bionic/commit/8de97ce864cc781d077160a8efd4902d4338078c #pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/a47571704245e5514795f35bbcffdb8a533e738a #read only 9 https://github.com/GrapheneOS/platform_bionic/commit/7f0947cc0e4fc52a41ef8ecfba892f5534e1fee5 #zero 9 https://github.com/GrapheneOS/platform_bionic/commit/e9751d3370aa44e6ca77843f7c7a7aac67e5bcc0 #fork mmap 9 https://github.com/GrapheneOS/platform_bionic/commit/83cd86d0d522c64726dac41614c00f2534044f73 #memprot pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/1ebb1654556ed74d63e43fe7dbbceae5b20f569f #memprot exit 9 https://github.com/GrapheneOS/platform_bionic/commit/488ba483cf9ad195fda33b3250115a308bf03f75 #xor 9 https://github.com/GrapheneOS/platform_bionic/commit/f9351d884bddaf126a8fc45c8cb14e7ca2cf463b #junk 9 https://github.com/GrapheneOS/platform_bionic/commit/85e5bca0a525a1cb8142aa092286ae3424983dd5 #move Signed-off-by: Tad <tad@spotco.us>
2022-03-15 16:34:57 -04:00
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 27 Jan 2016 18:02:15 -0500
Subject: [PATCH] add XOR mangling mitigation for thread-local dtors
---
libc/bionic/__cxa_thread_atexit_impl.cpp | 8 +++++---
libc/bionic/libc_init_common.cpp | 2 ++
libc/private/bionic_globals.h | 1 +
3 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/libc/bionic/__cxa_thread_atexit_impl.cpp b/libc/bionic/__cxa_thread_atexit_impl.cpp
index 99077c101..74608513e 100644
Add bionic hardening patchsets from GrapheneOS 11 https://github.com/GrapheneOS/platform_system_core/commit/b3a0c2c5db28852b6d485542c8a4f1649a256892 11 https://github.com/GrapheneOS/platform_bionic/commit/5412c371955014eee8b2246b386ae7f539bac09e #explicit zero 11 https://github.com/GrapheneOS/platform_bionic/commit/31456ac632903235e14500af8b5d7dff2d25d724 #brk 11 https://github.com/GrapheneOS/platform_bionic/commit/58ebc243ea3085056e6aba765d879807fa1a46d6 #random 11 https://github.com/GrapheneOS/platform_bionic/commit/5323b39f7ec1fce2d788f1c8a2c28cfd32d5ccc4 #undefined 11 https://github.com/GrapheneOS/platform_bionic/commit/6a91d9dddb01964134e50cc73f6f158706da800a #merge 11 https://github.com/GrapheneOS/platform_bionic/commit/a042b5a0bada9933b7c488003e8f9d8d0d195525 #vla formatting 11 https://github.com/GrapheneOS/platform_bionic/commit/9ec639de1bec2f655bdfc0750e363a6f8de31c4a #pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/49571a0a496539b9af763b8ef30c5b5db57c8be7 #read only 11 https://github.com/GrapheneOS/platform_bionic/commit/149cc5ccb870640b2536b6bd5dfa1292f9dd6178 #zero 11 https://github.com/GrapheneOS/platform_bionic/commit/2e613ccbe7a6b2aa8f1688ed8493267d12c66d23 #fork mmap 11 https://github.com/GrapheneOS/platform_bionic/commit/e239c7dff88bbc37a3e902a695565fdbf6ed0b08 #memprot pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/0b03d92b7f2dc5f12211037e99821ccead27a687 #xor 11 https://github.com/GrapheneOS/platform_bionic/commit/de08419b8256ab7daf6ef7c7835348f9aaeb7478 #junk 11 https://github.com/GrapheneOS/platform_bionic/commit/897d4903e24c9f6b772539e9f8e0bf3520ed8838 #guard 11 https://github.com/GrapheneOS/platform_bionic/commit/648cd68ca3ffefe685ae6acdae17171c8acfa75b #ptrhread guard 11 https://github.com/GrapheneOS/platform_bionic/commit/0bc4dbcbd27c7f48713913101fb3c868c215c1a3 #stack rand 10 https://github.com/GrapheneOS/platform_system_core/commit/aa9cc05d07a5855fcae2d9f21dd9672543eafbb3 10 https://github.com/GrapheneOS/platform_bionic/commit/a8cdbb6352e4ff708b791c7f3a976de8a6383105 #explicit zero 10 https://github.com/GrapheneOS/platform_bionic/commit/b28302c668013a5588a6939f0bbced0b7b288cc2 #brk 10 https://github.com/GrapheneOS/platform_bionic/commit/9f8be7d07cc063933f8def97672c7671dd4fc360 #random 10 https://github.com/GrapheneOS/platform_bionic/commit/cb91a7ee3aed607dab2d89f2f6b823bf28ea34a0 #undefined 10 https://github.com/GrapheneOS/platform_bionic/commit/08279e2fdd75d20ede2a56c326604f426557cea4 #merge 10 https://github.com/GrapheneOS/platform_bionic/commit/6a18bd565d9344db5f46f2bb423309dcb134be6e #vla formatting 10 https://github.com/GrapheneOS/platform_bionic/commit/2f392c2d081fad13f61164ab07841818b972f950 #pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8bbce1bc50f7b0fb210de3ef160542bbb08cdcc0 #read only 10 https://github.com/GrapheneOS/platform_bionic/commit/725f61db82eb41098291ce06445ccfbf5d5b3581 #zero 10 https://github.com/GrapheneOS/platform_bionic/commit/4cd257135f72ceb7ddd32538d2ba579736bf7a12 #fork mmap 10 https://github.com/GrapheneOS/platform_bionic/commit/9220cf622bab1099cbff937d88aa7ce2809bb9d4 #memprot pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8ef71d1ffd51664bc8d61fd029efa899a87ddc30 #memprot exit 10 https://github.com/GrapheneOS/platform_bionic/commit/0eaef1abbdcbf40c990fcba1bd91401bdd38a9c5 #xor 10 https://github.com/GrapheneOS/platform_bionic/commit/64f1cc2148c1834212f6704ba08b626696501271 #junk 10 https://github.com/GrapheneOS/platform_bionic/commit/5c42a527cf958ca3c81613178618d452e806994f #guard 10 https://github.com/GrapheneOS/platform_bionic/commit/5cc8c34e60dbfeb1fd996bf83bb01a0443d93a8a #pthread guard 10 https://github.com/GrapheneOS/platform_bionic/commit/7f61cc8a1c9abd04094a96959f242b7906fa3127 #stack rand 9 https://github.com/GrapheneOS/platform_system_core/commit/abdf523d26450814fc3f5c211f3baa643c48bae3 9 https://github.com/GrapheneOS/platform_bionic/commit/e4b9b31e6f9ff7eb9d168db6a99a775bf4f669c1 #explicit zero 9 https://github.com/GrapheneOS/platform_bionic/commit/a3a22a63d2cf265d5edc8cf613484e13fd03e19d #brk 9 https://github.com/GrapheneOS/platform_bionic/commit/7444dbc3cf11285fb94d5d00913016afd7b0dff2 #random 9 https://github.com/GrapheneOS/platform_bionic/commit/dcd3b72ac9cac79d4322a17be150c46f65ffb3cd #undefined 9 https://github.com/GrapheneOS/platform_bionic/commit/543e1df342cdd8720ce967d990ca28a2b9c26af2 #merge 9 https://github.com/GrapheneOS/platform_bionic/commit/611e5691f7e48aba8529e49b22885021f322b31e #vla formatting 9 https://github.com/GrapheneOS/platform_bionic/commit/8de97ce864cc781d077160a8efd4902d4338078c #pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/a47571704245e5514795f35bbcffdb8a533e738a #read only 9 https://github.com/GrapheneOS/platform_bionic/commit/7f0947cc0e4fc52a41ef8ecfba892f5534e1fee5 #zero 9 https://github.com/GrapheneOS/platform_bionic/commit/e9751d3370aa44e6ca77843f7c7a7aac67e5bcc0 #fork mmap 9 https://github.com/GrapheneOS/platform_bionic/commit/83cd86d0d522c64726dac41614c00f2534044f73 #memprot pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/1ebb1654556ed74d63e43fe7dbbceae5b20f569f #memprot exit 9 https://github.com/GrapheneOS/platform_bionic/commit/488ba483cf9ad195fda33b3250115a308bf03f75 #xor 9 https://github.com/GrapheneOS/platform_bionic/commit/f9351d884bddaf126a8fc45c8cb14e7ca2cf463b #junk 9 https://github.com/GrapheneOS/platform_bionic/commit/85e5bca0a525a1cb8142aa092286ae3424983dd5 #move Signed-off-by: Tad <tad@spotco.us>
2022-03-15 16:34:57 -04:00
--- a/libc/bionic/__cxa_thread_atexit_impl.cpp
+++ b/libc/bionic/__cxa_thread_atexit_impl.cpp
@@ -13,15 +13,17 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
+#include <stdint.h>
#include <sys/cdefs.h>
#include <private/bionic_defs.h>
+#include <private/bionic_globals.h>
#include "pthread_internal.h"
class thread_local_dtor {
public:
- void (*func) (void *);
+ uintptr_t func;
void *arg;
void *dso_handle; // unused...
thread_local_dtor* next;
@@ -35,7 +37,7 @@ __BIONIC_WEAK_FOR_NATIVE_BRIDGE
int __cxa_thread_atexit_impl(void (*func) (void *), void *arg, void *dso_handle) {
thread_local_dtor* dtor = new thread_local_dtor();
- dtor->func = func;
+ dtor->func = __libc_globals->dtor_cookie ^ reinterpret_cast<uintptr_t>(func);
dtor->arg = arg;
dtor->dso_handle = dso_handle;
@@ -54,7 +56,7 @@ extern "C" __LIBC_HIDDEN__ void __cxa_thread_finalize() {
thread_local_dtor* current = thread->thread_local_dtors;
thread->thread_local_dtors = current->next;
- current->func(current->arg);
+ (reinterpret_cast<void (*)(void*)>(__libc_globals->dtor_cookie ^ current->func))(current->arg);
if (__loader_remove_thread_local_dtor != nullptr) {
__loader_remove_thread_local_dtor(current->dso_handle);
}
diff --git a/libc/bionic/libc_init_common.cpp b/libc/bionic/libc_init_common.cpp
index 2396c3678..47555c598 100644
Add bionic hardening patchsets from GrapheneOS 11 https://github.com/GrapheneOS/platform_system_core/commit/b3a0c2c5db28852b6d485542c8a4f1649a256892 11 https://github.com/GrapheneOS/platform_bionic/commit/5412c371955014eee8b2246b386ae7f539bac09e #explicit zero 11 https://github.com/GrapheneOS/platform_bionic/commit/31456ac632903235e14500af8b5d7dff2d25d724 #brk 11 https://github.com/GrapheneOS/platform_bionic/commit/58ebc243ea3085056e6aba765d879807fa1a46d6 #random 11 https://github.com/GrapheneOS/platform_bionic/commit/5323b39f7ec1fce2d788f1c8a2c28cfd32d5ccc4 #undefined 11 https://github.com/GrapheneOS/platform_bionic/commit/6a91d9dddb01964134e50cc73f6f158706da800a #merge 11 https://github.com/GrapheneOS/platform_bionic/commit/a042b5a0bada9933b7c488003e8f9d8d0d195525 #vla formatting 11 https://github.com/GrapheneOS/platform_bionic/commit/9ec639de1bec2f655bdfc0750e363a6f8de31c4a #pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/49571a0a496539b9af763b8ef30c5b5db57c8be7 #read only 11 https://github.com/GrapheneOS/platform_bionic/commit/149cc5ccb870640b2536b6bd5dfa1292f9dd6178 #zero 11 https://github.com/GrapheneOS/platform_bionic/commit/2e613ccbe7a6b2aa8f1688ed8493267d12c66d23 #fork mmap 11 https://github.com/GrapheneOS/platform_bionic/commit/e239c7dff88bbc37a3e902a695565fdbf6ed0b08 #memprot pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/0b03d92b7f2dc5f12211037e99821ccead27a687 #xor 11 https://github.com/GrapheneOS/platform_bionic/commit/de08419b8256ab7daf6ef7c7835348f9aaeb7478 #junk 11 https://github.com/GrapheneOS/platform_bionic/commit/897d4903e24c9f6b772539e9f8e0bf3520ed8838 #guard 11 https://github.com/GrapheneOS/platform_bionic/commit/648cd68ca3ffefe685ae6acdae17171c8acfa75b #ptrhread guard 11 https://github.com/GrapheneOS/platform_bionic/commit/0bc4dbcbd27c7f48713913101fb3c868c215c1a3 #stack rand 10 https://github.com/GrapheneOS/platform_system_core/commit/aa9cc05d07a5855fcae2d9f21dd9672543eafbb3 10 https://github.com/GrapheneOS/platform_bionic/commit/a8cdbb6352e4ff708b791c7f3a976de8a6383105 #explicit zero 10 https://github.com/GrapheneOS/platform_bionic/commit/b28302c668013a5588a6939f0bbced0b7b288cc2 #brk 10 https://github.com/GrapheneOS/platform_bionic/commit/9f8be7d07cc063933f8def97672c7671dd4fc360 #random 10 https://github.com/GrapheneOS/platform_bionic/commit/cb91a7ee3aed607dab2d89f2f6b823bf28ea34a0 #undefined 10 https://github.com/GrapheneOS/platform_bionic/commit/08279e2fdd75d20ede2a56c326604f426557cea4 #merge 10 https://github.com/GrapheneOS/platform_bionic/commit/6a18bd565d9344db5f46f2bb423309dcb134be6e #vla formatting 10 https://github.com/GrapheneOS/platform_bionic/commit/2f392c2d081fad13f61164ab07841818b972f950 #pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8bbce1bc50f7b0fb210de3ef160542bbb08cdcc0 #read only 10 https://github.com/GrapheneOS/platform_bionic/commit/725f61db82eb41098291ce06445ccfbf5d5b3581 #zero 10 https://github.com/GrapheneOS/platform_bionic/commit/4cd257135f72ceb7ddd32538d2ba579736bf7a12 #fork mmap 10 https://github.com/GrapheneOS/platform_bionic/commit/9220cf622bab1099cbff937d88aa7ce2809bb9d4 #memprot pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8ef71d1ffd51664bc8d61fd029efa899a87ddc30 #memprot exit 10 https://github.com/GrapheneOS/platform_bionic/commit/0eaef1abbdcbf40c990fcba1bd91401bdd38a9c5 #xor 10 https://github.com/GrapheneOS/platform_bionic/commit/64f1cc2148c1834212f6704ba08b626696501271 #junk 10 https://github.com/GrapheneOS/platform_bionic/commit/5c42a527cf958ca3c81613178618d452e806994f #guard 10 https://github.com/GrapheneOS/platform_bionic/commit/5cc8c34e60dbfeb1fd996bf83bb01a0443d93a8a #pthread guard 10 https://github.com/GrapheneOS/platform_bionic/commit/7f61cc8a1c9abd04094a96959f242b7906fa3127 #stack rand 9 https://github.com/GrapheneOS/platform_system_core/commit/abdf523d26450814fc3f5c211f3baa643c48bae3 9 https://github.com/GrapheneOS/platform_bionic/commit/e4b9b31e6f9ff7eb9d168db6a99a775bf4f669c1 #explicit zero 9 https://github.com/GrapheneOS/platform_bionic/commit/a3a22a63d2cf265d5edc8cf613484e13fd03e19d #brk 9 https://github.com/GrapheneOS/platform_bionic/commit/7444dbc3cf11285fb94d5d00913016afd7b0dff2 #random 9 https://github.com/GrapheneOS/platform_bionic/commit/dcd3b72ac9cac79d4322a17be150c46f65ffb3cd #undefined 9 https://github.com/GrapheneOS/platform_bionic/commit/543e1df342cdd8720ce967d990ca28a2b9c26af2 #merge 9 https://github.com/GrapheneOS/platform_bionic/commit/611e5691f7e48aba8529e49b22885021f322b31e #vla formatting 9 https://github.com/GrapheneOS/platform_bionic/commit/8de97ce864cc781d077160a8efd4902d4338078c #pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/a47571704245e5514795f35bbcffdb8a533e738a #read only 9 https://github.com/GrapheneOS/platform_bionic/commit/7f0947cc0e4fc52a41ef8ecfba892f5534e1fee5 #zero 9 https://github.com/GrapheneOS/platform_bionic/commit/e9751d3370aa44e6ca77843f7c7a7aac67e5bcc0 #fork mmap 9 https://github.com/GrapheneOS/platform_bionic/commit/83cd86d0d522c64726dac41614c00f2534044f73 #memprot pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/1ebb1654556ed74d63e43fe7dbbceae5b20f569f #memprot exit 9 https://github.com/GrapheneOS/platform_bionic/commit/488ba483cf9ad195fda33b3250115a308bf03f75 #xor 9 https://github.com/GrapheneOS/platform_bionic/commit/f9351d884bddaf126a8fc45c8cb14e7ca2cf463b #junk 9 https://github.com/GrapheneOS/platform_bionic/commit/85e5bca0a525a1cb8142aa092286ae3424983dd5 #move Signed-off-by: Tad <tad@spotco.us>
2022-03-15 16:34:57 -04:00
--- a/libc/bionic/libc_init_common.cpp
+++ b/libc/bionic/libc_init_common.cpp
@@ -45,6 +45,7 @@
#include "private/KernelArgumentBlock.h"
#include "private/WriteProtected.h"
+#include "private/bionic_arc4random.h"
#include "private/bionic_auxv.h"
#include "private/bionic_defs.h"
#include "private/bionic_globals.h"
@@ -91,6 +92,7 @@ void __libc_init_globals(KernelArgumentBlock& args) {
__libc_globals.mutate([&args](libc_globals* globals) {
__libc_init_vdso(globals, args);
__libc_init_setjmp_cookie(globals, args);
+ arc4random_buf(&globals->dtor_cookie, sizeof(globals->dtor_cookie));
});
}
diff --git a/libc/private/bionic_globals.h b/libc/private/bionic_globals.h
index 94dd7e859..0361f4ed7 100644
Add bionic hardening patchsets from GrapheneOS 11 https://github.com/GrapheneOS/platform_system_core/commit/b3a0c2c5db28852b6d485542c8a4f1649a256892 11 https://github.com/GrapheneOS/platform_bionic/commit/5412c371955014eee8b2246b386ae7f539bac09e #explicit zero 11 https://github.com/GrapheneOS/platform_bionic/commit/31456ac632903235e14500af8b5d7dff2d25d724 #brk 11 https://github.com/GrapheneOS/platform_bionic/commit/58ebc243ea3085056e6aba765d879807fa1a46d6 #random 11 https://github.com/GrapheneOS/platform_bionic/commit/5323b39f7ec1fce2d788f1c8a2c28cfd32d5ccc4 #undefined 11 https://github.com/GrapheneOS/platform_bionic/commit/6a91d9dddb01964134e50cc73f6f158706da800a #merge 11 https://github.com/GrapheneOS/platform_bionic/commit/a042b5a0bada9933b7c488003e8f9d8d0d195525 #vla formatting 11 https://github.com/GrapheneOS/platform_bionic/commit/9ec639de1bec2f655bdfc0750e363a6f8de31c4a #pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/49571a0a496539b9af763b8ef30c5b5db57c8be7 #read only 11 https://github.com/GrapheneOS/platform_bionic/commit/149cc5ccb870640b2536b6bd5dfa1292f9dd6178 #zero 11 https://github.com/GrapheneOS/platform_bionic/commit/2e613ccbe7a6b2aa8f1688ed8493267d12c66d23 #fork mmap 11 https://github.com/GrapheneOS/platform_bionic/commit/e239c7dff88bbc37a3e902a695565fdbf6ed0b08 #memprot pthread 11 https://github.com/GrapheneOS/platform_bionic/commit/0b03d92b7f2dc5f12211037e99821ccead27a687 #xor 11 https://github.com/GrapheneOS/platform_bionic/commit/de08419b8256ab7daf6ef7c7835348f9aaeb7478 #junk 11 https://github.com/GrapheneOS/platform_bionic/commit/897d4903e24c9f6b772539e9f8e0bf3520ed8838 #guard 11 https://github.com/GrapheneOS/platform_bionic/commit/648cd68ca3ffefe685ae6acdae17171c8acfa75b #ptrhread guard 11 https://github.com/GrapheneOS/platform_bionic/commit/0bc4dbcbd27c7f48713913101fb3c868c215c1a3 #stack rand 10 https://github.com/GrapheneOS/platform_system_core/commit/aa9cc05d07a5855fcae2d9f21dd9672543eafbb3 10 https://github.com/GrapheneOS/platform_bionic/commit/a8cdbb6352e4ff708b791c7f3a976de8a6383105 #explicit zero 10 https://github.com/GrapheneOS/platform_bionic/commit/b28302c668013a5588a6939f0bbced0b7b288cc2 #brk 10 https://github.com/GrapheneOS/platform_bionic/commit/9f8be7d07cc063933f8def97672c7671dd4fc360 #random 10 https://github.com/GrapheneOS/platform_bionic/commit/cb91a7ee3aed607dab2d89f2f6b823bf28ea34a0 #undefined 10 https://github.com/GrapheneOS/platform_bionic/commit/08279e2fdd75d20ede2a56c326604f426557cea4 #merge 10 https://github.com/GrapheneOS/platform_bionic/commit/6a18bd565d9344db5f46f2bb423309dcb134be6e #vla formatting 10 https://github.com/GrapheneOS/platform_bionic/commit/2f392c2d081fad13f61164ab07841818b972f950 #pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8bbce1bc50f7b0fb210de3ef160542bbb08cdcc0 #read only 10 https://github.com/GrapheneOS/platform_bionic/commit/725f61db82eb41098291ce06445ccfbf5d5b3581 #zero 10 https://github.com/GrapheneOS/platform_bionic/commit/4cd257135f72ceb7ddd32538d2ba579736bf7a12 #fork mmap 10 https://github.com/GrapheneOS/platform_bionic/commit/9220cf622bab1099cbff937d88aa7ce2809bb9d4 #memprot pthread 10 https://github.com/GrapheneOS/platform_bionic/commit/8ef71d1ffd51664bc8d61fd029efa899a87ddc30 #memprot exit 10 https://github.com/GrapheneOS/platform_bionic/commit/0eaef1abbdcbf40c990fcba1bd91401bdd38a9c5 #xor 10 https://github.com/GrapheneOS/platform_bionic/commit/64f1cc2148c1834212f6704ba08b626696501271 #junk 10 https://github.com/GrapheneOS/platform_bionic/commit/5c42a527cf958ca3c81613178618d452e806994f #guard 10 https://github.com/GrapheneOS/platform_bionic/commit/5cc8c34e60dbfeb1fd996bf83bb01a0443d93a8a #pthread guard 10 https://github.com/GrapheneOS/platform_bionic/commit/7f61cc8a1c9abd04094a96959f242b7906fa3127 #stack rand 9 https://github.com/GrapheneOS/platform_system_core/commit/abdf523d26450814fc3f5c211f3baa643c48bae3 9 https://github.com/GrapheneOS/platform_bionic/commit/e4b9b31e6f9ff7eb9d168db6a99a775bf4f669c1 #explicit zero 9 https://github.com/GrapheneOS/platform_bionic/commit/a3a22a63d2cf265d5edc8cf613484e13fd03e19d #brk 9 https://github.com/GrapheneOS/platform_bionic/commit/7444dbc3cf11285fb94d5d00913016afd7b0dff2 #random 9 https://github.com/GrapheneOS/platform_bionic/commit/dcd3b72ac9cac79d4322a17be150c46f65ffb3cd #undefined 9 https://github.com/GrapheneOS/platform_bionic/commit/543e1df342cdd8720ce967d990ca28a2b9c26af2 #merge 9 https://github.com/GrapheneOS/platform_bionic/commit/611e5691f7e48aba8529e49b22885021f322b31e #vla formatting 9 https://github.com/GrapheneOS/platform_bionic/commit/8de97ce864cc781d077160a8efd4902d4338078c #pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/a47571704245e5514795f35bbcffdb8a533e738a #read only 9 https://github.com/GrapheneOS/platform_bionic/commit/7f0947cc0e4fc52a41ef8ecfba892f5534e1fee5 #zero 9 https://github.com/GrapheneOS/platform_bionic/commit/e9751d3370aa44e6ca77843f7c7a7aac67e5bcc0 #fork mmap 9 https://github.com/GrapheneOS/platform_bionic/commit/83cd86d0d522c64726dac41614c00f2534044f73 #memprot pthread 9 https://github.com/GrapheneOS/platform_bionic/commit/1ebb1654556ed74d63e43fe7dbbceae5b20f569f #memprot exit 9 https://github.com/GrapheneOS/platform_bionic/commit/488ba483cf9ad195fda33b3250115a308bf03f75 #xor 9 https://github.com/GrapheneOS/platform_bionic/commit/f9351d884bddaf126a8fc45c8cb14e7ca2cf463b #junk 9 https://github.com/GrapheneOS/platform_bionic/commit/85e5bca0a525a1cb8142aa092286ae3424983dd5 #move Signed-off-by: Tad <tad@spotco.us>
2022-03-15 16:34:57 -04:00
--- a/libc/private/bionic_globals.h
+++ b/libc/private/bionic_globals.h
@@ -37,6 +37,7 @@
struct libc_globals {
vdso_entry vdso[VDSO_END];
+ long dtor_cookie;
long setjmp_cookie;
MallocDispatch malloc_dispatch;
};